xn--gckcw1exf0j.xyz Open in urlscan Pro Puny
ダークウェブ.xyz IDN
219.94.192.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://xn--gckcw1exf0j.xyz/entry3.html
Submission: On December 28 via manual (December 28th 2023, 4:18:18 am UTC) from JP — Scanned from JP

Summary HTTP 110 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 18 domains to perform 110 HTTP transactions. The main IP is 219.94.192.106, located in Hiyoshi, Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is xn--gckcw1exf0j.xyz.

This is the only time xn--gckcw1exf0j.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	219.94.192.106 219.94.192.106	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
19	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
3 16	2404:6800:400... 2404:6800:4004:828::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:818::200a	15169 (GOOGLE) (GOOGLE)
26	2404:6800:400... 2404:6800:4004:818::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
6	172.217.25.162 172.217.25.162	15169 (GOOGLE) (GOOGLE)
2 4	2404:6800:400... 2404:6800:4004:823::2004	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
2	142.251.222.6 142.251.222.6	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:828::2006	15169 (GOOGLE) (GOOGLE)
1 1	52.198.52.119 52.198.52.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:216... 2600:9000:2163:2400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 10	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
3 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
1 1	13.114.222.29 13.114.222.29	16509 (AMAZON-02) (AMAZON-02)
1 1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
110	17

7 219.94.192.106 (Hiyoshi, Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www1696.sakura.ne.jp

xn--gckcw1exf0j.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:828::2002 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2404:6800:4004:818::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.25.162 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s13-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:823::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.222.6 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.198.52.119 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-52-119.ap-northeast-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2163:2400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.42.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.232.238.37 (Tokyo, Japan) 2 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.222.29 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-222-29.ap-northeast-1.compute.amazonaws.com

dynalyst-sync.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

gtrace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	602 KB
28	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	238 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	172 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
7	xn--gckcw1exf0j.xyz xn--gckcw1exf0j.xyz	177 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	863 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	258 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	2 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2269	961 B
2	fout.jp 2 redirects sync.fout.jp — Cisco Umbrella Rank: 55430	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	microad.jp 2 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722 aid.send.microad.jp — Cisco Umbrella Rank: 7197	1 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 718 static.adsafeprotected.com — Cisco Umbrella Rank: 602	694 B
1	mediago.io 1 redirects gtrace.mediago.io	467 B
1	adtdp.com 1 redirects dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 35120	588 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	26 KB
110	18

	Domain	Requested by
26	tpc.googlesyndication.com	googleads.g.doubleclick.net xn--gckcw1exf0j.xyz tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	xn--gckcw1exf0j.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net
7	xn--gckcw1exf0j.xyz	xn--gckcw1exf0j.xyz
6	www.googleadservices.com	googleads.g.doubleclick.net xn--gckcw1exf0j.xyz
6	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
2	a.sportradarserving.com	2 redirects
2	sync.fout.jp	2 redirects
2	ad.doubleclick.net	xn--gckcw1exf0j.xyz
1	gtrace.mediago.io	1 redirects
1	aid.send.microad.jp	1 redirects
1	dynalyst-sync.adtdp.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	s-cs.send.microad.jp	1 redirects
1	static.adsafeprotected.com	xn--gckcw1exf0j.xyz
1	pixel.adsafeprotected.com	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
110	25

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 22 frames:

Primary Page: http://xn--gckcw1exf0j.xyz/entry3.html
Frame ID: 0A86DD9525613C0D0B06CA7555A0AEA7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: AE9A88B41B4DBAB443A8E8AA3CD04293
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=9332553983&adk=874962614&adf=881262486&pi=t.ma~as.9332553983&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093382&bpp=19&bdt=92&idt=242&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4164517330755&frm=20&pv=2&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=263
Frame ID: AD3F2D38C26E35781933BDDE1106BF0B
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=2384002255&adk=256626560&adf=2237390578&pi=t.ma~as.2384002255&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093401&bpp=1&bdt=112&idt=257&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=260
Frame ID: A9EC93CD17C0C00FD42A793DF21202C8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=8374695531&adk=3453802667&adf=2019442415&pi=t.ma~as.8374695531&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093402&bpp=1&bdt=112&idt=261&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=264
Frame ID: 05D099E2AF536992D8EEC7B72E197ED2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&adk=1812271804&adf=3025194257&lmt=1553540818&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703737093419&bpp=3&bdt=129&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280&nras=1&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
Frame ID: 1EFF2E88102F9D8F04C5EF2D642090E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6EBE564B9682FA920CD664D31DC6E52D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A656F69BF4DC7B46E47743C8131D168
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=240&adk=1905667304&adf=2701356922&pi=t.aa~a.1043414356~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=280x240&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0&nras=2&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=1351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Frame ID: 47BA7D1671C27610BB54EA3B4FA53C45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=1200x90&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0%2C280x240&nras=3&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=6
Frame ID: 372B9D113806361A28ADFE3C5946856A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 21884F932322C07D05C3D0107931518B
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C600&text=%E3%83%88%E4%BC%9A%E5%80%8B%E3%83%8E%E3%82%B3%E3%80%81%20%EF%BC%81%E5%89%8A%E3%82%B9%E5%BA%95%E3%81%8F%E6%94%AF0%E3%82%B7%2C%E9%96%8B%E8%A6%A7%E3%81%94%E3%81%84%E3%81%9C%E3%83%BC%E3%83%AA%E3%82%92%E3%81%8A%E7%A4%BE%E6%B8%9B%E3%83%9F%E8%AA%BF%E5%BC%8F%E9%81%941%E6%8F%B4%E3%81%B2%E3%82%A8%E3%82%BA%E5%BE%B9%E6%A0%AA%E3%81%A0%E5%BE%97%E3%81%A7%E3%81%95%E3%82%82
Frame ID: EA0FC777BAC6366A68315A12245DD99D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: C9C93FFAE8869FBDA7D16A5A995EE9F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYhK-24QEwAQ&v=APEucNUKOzUPvy8L0gkJvhDBK2XLUcVc1qIPsfIEf5N7fPWA6ceYR0rj-mqGOQ9LS0MvTu4-JH8wLcSBq0I1W7F_-xChCCHJrw
Frame ID: 60F157499521CBF447C5E064987B36AF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Frame ID: 8EEFB922E63D2862842940A27B46E787
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFF1A16B853A07A6B5D481D6C957D560
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 51EEF17F3B78C68521FE1A8CDDC378BA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 2407B4E9A02A0858C98306B65B39677E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: B275C235EFD576DF3EB3421374252520
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6588FF00E017033746C0CD2EC6708192
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9290001C3AE02EDFFA74F239F2E2CA25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D37BC78D2FD2CE0E2E58F4EFD91BF0B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ダークウェブで児童コンテンツを見たい方へ【必見】

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

110
Requests

80 %
HTTPS

46 %
IPv6

18
Domains

25
Subdomains

17
IPs

4
Countries

1481 kB
Transfer

3685 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj7unBfeMZd63KqaVvcAPhZ-zsAGPsKr_dL20hZKEEv74gNrDARABIIqetR1gifPFhPQToAHfrf7mKcgBAagDAcgDywSqBOcBT9BtmwDKzOBFndTC6S-VpaV6cdAqza_ISM7Ml_gPjoEx6Ben9M3cwZv3rDGfE8Hk8klJHtsLcqq5N6jcwuiBWa7qP9LPHHbC2YuhNRpDtWkOKxAvofAcUnOS-U8mi1lDwzRVfNz_J0JwRlLWPoY1VW-z_mcMTFETBuwvEUk_ZGIECb6SkaWY_vHeBH0j73XSgQ8JEVs7dpkHi9yDMJGHdkGq7psWPbrdQRW64KfcgMLYcg418ymMFa-vK-o3u26lr9yHuwiF-5CnzQxLT4_TzEDhktSfqL4dVArffJOVG-nV44IZmF94wAS43vuCzwSIBYTn08dNkgUECAQYAZIFBAgFGASAB9_lzsYEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ8owG0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliMroqio7GDA5oJuQFodHRwczovL2NhbXBpbmdoYW1vaXIuY29tP3V0bV90ZXJtPSZnY2xpZD17Z2NsaWR9JnV0bV9jcmVhdGl2ZT02ODMwMzIxNzIzNzgmdXRtX2NhbXBhaWduPTIwODE5ODAwOTY0JnV0bV9wb3NpdGlvbj0mdXRtX25ldHdvcms9ZCZ1dG1fdGFyZ2V0PSZ1dG1fcGxhY2VtZW50PXhuLS1nY2tjdzFleGYwai54eXomdXRtX21hdGNoPYAKAcgLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2gwRCgsQkNjsuqjyt_rDARICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItMDQ3MTM4MjkwMDAzNzg1MxgAshgEEgLHTw&sigh=FZFG0Zzg6jU&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_9O3LTVdU1ndjXKConUL13FJo54QYqI6tjmjM-JvtTAP4Knv7TclCasChwPjm4I9MyHhX22KdzMOjWvWETFxHx9RN9f70E0MfvxgB&template_id=5020&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17b7846cde56137f0000000000000000%22,%222%22:%220xe5299ced3caa97480000000000000000%22,%223%22:%220xa400ecf848e888c0000000000000000%22,%224%22:%220xe5321ca503f68dd60000000000000000%22,%225%22:%220x166ad42e433d1770000000000000000%22},%22debug_key%22:%2213574791590757319740%22,%22debug_reporting%22:true,%22destination%22:%22https://campinghamoir.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211221833439%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224577708221403674929%22}&andc=true

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://googleads.g.doubleclick.net/pagead/adview?ai=C2BqyBfeMZdTYKYPtvcAPspapyAfZxLeEdeeg3KadEpvcspjUDhABIIqetR1gifPFhPQToAGhkrrMAsgBCakCq5lS_ZlLPj6oAwHIA8sEqgTWAU_QFmmEtt2Mg0lXzKxX2C2gXtYbtEguvijgSCvdWICf79oTqbgIQidMbj5BWTc4txwwMy4TF7UUvkZW84triDZu7GjLdbmiNggWkgPWtWFNS1sAKhOZO7Z4S1X5bhZH3UgSxEFj8Be698xzyAD9VYumUkJ9jmvF1FHCMqyuLVOBE7ChXFlwl3bHcz4NVQwhKiMnZUoDUBU1QObBqZ-pTlLToy-nanRt_mMHKtR3RRsdZ0FntTPBSbD-Kbji9GscMV_rOoT_ds0QnY2b1zVQUHEUVGmVVtHABOmf54jABIgFzdmf3k2gBi6AB8ftxbMBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQkN4D0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljR0Imio7GDA5oJtwFodHRwczovL21pdHN1aS1zaG9wcGluZy1wYXJrLmNvbS9sYWxhcG9ydC9zcGVjaWFsL3dpbnRlcmJhcmdhaW4yMDIzLz91dG1fbWVkaXVtPWRpc3BsYXkmdXRtX3NvdXJjZT1nZG4mdXRtX2NhbXBhaWduPTIwMjN3YiZ1dG1fdGVybT1oZDIwMjAxMSZ1dG1fY29udGVudD0yMDIzd2JjZC0zMG0mdXRtX2ZhY2lsaXR5PVIwMDCACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwQCgoQgJfc2fSoweAPEgIBA9gTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0wNDcxMzgyOTAwMDM3ODUzGAA&sigh=MkBQ0-8TBSs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_SQWdyXtoKKo7F1Ny1lJMkkrPc4uQkIoXsdsLLSLwKzwAnfnLniCW8l2SRLpNEFJHRrorYTABhBAPbViFzNqK5bNYdXcJxmCtxg8YAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4f33521f04d458550000000000000000%22,%222%22:%220xd98946265a3f91bc0000000000000000%22,%223%22:%220x5615f55022711c4b0000000000000000%22,%224%22:%220x975f10a7723795f20000000000000000%22,%225%22:%220x5831948c2371342c0000000000000000%22},%22debug_key%22:%225722076119643541792%22,%22debug_reporting%22:true,%22destination%22:%22https://mitsui-shopping-park.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22697207073%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226184036158494393009%22}&andc=true

Request Chain 85

https://pixel.adsafeprotected.com/rfw/st/1874107/77013038/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&cbvp=2 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&cbvp=2

Request Chain 86

https://googleads.g.doubleclick.net/pagead/adview?ai=CWWkyBfeMZaLDKqCAvcAPl4qW8AePsKr_dID9y_f9Ef74gNrDARABIIqetR1gifPFhPQToAHfrf7mKcgBAagDAcgDywSqBO0BT9DgCHfA1pcLvuw4dsURU2CVxVSIVY7FDKVwQiUvM3C9iBCAO14p6uw5D16ZDP4NRrMY5z8SWKri4lMdTiYfV_djX9DkCt4gQNemENK6W-1YQfysbAFADWF21KSjbGn_0jLM5kEtX90bTzoZ1w1KSDoX19xE1FIIMgpSWwaWC1RX7rSAYxaHBKXnJPa5jxMiFXjqLodFk4ck2JNXRmAkMwb5SfbJ1L13znn5vRcB4JTVF8WSxEGqywidy9fiPlw0WwMqNdhviulLKkbS5YxYscOb3ca_oLcC6Bl0V6wB8S8cewImNuD5piTa3iJhwASKkvnlywSIBYTn08dNkgUECAQYAZIFBAgFGASAB9_lzsYEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQzrcF0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOliMvIqio7GDA5oJuQFodHRwczovL2NhbXBpbmdoYW1vaXIuY29tP3V0bV90ZXJtPSZnY2xpZD17Z2NsaWR9JnV0bV9jcmVhdGl2ZT02ODI5ODE3Nzk4MDImdXRtX2NhbXBhaWduPTIwODE5ODAwOTY0JnV0bV9wb3NpdGlvbj0mdXRtX25ldHdvcms9ZCZ1dG1fdGFyZ2V0PSZ1dG1fcGxhY2VtZW50PXhuLS1nY2tjdzFleGYwai54eXomdXRtX21hdGNoPYAKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLaDBAKChDgqJecvaXS0EgSAgED2BMM0BUBgBcBshccChoIABIUcHViLTA0NzEzODI5MDAwMzc4NTMYAA&sigh=kBW1G3r1LLw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_FMayw6MKCmsXGaWYu1zYyDqWpwWJfK-x4542Iqr-bSG92vBS9urNdyRpXipXGhP_GSUIeNwgzo-lNdv9-DN3IRYRdAQjxPwzT-EYAQ&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17b7846cde56137f0000000000000000%22,%222%22:%220xe5299ced3caa97480000000000000000%22,%223%22:%220xa400ecf848e888c0000000000000000%22,%224%22:%220xeec2b5fa6c5af090000000000000000%22,%225%22:%220x166ad42e433d1770000000000000000%22},%22debug_key%22:%224496403670419676596%22,%22debug_reporting%22:true,%22destination%22:%22https://campinghamoir.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211221833439%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218328750189948989505%22}&andc=true

Request Chain 89

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYz3Bq4xvWneDONVXaCZaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1

Request Chain 98

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOBQH1AJsMZ6J5E73IbRP1I&google_cver=1&google_push=AXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOBQH1AJsMZ6J5E73IbRP1I&google_cver=1&google_push=AXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 99

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEOFn2RVBYoUopw6kzCvQfPE&google_cver=1&google_push=AXcoOmRmLDgcYq0Megd2D5LL3jisCA5PYT2OOnvw2S6jUhvlEZjUEq6LxkQEpgnLI9YmvjoiCgjgLENMeguQsusL-IiGlRpL07pD4sE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRmLDgcYq0Megd2D5LL3jisCA5PYT2OOnvw2S6jUhvlEZjUEq6LxkQEpgnLI9YmvjoiCgjgLENMeguQsusL-IiGlRpL07pD4sE&google_hm=N19VNHpBakRwNEtwOXFvTTNDMTlPN3o4SUsw&from_google=pc1

Request Chain 100

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEOFn2RVBYoUopw6kzCvQfPE&google_cver=1&google_push=AXcoOmRpxjQPXbq-tk3X5hpClNrX82xLQhL3Qa_zWQI1OqxhYMzV67WpYz6iIs2Abg858hDpnc9KTQlLJvrwKS9D1HiET2iKJ2hOSg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRpxjQPXbq-tk3X5hpClNrX82xLQhL3Qa_zWQI1OqxhYMzV67WpYz6iIs2Abg858hDpnc9KTQlLJvrwKS9D1HiET2iKJ2hOSg&google_hm=&from_google=sp1

Request Chain 101

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJGq6cYUry_JLDzL6SHgpXM&google_cver=1&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a1YkqkiyaO0LFMqDiY HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJGq6cYUry_JLDzL6SHgpXM&google_cver=1&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a1YkqkiyaO0LFMqDiY HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1c5ba179-fa51-4a30-bfcf-6b5ace50234e&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a1YkqkiyaO0LFMqDiY&google_hm=5hJn-CLlTEm49ehiC0r-Kg==

Request Chain 102

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEBHyEuQ9xj3eAbnXHSCjGbo&google_cver=1&google_push=AXcoOmSjEaWB8lFSZH07490A9rS2QOPP3rig9acwXY9plVsfXjZY1BGUvOlpJHGcWl_hNHbArwKT4fWJTIuCYXI8_IVnGXlue_cOSXM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc5ODk5NzM3MjY&google_push=AXcoOmSjEaWB8lFSZH07490A9rS2QOPP3rig9acwXY9plVsfXjZY1BGUvOlpJHGcWl_hNHbArwKT4fWJTIuCYXI8_IVnGXlue_cOSXM

Request Chain 103

https://aid.send.microad.jp/g/asr?google_gid=CAESELKKOwrU-7g6Otqhm8rzf5E&google_cver=1&google_push=AXcoOmQuz8XlmeBq1F8sQ_CHt28dGwXMZQlWYfMqLYolmrRw3g_Cnh9qSDNKGeJD3TK_mYsN_WSe0ALt90MFL8Xg2HzpeFKtlb-5PXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=X2r0x7usIZ4Iho6L6tNqZ07x/amylEpe

Request Chain 104

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEJa7MGE4udxTa6yH4ukkamk&google_cver=1&google_push=AXcoOmSgRzLJBEAti90Zbo7orEzzOPEmH9Ux9nrFOF7-wtjdquioFTU_0iTq0Yxl5fX_Vx-qrH9NoodFfJMxY-jGpgOsiblJm1aUzR4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSgRzLJBEAti90Zbo7orEzzOPEmH9Ux9nrFOF7-wtjdquioFTU_0iTq0Yxl5fX_Vx-qrH9NoodFfJMxY-jGpgOsiblJm1aUzR4&google_hm=f5ef61ca9cfd996c2ld3km00lqop2sb5

110 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request entry3.html Show response
xn--gckcw1exf0j.xyz/ 10 KB
10 KB 35ms
10ms Document
text/html 219.94.192.106
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--gckcw1exf0j.xyz/entry3.html
Protocol: HTTP/1.1
Server: 219.94.192.106 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1696.sakura.ne.jp
Software: nginx /
Resource Hash: d6d9804da5d2f5c6eb61c46c756a46c8fd5c89f07f05ac34e2ad0f5b9967fb3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 10361
Content-Type: text/html
Date: Thu, 28 Dec 2023 04:18:13 GMT
ETag: "2879-584efe899d880"
Last-Modified: Mon, 25 Mar 2019 19:06:58 GMT
Server: nginx

GET
H/1.1 200
OK styles.css
xn--gckcw1exf0j.xyz/ 73 KB
73 KB 11ms
10ms Stylesheet
text/css 219.94.192.106
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--gckcw1exf0j.xyz/styles.css
Requested by: Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html
Protocol: HTTP/1.1
Server: 219.94.192.106 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1696.sakura.ne.jp
Software: nginx /
Resource Hash: e3807f1612c77d994a88464f03fd99ffb1ee190bc6b26e12ee0c2eae182fab12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/entry3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 04:18:13 GMT
Last-Modified: Sat, 08 Sep 2018 17:09:31 GMT
Server: nginx
ETag: "12204-5755f2ffce8c0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74244

GET
H/1.1 200
OK textstyles.css
xn--gckcw1exf0j.xyz/css/ 9 KB
9 KB 22ms
12ms Stylesheet
text/css 219.94.192.106
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--gckcw1exf0j.xyz/css/textstyles.css
Requested by: Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html
Protocol: HTTP/1.1
Server: 219.94.192.106 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1696.sakura.ne.jp
Software: nginx /
Resource Hash: c1eecb5ac00d3ce7d2b8bb68bd8bbb9b417540468804cf9522170195ddabf15e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/entry3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 04:18:13 GMT
Last-Modified: Sat, 08 Sep 2018 17:09:32 GMT
Server: nginx
ETag: "22d3-5755f300c2b00"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8915

GET
H/1.1 200
OK header.jpg
xn--gckcw1exf0j.xyz/img/ 28 KB
28 KB 22ms
13ms Image
image/jpeg 219.94.192.106
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xn--gckcw1exf0j.xyz/img/header.jpg
Requested by: Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html
Protocol: HTTP/1.1
Server: 219.94.192.106 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1696.sakura.ne.jp
Software: nginx /
Resource Hash: 8bdde31c8661fbf5147358aa8d7da2eb1e299702e28c0c1db76bd83c9a0240f6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/entry3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 04:18:13 GMT
Last-Modified: Sat, 08 Sep 2018 17:09:52 GMT
Server: nginx
ETag: "70ad-5755f313d5800"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28845

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 57ms
53ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

HTTP/1.1

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3579a3ac1c912a6cd5cc1eaec07e57be38b8596a3d5aef4967b94726dfd3a58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 04:18:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54482
X-XSS-Protection: 0
Server: cafe
ETag: 18432873527459941470
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Expires: Thu, 28 Dec 2023 04:18:13 GMT

GET
H/1.1 200
OK tables.css
xn--gckcw1exf0j.xyz/css/ 7 KB
7 KB 10ms
9ms Stylesheet
text/css 219.94.192.106
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--gckcw1exf0j.xyz/css/tables.css
Requested by: Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/styles.css
Protocol: HTTP/1.1
Server: 219.94.192.106 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1696.sakura.ne.jp
Software: nginx /
Resource Hash: ac2225d476a61229b3c522d18ec5e6bb88b112d84f7585bd55db7fb317e1223f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 04:18:13 GMT
Last-Modified: Sat, 08 Sep 2018 17:09:31 GMT
Server: nginx
ETag: "1b05-5755f2ffce8c0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6917

GET
H/1.1 200
OK commonstyles.css
xn--gckcw1exf0j.xyz/css/ 47 KB
48 KB 10ms
10ms Stylesheet
text/css 219.94.192.106
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--gckcw1exf0j.xyz/css/commonstyles.css
Requested by: Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/styles.css
Protocol: HTTP/1.1
Server: 219.94.192.106 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1696.sakura.ne.jp
Software: nginx /
Resource Hash: 5473059051d21ac70873da70aa51cf39b44d0956d0ef8c6de2e49df45b4d85e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 04:18:13 GMT
Last-Modified: Sat, 08 Sep 2018 17:09:31 GMT
Server: nginx
ETag: "bd65-5755f2ffce8c0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48485

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 131ms
90ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3daf0087328ac0d7f9f66a3a9f45dbbb8cf82a42b8bc9ba0b1786403399757a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137930
x-xss-protection: 0
server: cafe
etag: 9557982395221858775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:18:13 GMT

GET
H/1.1 200
OK menu_h4.png
xn--gckcw1exf0j.xyz/img/ 1 KB
2 KB 9ms
9ms Image
image/png 219.94.192.106
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xn--gckcw1exf0j.xyz/img/menu_h4.png
Requested by: Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/styles.css
Protocol: HTTP/1.1
Server: 219.94.192.106 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1696.sakura.ne.jp
Software: nginx /
Resource Hash: d2530e59953102b3490928cc7e37f96047ca362de4b5e800f4851b137ceed05d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 04:18:13 GMT
Last-Modified: Sat, 08 Sep 2018 17:09:55 GMT
Server: nginx
ETag: "5c8-5755f316b1ec0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1480

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame AE9A 9 KB
4 KB 48ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 5929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 02:39:24 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 02:39:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD3F 140 KB
46 KB 331ms
330ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=9332553983&adk=874962614&adf=881262486&pi=t.ma~as.9332553983&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093382&bpp=19&bdt=92&idt=242&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4164517330755&frm=20&pv=2&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=263

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b61ea1316f930131524501ff55497e66c55c99e57bc8e26408eacf808da000b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:13 GMT
expires: Thu, 28 Dec 2023 04:18:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9EC 118 KB
39 KB 319ms
319ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=2384002255&adk=256626560&adf=2237390578&pi=t.ma~as.2384002255&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093401&bpp=1&bdt=112&idt=257&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=260

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c29fadf6f1e3d7859f4ff1b511639125c99f0de7f5c864ce97872d9f1b127bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40256
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:13 GMT
expires: Thu, 28 Dec 2023 04:18:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05D0 123 KB
41 KB 285ms
284ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=8374695531&adk=3453802667&adf=2019442415&pi=t.ma~as.8374695531&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093402&bpp=1&bdt=112&idt=261&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=264

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ca3f602fb93f30496744b8fb602c963fbe2db4b3129a11a2171d87025e3edb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:13 GMT
expires: Thu, 28 Dec 2023 04:18:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EFF 251 KB
56 KB 289ms
289ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&adk=1812271804&adf=3025194257&lmt=1553540818&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703737093419&bpp=3&bdt=129&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280&nras=1&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c495dec66bc17c37c1ff14cef4e9eb8cd1221a9ed19548ca9a4fc3dbdc42b32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57608
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:13 GMT
expires: Thu, 28 Dec 2023 04:18:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 05D0 317 B
728 B 91ms
39ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%82%92%E3%81%93%E3%83%AA%E5%83%8F%E3%81%99%E3%83%83%E3%82%AF%E3%81%A8%E7%94%BB%E3%81%8F%E3%81%8C%E9%96%8B%E4%BD%93%E3%82%8B%E5%85%A8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=8374695531&adk=3453802667&adf=2019442415&pi=t.ma~as.8374695531&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093402&bpp=1&bdt=112&idt=261&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e38226429e12811fcd0bc6040e2e916cc5ad552df5aa8c1ebab799b9e58b2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 04:18:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 05D0 14 KB
1 KB 92ms
40ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 02:55:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AD3F 882 B
486 B 51ms
39ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%A8%E3%81%9F%E4%BB%8A%E3%82%B9%E3%83%AB%E3%81%8B%E3%81%84%E3%83%80%E8%A6%8B%E3%81%94%E5%BE%8C%E3%83%A0%E6%9C%80%E5%BE%97%E5%B9%B4%E3%81%BD%E3%81%97%E8%A4%92%E3%83%81%E8%B2%B7%E3%81%8C%E3%83%88%E3%83%A3%E3%82%A4%E3%82%A6%E3%82%82%E3%82%8B%E3%83%86%E3%82%AB%E6%AC%B2%E3%82%A2%E3%82%89%E3%83%BC%E3%83%B3%E3%82%BB%E3%81%8A%E3%81%AE%E3%80%82%E7%BE%8E%E3%81%A3%E3%82%92

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=9332553983&adk=874962614&adf=881262486&pi=t.ma~as.9332553983&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093382&bpp=19&bdt=92&idt=242&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4164517330755&frm=20&pv=2&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=263

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2e6c61659d372e694c7f76af7753f916bc36cac7aca4f69622d2db6c29fbe9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 04:18:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AD3F 2 KB
875 B 53ms
7ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame AD3F 23 KB
9 KB 8ms
2ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 19:50:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AD3F 3 KB
1 KB 8ms
3ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AD3F 20 KB
8 KB 49ms
3ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD3F 203 KB
64 KB 566ms
511ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame AD3F 37 KB
15 KB 13ms
6ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 09:32:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A9EC 317 B
369 B 49ms
39ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%99%E9%96%8B%E3%81%8F%E3%82%AF%E3%81%A8%E3%82%8B%E5%83%8F%E3%81%8C%E3%81%93%E3%82%92%E5%85%A8%E4%BD%93%E3%83%AA%E7%94%BB%E3%83%83

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=2384002255&adk=256626560&adf=2237390578&pi=t.ma~as.2384002255&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093401&bpp=1&bdt=112&idt=257&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e38226429e12811fcd0bc6040e2e916cc5ad552df5aa8c1ebab799b9e58b2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 04:18:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A9EC 14 KB
1 KB 52ms
43ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 02:46:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A9EC 2 KB
856 B 4ms
2ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A9EC 23 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 19:50:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A9EC 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A9EC 20 KB
9 KB 45ms
2ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A9EC 202 KB
61 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 03:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:42:20 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame A9EC 37 KB
15 KB 6ms
5ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 09:32:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 05D0 2 KB
856 B 47ms
8ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 05D0 23 KB
9 KB 44ms
6ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 19:50:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EBE 143 B
166 B 4ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=8374695531&adk=3453802667&adf=2019442415&pi=t.ma~as.8374695531&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093402&bpp=1&bdt=112&idt=261&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=3152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=264
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 03:32:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 05D0 3 KB
1 KB 44ms
7ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 05D0 20 KB
8 KB 40ms
3ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05D0 203 KB
65 KB 553ms
508ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 05D0 37 KB
16 KB 49ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 09:32:58 GMT

GET
DATA 200
OK truncated
/ Frame 05D0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A9EC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj7unBfeMZd63KqaVvcAPhZ-zsAGPsKr_dL20hZKEEv74gNrDARABIIqetR1gifPFhPQToAHfrf7mKcgBAagDAcgDywSqBOcBT9BtmwDKzOBFndTC6S-VpaV6cdAqza_ISM7Ml_gPjoEx6Be...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17b7846cde56137f0000000000000000%22,%222%22:%220xe5299ced3caa97480000000000000000%22,%223%22:%220xa400ec...

0
0

91ms
49ms

Fetch
text/css

172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17b7846cde56137f0000000000000000%22,%222%22:%220xe5299ced3caa97480000000000000000%22,%223%22:%220xa400ecf848e888c0000000000000000%22,%224%22:%220xe5321ca503f68dd60000000000000000%22,%225%22:%220x166ad42e433d1770000000000000000%22},%22debug_key%22:%2213574791590757319740%22,%22debug_reporting%22:true,%22destination%22:%22https://campinghamoir.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211221833439%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224577708221403674929%22}&andc=true

Requested by

Protocol

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x17b7846cde56137f0000000000000000","2":"0xe5299ced3caa97480000000000000000","3":"0xa400ecf848e888c0000000000000000","4":"0xe5321ca503f68dd60000000000000000","5":"0x166ad42e433d1770000000000000000"},"debug_key":"13574791590757319740","debug_reporting":true,"destination":"https://campinghamoir.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11221833439"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"4577708221403674929"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 04:18:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x17b7846cde56137f0000000000000000","2":"0xe5299ced3caa97480000000000000000","3":"0xa400ecf848e888c0000000000000000","4":"0xe5321ca503f68dd60000000000000000","5":"0x166ad42e433d1770000000000000000"},"debug_key":"13574791590757319740","debug_reporting":true,"destination":"https://campinghamoir.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11221833439"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"4577708221403674929"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A65 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=280&slotname=2384002255&adk=256626560&adf=2237390578&pi=t.ma~as.2384002255&w=640&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&format=640x280&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703737093401&bpp=1&bdt=112&idt=257&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=630&ady=2258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=260
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 03:32:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 89ms
88ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45b6b5b4c9a40f1588ac9e5acefd6e1a93a4c25e6dcaa2b4d733bb9cca4c98e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56012
x-xss-protection: 0
server: cafe
etag: 16967867446542348475
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5728195947478688770/ Frame AD3F 24 KB
24 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5728195947478688770/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7284afe299c329acbf3376e805514b75c65f3a2fbd0dbbb336e501c6ff062795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 01:30:19 GMT
date: Fri, 22 Dec 2023 01:30:19 GMT
x-content-type-options: nosniff
age: 528475
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24556
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 00:50:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame AD3F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AD3F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A9EC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47BA 733 B
385 B 295ms
295ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=240&adk=1905667304&adf=2701356922&pi=t.aa~a.1043414356~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=280x240&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0&nras=2&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=1351&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91bba59f4e3d5cd2627c762547b4af10a61f39a933aeae177b997c8fd3c8f65f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 372B 105 KB
44 KB 481ms
480ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=1200x90&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0%2C280x240&nras=3&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec92c82074179f49e81058167678ea416faa77d110e65391f8ccd177b09c9b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44798
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 112ms
50ms Preflight
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 04:18:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EBE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

76ms
76ms

Document
text/html

2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:14 GMT
expires: Thu, 28 Dec 2023 04:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A9EC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9497cf5764f2cabd498284ff090fc4e2b1e6e66dad347267d76607b63cf69c9c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AD3F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a8c9f8511d9e3410aa1446aa2a3ce6b97874f06efc60ebb714fa2a8a36316c3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 2188 9 KB
4 KB 3ms
3ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 38200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 17:41:34 GMT
etag: 5585625838579639069
expires: Wed, 10 Jan 2024 17:41:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A65
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
49ms

Document
text/html

2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:14 GMT
expires: Thu, 28 Dec 2023 04:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2188 4 KB
744 B 38ms
37ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 03:16:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2188 205 B
520 B 3ms
2ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:42:26 GMT
x-content-type-options: nosniff
age: 408948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 Dec 2024 10:42:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2188 604 B
696 B 3ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 19:49:36 GMT
x-content-type-options: nosniff
age: 116918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Dec 2024 19:49:36 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 2188 16 KB
7 KB 4ms
4ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 21:03:06 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 2188 22 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA0F 836 B
416 B 41ms
41ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C600&text=%E3%83%88%E4%BC%9A%E5%80%8B%E3%83%8E%E3%82%B3%E3%80%81%20%EF%BC%81%E5%89%8A%E3%82%B9%E5%BA%95%E3%81%8F%E6%94%AF0%E3%82%B7%2C%E9%96%8B%E8%A6%A7%E3%81%94%E3%81%84%E3%81%9C%E3%83%BC%E3%83%AA%E3%82%92%E3%81%8A%E7%A4%BE%E6%B8%9B%E3%83%9F%E8%AA%BF%E5%BC%8F%E9%81%941%E6%8F%B4%E3%81%B2%E3%82%A8%E3%82%BA%E5%BE%B9%E6%A0%AA%E3%81%A0%E5%BE%97%E3%81%A7%E3%81%95%E3%82%82

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d472aa07305460c0aa23d331143847b115956ee9f348d191ae183bb854e0e05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 04:18:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EA0F 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EA0F 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 19:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 19:50:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EA0F 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EA0F 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA0F 203 KB
64 KB 214ms
213ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame EA0F 37 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 09:32:58 GMT

GET
DATA 200
OK truncated
/ Frame 05D0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 324ea6b0ef5f248669fb0e625c57ef2c76e89b73299620fccf5b5368a60675e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A9EC 33 KB
34 KB 49ms
7ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:22:44 GMT
x-content-type-options: nosniff
age: 410130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Dec 2024 10:22:44 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame A9EC 6 KB
6 KB 51ms
11ms Font
text/html 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj757AlFe-MyMW7V3nykTMsL-Rz4_PaZihXiLtlVznFr7qozrq3nBB3KgqNx4wFFJFqsMR_6agRZcerr54zjzK-X1z-f5rzg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%99%E9%96%8B%E3%81%8F%E3%82%AF%E3%81%A8%E3%82%8B%E5%83%8F%E3%81%8C%E3%81%93%E3%82%92%E5%85%A8%E4%BD%93%E3%83%AA%E7%94%BB%E3%83%83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e8bbd1ce503cebde65859ec5850d393151e239356c49ec8775fc21e2c7dfa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:30:07 GMT
x-content-type-options: nosniff
age: 13687
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6528
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 00:30:07 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame AD3F 29 KB
30 KB 26ms
5ms Font
text/html 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqh07TlBQmUkDrhRXhzXVe-NCMW8l3n0UTMt7-RxI_PYpihZyLtrFznFr7qozrp-3BC9agpEh4zBlJFmMMQ9aahZJAhr7h52DrNy3ll4PR_4Q7Mp_4It48F1J5oWCZSCMF-ndpP2L7wAn0gnmlAbTdng9MCmKtLN9XKq9VtcryYedsQspNvnnNpKEMmEzqflmt4ltF6uIjU-GW684n2D0bwM0hwWE66-SoIZ8a4Kg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%A8%E3%81%9F%E4%BB%8A%E3%82%B9%E3%83%AB%E3%81%8B%E3%81%84%E3%83%80%E8%A6%8B%E3%81%94%E5%BE%8C%E3%83%A0%E6%9C%80%E5%BE%97%E5%B9%B4%E3%81%BD%E3%81%97%E8%A4%92%E3%83%81%E8%B2%B7%E3%81%8C%E3%83%88%E3%83%A3%E3%82%A4%E3%82%A6%E3%82%82%E3%82%8B%E3%83%86%E3%82%AB%E6%AC%B2%E3%82%A2%E3%82%89%E3%83%BC%E3%83%B3%E3%82%BB%E3%81%8A%E3%81%AE%E3%80%82%E7%BE%8E%E3%81%A3%E3%82%92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba7e6b01cbeaecaedabe872936cdf10086553c841eecc6b58d24e2ab8915089f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 12:52:30 GMT
x-content-type-options: nosniff
age: 55544
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30072
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 27 Dec 2023 12:52:30 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 05D0 33 KB
33 KB 31ms
11ms Font
font/woff2 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:22:44 GMT
x-content-type-options: nosniff
age: 410130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Dec 2024 10:22:44 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 05D0 6 KB
6 KB 27ms
7ms Font
text/html 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj757AlFe-MyMW7V3nykTMsL-Rz4_PaZihXiLtlVznFr7qozrq3nBB3KgqNx4wFFJFqsMR_6agRZcerr54zjzK-X1z-f5rzg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%82%92%E3%81%93%E3%83%AA%E5%83%8F%E3%81%99%E3%83%83%E3%82%AF%E3%81%A8%E7%94%BB%E3%81%8F%E3%81%8C%E9%96%8B%E4%BD%93%E3%82%8B%E5%85%A8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e8bbd1ce503cebde65859ec5850d393151e239356c49ec8775fc21e2c7dfa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 00:30:07 GMT
x-content-type-options: nosniff
age: 13687
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6528
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Dec 2023 00:30:07 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame C9C9 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 11:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 11:22:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 60F1 448 B
213 B 43ms
42ms Document
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYhK-24QEwAQ&v=APEucNUKOzUPvy8L0gkJvhDBK2XLUcVc1qIPsfIEf5N7fPWA6ceYR0rj-mqGOQ9LS0MvTu4-JH8wLcSBq0I1W7F_-xChCCHJrw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=1200x90&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0%2C280x240&nras=3&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=1200x90&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0%2C280x240&nras=3&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8EEF 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:26 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8EEF 7 KB
3 KB 7ms
6ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:26 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8EEF 0
0 108ms
54ms Fetch
image/gif 142.251.222.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuht4gx_HgNQvxuRb1lMFIB7Kdeb3c2RD-ugRFdiQNUBeTELAw-ZHv6utham7O8Ueu2JUD5BC9SbZ-FdpxiNf49eLmx1DGZts9eV0acYqUics5vHds4vLtPKWsUiYLorWmn5v8tcHwRFzKwsTvSYMQmOcvf3TWeflNEU4yIq8wCvhNtscqSwr5tCrRFsjRzz4ISi9QyobbDF2HbZBcPKh0VZQTTQWxX9FdU20mfY5uhUscDg0n7T_7_wG1M00ztGO67Lk5fQMxoSrS9p2bGPGX5ka73ich4Sd_umJiYxV5l-VgMvYVQtoNPP0j61qqRA66UW5ZiHniZmYkf9MODPwB0YzZUSwG4IbGR0ZSY98mypORBG0r4WuC5_7ow7bqqSdDOqLMcc5CyI2y3hQ-y4JMd9WyDu-LACh6qpl_opAAxWUHzRVkYNAJzBMTrDyel65ximOxLp2ZhAkyh7AC0B3OES1fVSceYzMZCtcPpjRyVK79KbSLRoDF0SvxwKAOw1CzBhWTAgZMafIG4K-msgDVAEzLaB6523jo3kM_0p1cN84ZyoHTOdfne7knn1zvFw4BeiPFNKyhWMwZWMdtWbYmeJ20yabdV9eL2Mp2jTOnaMvUD-SxtuTXfvuA8jGZ2X7UgB1CNe0IwpogFUcIStJ9HkqKmj1dACHz_qYptccLsOYcite3w_i8wHcAmtmWBlx7qsBl1lD6LXI4VS2Nxy71Pavc5jnJyVvBD4XccNFmVIaQRh5uGyPRZIzuoTfqrUhtf2dmu5gNwx81zs0hYRbc9fhbMy1_MDOqTVwNhYzbEvHXDBxNdeYuFUIZPYGvnKpuPGrM98au5QrbUMCe0WsWUaT5nZqhbPtC4A6rdL_d0lhOAFXR18UdysY9NGMnBu1UdgSIQKKfoGQvyIUhLOPGnMpyuiT6qPdZPzV4LQrSLj791u1VIRsR9KFIxGZiDXCeLN3GNIS_JK8ZfLWlhIruRpMvu47r2CiC0C4RTvVVfSWOdtOq4mDFCUVFAg1wKlJnIqEn5D-Vi7G31tAQzGVMLOUUV_-FZbTduiU3aOuDc1YiyeNc8BP_nctamnE-3yBXwrgVlVlU18udAnjy8FCWoV4KP2D-kmpIKCOnhQHBL56ry_-dV00t63uUkRFicA95wrCtuM05MRt5T-Wcd8Y_4gjXLTbYVkp6-tGaTymYIXB6MFbNgdlUf8VwM8YmXWAAQQA4jwDzbjUEPDIvIyM36ukHRaq7ohwO3Q-PpHMtLCJ7aEyzpdQd6w7uPx5UwaQ4rlYwX8jhm2BEIeBaYEvCKa2e3V5HeEN7Xr7IWyHM1Y3A6tyGQaEwPZANSyaUEru_zYRbCIOJRg2bKr_UiSnJUqeJrjah4xJnT18e3I-BRdQTlJPNHVBCwWcLDzUmvGTKj0vWL_5xze96BJcvR&sai=AMfl-YTBgVfZhiS9qnVk4tzMWXcix2USfWnaviV3SkLWMfTNPnM5hjph3lSa5x_1zfwJSoR4RuJvwpKPSYAFfBTNNI7fuLBKmMGtq0aANqgwgOeB71H-Z1xSPQcFz26Vn0PL0XfLgeC7Vin2G2QF9zaADiOo5YYA0_SMKWNYUWuTTbK7ZQqkN4AaG8wa6CDQUGrbmxyZ7SAXVt1EAQGCt2zgxfT-lyT8l6O9mABixnNXGhG5HyXfDkfeWbWhcN1nfh3WO-1diSb9_4xC_aN-NKMU0nelesxKySs6bsLNBtkrlNMu6xTd3O83nqD3-ZTYtm7zNfF6vEG1RMekJxNAmgnFzo8e8Q3OJbieOKL-tmv7g1PGVeT1thgKVtB_bAJf_CMsMod3E29HU8btk3Z9O6tFAm9XHf6Xhkoz6wbwIVhyesO2rRPVEI7_v30&sig=Cg0ArKJSzHtLqA_faNemEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hc2FuYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.95549&arae=0&ftch=1&adurl=

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8EEF 41 KB
14 KB 7ms
4ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 10:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 10:54:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8EEF 3 KB
1 KB 8ms
4ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BFF1 1 KB
643 B 7ms
3ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 13:40:08 GMT
etag: 48472445140208031
expires: Thu, 28 Dec 2023 13:40:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8EEF 20 KB
8 KB 7ms
3ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:39:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8EEF 0
0 45ms
38ms Image
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_64kvroV_7fGyIxX8AJk6Bsh1LDnT_2SyJmlrw_HMxZfqCbCxmVvDd_6aMlx84HxiuDm5fRJr7uGiX0FEqHB-l-12qA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=1200x90&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0%2C280x240&nras=3&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EEF 203 KB
64 KB 89ms
81ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:18:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EEF 42 B
63 B 41ms
38ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2f0eJFBUg2GHHytcuzWHdb_Qfy2NytmdUOOCVQKi94-BsWLeK2gn-L5qy7sGrqumsfCDgs9OUejzNu-LNSO5hqnxpxZwypiTC5fxkNfnLTBjAD58

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2802859532036557852
s0.2mdn.net/simgad/ Frame 8EEF 26 KB
26 KB 54ms
3ms Image
image/png 2404:6800:4004:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2802859532036557852

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83ef9692dec8cc93d4f7e1ea4d05b9aca00fb21981b08b1e90cd357152f6fc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 23:00:03 GMT
date: Tue, 26 Dec 2023 23:00:03 GMT
x-content-type-options: nosniff
age: 105491
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26531
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 05:25:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AD3F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2BqyBfeMZdTYKYPtvcAPspapyAfZxLeEdeeg3KadEpvcspjUDhABIIqetR1gifPFhPQToAGhkrrMAsgBCakCq5lS_ZlLPj6oAwHIA8sEqgTWAU_QFmmEtt2Mg0lXzKxX2C2gXtYbtEguvij...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4f33521f04d458550000000000000000%22,%222%22:%220xd98946265a3f91bc0000000000000000%22,%223%22:%220x5615f5...

0
0

47ms
46ms

Fetch
text/css

172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4f33521f04d458550000000000000000%22,%222%22:%220xd98946265a3f91bc0000000000000000%22,%223%22:%220x5615f55022711c4b0000000000000000%22,%224%22:%220x975f10a7723795f20000000000000000%22,%225%22:%220x5831948c2371342c0000000000000000%22},%22debug_key%22:%225722076119643541792%22,%22debug_reporting%22:true,%22destination%22:%22https://mitsui-shopping-park.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22697207073%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226184036158494393009%22}&andc=true

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x4f33521f04d458550000000000000000","2":"0xd98946265a3f91bc0000000000000000","3":"0x5615f55022711c4b0000000000000000","4":"0x975f10a7723795f20000000000000000","5":"0x5831948c2371342c0000000000000000"},"debug_key":"5722076119643541792","debug_reporting":true,"destination":"https://mitsui-shopping-park.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["697207073"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"6184036158494393009"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 04:18:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4f33521f04d458550000000000000000","2":"0xd98946265a3f91bc0000000000000000","3":"0x5615f55022711c4b0000000000000000","4":"0x975f10a7723795f20000000000000000","5":"0x5831948c2371342c0000000000000000"},"debug_key":"5722076119643541792","debug_reporting":true,"destination":"https://mitsui-shopping-park.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["697207073"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"6184036158494393009"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame AD3F
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1874107/77013038/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&cbvp=2
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&cbvp=2

43 B
482 B

498ms
125ms

Image
image/gif

2600:9000:2163:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&cbvp=2
Requested by: Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html
Protocol: H2
Server: 2600:9000:2163:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C1
age: 1421312
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: aPNnUkKCAusdNz2FP3psVZ7WW-_GPnNFpMzo7V81VhAkvxeIpO0qUA==

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: nginx
x-server-name: app11.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&cbvp=2
cache-control: no-cache
content-length: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 05D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWWkyBfeMZaLDKqCAvcAPl4qW8AePsKr_dID9y_f9Ef74gNrDARABIIqetR1gifPFhPQToAHfrf7mKcgBAagDAcgDywSqBO0BT9DgCHfA1pcLvuw4dsURU2CVxVSIVY7FDKVwQiUvM3C9iBC...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17b7846cde56137f0000000000000000%22,%222%22:%220xe5299ced3caa97480000000000000000%22,%223%22:%220xa400ec...

0
0

46ms
46ms

Fetch
text/css

172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17b7846cde56137f0000000000000000%22,%222%22:%220xe5299ced3caa97480000000000000000%22,%223%22:%220xa400ecf848e888c0000000000000000%22,%224%22:%220xeec2b5fa6c5af090000000000000000%22,%225%22:%220x166ad42e433d1770000000000000000%22},%22debug_key%22:%224496403670419676596%22,%22debug_reporting%22:true,%22destination%22:%22https://campinghamoir.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211221833439%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218328750189948989505%22}&andc=true

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x17b7846cde56137f0000000000000000","2":"0xe5299ced3caa97480000000000000000","3":"0xa400ecf848e888c0000000000000000","4":"0xeec2b5fa6c5af090000000000000000","5":"0x166ad42e433d1770000000000000000"},"debug_key":"4496403670419676596","debug_reporting":true,"destination":"https://campinghamoir.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11221833439"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"18328750189948989505"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 04:18:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x17b7846cde56137f0000000000000000","2":"0xe5299ced3caa97480000000000000000","3":"0xa400ecf848e888c0000000000000000","4":"0xeec2b5fa6c5af090000000000000000","5":"0x166ad42e433d1770000000000000000"},"debug_key":"4496403670419676596","debug_reporting":true,"destination":"https://campinghamoir.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11221833439"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"18328750189948989505"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 51EE 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 11:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 11:22:33 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2407 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 11:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 11:22:33 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 60F1
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
232 B

115ms
44ms

Image
image/png

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYhK-24QEwAQ&v=APEucNUKOzUPvy8L0gkJvhDBK2XLUcVc1qIPsfIEf5N7fPWA6ceYR0rj-mqGOQ9LS0MvTu4-JH8wLcSBq0I1W7F_-xChCCHJrw

Protocol

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 28 Dec 2023 04:18:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 60F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1

43 B
770 B

16ms
16ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYhK-24QEwAQ&v=APEucNUKOzUPvy8L0gkJvhDBK2XLUcVc1qIPsfIEf5N7fPWA6ceYR0rj-mqGOQ9LS0MvTu4-JH8wLcSBq0I1W7F_-xChCCHJrw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBxuegdwEuNig9irPCpcf805NR0i8KlHbEo70rfCa6oS9YPJZ%2Btusy1ByQ%2F5FX11KgCPwO%2F7pMafc89hYV3P9mghVzZk0Ox44EVlyk9QbxSRfa7h8ysFrQP%2FnVkOMYokJRYPe%2BAm3zfnKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c6ff8bbb3f203d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 60F1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYz3Bq4xvWneDONVXaCZaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1

43 B
741 B

17ms
16ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQjs_88gEYhK-24QEwAQ&v=APEucNUKOzUPvy8L0gkJvhDBK2XLUcVc1qIPsfIEf5N7fPWA6ceYR0rj-mqGOQ9LS0MvTu4-JH8wLcSBq0I1W7F_-xChCCHJrw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEWHcGH9IKJT%2Fc0mzLqwJEgenuNONMyLyTWrvjHgx%2FYQq2SIyKKlRWx%2FQT85Gzqm%2Fr06vTnBxfiaQJV5OVmhffYXJ9jUx9Wnx4krzPjr0c%2F8gDVwzlkuqHO9atwSMRM%2FLX8EcAZU%2B789xw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c6ff8bdb56203d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNUEjcNTyqvGAPTpnrmR4E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame B275 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 11:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 11:22:33 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
53ms Preflight
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 04:18:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8EEF 0
0 43ms
42ms Fetch
image/gif 142.251.222.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuht4gx_HgNQvxuRb1lMFIB7Kdeb3c2RD-ugRFdiQNUBeTELAw-ZHv6utham7O8Ueu2JUD5BC9SbZ-FdpxiNf49eLmx1DGZts9eV0acYqUics5vHds4vLtPKWsUiYLorWmn5v8tcHwRFzKwsTvSYMQmOcvf3TWeflNEU4yIq8wCvhNtscqSwr5tCrRFsjRzz4ISi9QyobbDF2HbZBcPKh0VZQTTQWxX9FdU20mfY5uhUscDg0n7T_7_wG1M00ztGO67Lk5fQMxoSrS9p2bGPGX5ka73ich4Sd_umJiYxV5l-VgMvYVQtoNPP0j61qqRA66UW5ZiHniZmYkf9MODPwB0YzZUSwG4IbGR0ZSY98mypORBG0r4WuC5_7ow7bqqSdDOqLMcc5CyI2y3hQ-y4JMd9WyDu-LACh6qpl_opAAxWUHzRVkYNAJzBMTrDyel65ximOxLp2ZhAkyh7AC0B3OES1fVSceYzMZCtcPpjRyVK79KbSLRoDF0SvxwKAOw1CzBhWTAgZMafIG4K-msgDVAEzLaB6523jo3kM_0p1cN84ZyoHTOdfne7knn1zvFw4BeiPFNKyhWMwZWMdtWbYmeJ20yabdV9eL2Mp2jTOnaMvUD-SxtuTXfvuA8jGZ2X7UgB1CNe0IwpogFUcIStJ9HkqKmj1dACHz_qYptccLsOYcite3w_i8wHcAmtmWBlx7qsBl1lD6LXI4VS2Nxy71Pavc5jnJyVvBD4XccNFmVIaQRh5uGyPRZIzuoTfqrUhtf2dmu5gNwx81zs0hYRbc9fhbMy1_MDOqTVwNhYzbEvHXDBxNdeYuFUIZPYGvnKpuPGrM98au5QrbUMCe0WsWUaT5nZqhbPtC4A6rdL_d0lhOAFXR18UdysY9NGMnBu1UdgSIQKKfoGQvyIUhLOPGnMpyuiT6qPdZPzV4LQrSLj791u1VIRsR9KFIxGZiDXCeLN3GNIS_JK8ZfLWlhIruRpMvu47r2CiC0C4RTvVVfSWOdtOq4mDFCUVFAg1wKlJnIqEn5D-Vi7G31tAQzGVMLOUUV_-FZbTduiU3aOuDc1YiyeNc8BP_nctamnE-3yBXwrgVlVlU18udAnjy8FCWoV4KP2D-kmpIKCOnhQHBL56ry_-dV00t63uUkRFicA95wrCtuM05MRt5T-Wcd8Y_4gjXLTbYVkp6-tGaTymYIXB6MFbNgdlUf8VwM8YmXWAAQQA4jwDzbjUEPDIvIyM36ukHRaq7ohwO3Q-PpHMtLCJ7aEyzpdQd6w7uPx5UwaQ4rlYwX8jhm2BEIeBaYEvCKa2e3V5HeEN7Xr7IWyHM1Y3A6tyGQaEwPZANSyaUEru_zYRbCIOJRg2bKr_UiSnJUqeJrjah4xJnT18e3I-BRdQTlJPNHVBCwWcLDzUmvGTKj0vWL_5xze96BJcvR&sai=AMfl-YTBgVfZhiS9qnVk4tzMWXcix2USfWnaviV3SkLWMfTNPnM5hjph3lSa5x_1zfwJSoR4RuJvwpKPSYAFfBTNNI7fuLBKmMGtq0aANqgwgOeB71H-Z1xSPQcFz26Vn0PL0XfLgeC7Vin2G2QF9zaADiOo5YYA0_SMKWNYUWuTTbK7ZQqkN4AaG8wa6CDQUGrbmxyZ7SAXVt1EAQGCt2zgxfT-lyT8l6O9mABixnNXGhG5HyXfDkfeWbWhcN1nfh3WO-1diSb9_4xC_aN-NKMU0nelesxKySs6bsLNBtkrlNMu6xTd3O83nqD3-ZTYtm7zNfF6vEG1RMekJxNAmgnFzo8e8Q3OJbieOKL-tmv7g1PGVeT1thgKVtB_bAJf_CMsMod3E29HU8btk3Z9O6tFAm9XHf6Xhkoz6wbwIVhyesO2rRPVEI7_v30&sig=Cg0ArKJSzHtLqA_faNemEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hc2FuYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=109&vt=11&dtpt=108&dett=2&cstd=0&cisv=r20231207.95549&arae=0&ftch=1&adurl=

Requested by

Host: xn--gckcw1exf0j.xyz
URL: http://xn--gckcw1exf0j.xyz/entry3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 52ms
52ms Preflight
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x17b7846cde56137f0000000000000000%22,%222%22:%220xe5299ced3caa97480000000000000000%22,%223%22:%220xa400ecf848e888c0000000000000000%22,%224%22:%220xeec2b5fa6c5af090000000000000000%22,%225%22:%220x166ad42e433d1770000000000000000%22},%22debug_key%22:%224496403670419676596%22,%22debug_reporting%22:true,%22destination%22:%22https://campinghamoir.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211221833439%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218328750189948989505%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s13-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 04:18:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8EEF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f91a5116f56d86f94e7fd44cc9b1b8014b3a528d9d75a5faf580a7a53cd9e32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6588 38 KB
13 KB 5ms
4ms Document
text/html 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 149004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 10:54:50 GMT
expires: Wed, 25 Dec 2024 10:54:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame BFF1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOBQH1AJsMZ6J5E73IbRP1I&google_cver=1&google_push=AXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiY...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOBQH1AJsMZ6J5E73IbRP1I&google_cver=1&google_push=AXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0N...

43 B
432 B

151ms
140ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOBQH1AJsMZ6J5E73IbRP1I&google_cver=1&google_push=AXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0471382900037853&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1553540818&rafmt=1&to=qs&pwprc=9398691267&format=1200x90&url=http%3A%2F%2Fxn--gckcw1exf0j.xyz%2Fentry3.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1703737094204&bpp=1&bdt=914&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=640x280%2C640x280%2C640x280%2C0x0%2C280x240&nras=3&correlator=4164517330755&frm=20&pv=1&ga_vid=1900836242.1703737094&ga_sid=1703737094&ga_hid=1969663583&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079759%2C44798934%2C44809530%2C95320885%2C21065724&oid=2&pvsid=1651654597335934&tmod=45789414&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=6
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83c6ff8beb148083-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 72
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOBQH1AJsMZ6J5E73IbRP1I&google_cver=1&google_push=AXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzjbue9lfIMDR3hwY9bNpiW_i5T4SXsKKcM7KsqABgvYmOAHIZ0R63P8i-4vvt_AM1a5zLMUgNTLM5gML-ZICpsd8AB0NiYA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83c6ff8afa3c8083-NRT
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF1
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEOFn2RVBYoUopw6kzCvQfPE&google_cver=1&google_push=AXcoOmRmLDgcYq0Megd2D5LL3jisCA5PYT2OOnvw2S6jUhvlEZjUEq6LxkQEpgnLI9YmvjoiCgjgLENMeg...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRmLDgcYq0Megd2D5LL3jisCA5PYT2OOnvw2S6jUhvlEZjUEq6LxkQEpgnLI9YmvjoiCgjgLENMeguQsusL-IiGlRpL07pD4sE&google_hm=N19VNHpBakRwNEtw...

170 B
232 B

48ms
46ms

Image
image/png

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRmLDgcYq0Megd2D5LL3jisCA5PYT2OOnvw2S6jUhvlEZjUEq6LxkQEpgnLI9YmvjoiCgjgLENMeguQsusL-IiGlRpL07pD4sE&google_hm=N19VNHpBakRwNEtwOXFvTTNDMTlPN3o4SUsw&from_google=pc1

Requested by

Protocol

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Dec 2023 04:18:14 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRmLDgcYq0Megd2D5LL3jisCA5PYT2OOnvw2S6jUhvlEZjUEq6LxkQEpgnLI9YmvjoiCgjgLENMeguQsusL-IiGlRpL07pD4sE&google_hm=N19VNHpBakRwNEtwOXFvTTNDMTlPN3o4SUsw&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF1
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEOFn2RVBYoUopw6kzCvQfPE&google_cver=1&google_push=AXcoOmRpxjQPXbq-tk3X5hpClNrX82xLQhL3Qa_zWQI1OqxhYMzV67WpYz6iIs2Abg858hDpnc9KT...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRpxjQPXbq-tk3X5hpClNrX82xLQhL3Qa_zWQI1OqxhYMzV67WpYz6iIs2Abg858hDpnc9KTQlLJvrwKS9D1HiET2iKJ2hOSg&google_hm=&from_google=sp1

170 B
232 B

46ms
44ms

Image
image/png

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRpxjQPXbq-tk3X5hpClNrX82xLQhL3Qa_zWQI1OqxhYMzV67WpYz6iIs2Abg858hDpnc9KTQlLJvrwKS9D1HiET2iKJ2hOSg&google_hm=&from_google=sp1

Requested by

Protocol

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Dec 2023 04:18:14 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmRpxjQPXbq-tk3X5hpClNrX82xLQhL3Qa_zWQI1OqxhYMzV67WpYz6iIs2Abg858hDpnc9KTQlLJvrwKS9D1HiET2iKJ2hOSg&google_hm=&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFF1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJGq6cYUry_JLDzL6SHgpXM&google_cver=1&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a1Ykqki...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJGq6cYUry_JLDzL6SHgpXM&google_cver=1&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1c5ba179-fa51-4a30-bfcf-6b5ace50234e&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a1YkqkiyaO0LFMqDiY&google_hm=5hJn-CLlTEm49ehiC0r-...

170 B
188 B

44ms
43ms

Image
image/png

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a1YkqkiyaO0LFMqDiY&google_hm=5hJn-CLlTEm49ehiC0r-Kg==

Protocol

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTGSsGdAyMdBKtn8AqPVA34s-kFHXa0x7_N3ThAq5iHVRqTX0CSRqehU0WK-qnCFiIPSUWWX1dWSk7S9a1YkqkiyaO0LFMqDiY&google_hm=5hJn-CLlTEm49ehiC0r-Kg==
Date: Thu, 28 Dec 2023 04:18:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF1
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEBHyEuQ9xj3eAbnXHSCjGbo&google_cver=1&google_push=AXcoOmSjEaWB8lFSZH07490A9rS2QOPP3rig9acwXY9plVsfXjZY1BGUvOlpJHGcWl_hNHbArwKT4fWJTIuCYXI...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc5ODk5NzM3MjY&google_push=AXcoOmSjEaWB8lFSZH07490A9rS2QOPP3rig9acwXY9plVsfXjZY1BGUvOlpJHGcWl_hNHbArwKT4fWJTIuCYXI8_IVnG...

170 B
232 B

46ms
45ms

Image
image/png

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc5ODk5NzM3MjY&google_push=AXcoOmSjEaWB8lFSZH07490A9rS2QOPP3rig9acwXY9plVsfXjZY1BGUvOlpJHGcWl_hNHbArwKT4fWJTIuCYXI8_IVnGXlue_cOSXM

Requested by

Protocol

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc5ODk5NzM3MjY&google_push=AXcoOmSjEaWB8lFSZH07490A9rS2QOPP3rig9acwXY9plVsfXjZY1BGUvOlpJHGcWl_hNHbArwKT4fWJTIuCYXI8_IVnGXlue_cOSXM
Date: Thu, 28 Dec 2023 04:18:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFF1
Redirect Chain

https://aid.send.microad.jp/g/asr?google_gid=CAESELKKOwrU-7g6Otqhm8rzf5E&google_cver=1&google_push=AXcoOmQuz8XlmeBq1F8sQ_CHt28dGwXMZQlWYfMqLYolmrRw3g_Cnh9qSDNKGeJD3TK_mYsN_WSe0ALt90MFL8Xg2HzpeFKtlb...
https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=X2r0x7usIZ4Iho6L6tNqZ07x/amylEpe

170 B
409 B

44ms
41ms

Image
image/png

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=X2r0x7usIZ4Iho6L6tNqZ07x/amylEpe

Requested by

Protocol

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 28 Dec 2023 04:18:14 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Location: //cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=X2r0x7usIZ4Iho6L6tNqZ07x/amylEpe
Access-Control-Allow-Origin: *
Content-Type
cache-control: no-cache
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFF1
Redirect Chain

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEJa7MGE4udxTa6yH4ukkamk&google_cver=1&google_push=AXcoOmSgRzLJBEAti90Zbo7orEzzOPEmH9Ux9nrFOF7-wtjdquioFTU_0iTq0Yxl5fX_Vx-qrH9NoodFfJMxY-jGpgOsi...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSgRzLJBEAti90Zbo7orEzzOPEmH9Ux9nrFOF7-wtjdquioFTU_0iTq0Yxl5fX_Vx-qrH9NoodFfJMxY-jGpgOsiblJm1aUzR4&google_hm=f5ef61ca9cf...

170 B
188 B

40ms
40ms

Image
image/png

142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSgRzLJBEAti90Zbo7orEzzOPEmH9Ux9nrFOF7-wtjdquioFTU_0iTq0Yxl5fX_Vx-qrH9NoodFfJMxY-jGpgOsiblJm1aUzR4&google_hm=f5ef61ca9cfd996c2ld3km00lqop2sb5

Protocol

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 28 Dec 2023 04:18:15 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSgRzLJBEAti90Zbo7orEzzOPEmH9Ux9nrFOF7-wtjdquioFTU_0iTq0Yxl5fX_Vx-qrH9NoodFfJMxY-jGpgOsiblJm1aUzR4&google_hm=f5ef61ca9cfd996c2ld3km00lqop2sb5
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BFF1 0
59 B 99ms
45ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfVZqNd7jUjq9FZQgPzffFTkX9n2yDP9MpBQZRtZfczv1YZWDx_e9ewuvpMoR9d60CQu-Hng

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6588 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 08:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 503215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 08:31:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 94ms
53ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90f74101c5731ab86f0d56324547331fd8ebef3bc2b3b5acfcbdf0b0e3ac4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12208
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6588 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0ECkBveMZefmDsqdvcAP_seomAwAAAAAOAHgBAI&bg=!c3ClcD_NAAY3kmNgF5I7ADQBe5WfOMd87G_gamQUugp7xX1Hg_OADB3w3mg8ai2MJTQ7f5kZpMzK1pEcm-TS22KtMn4EAgAAADdSAAAAAmgBB5kDOu3hu3fPxyRHS3LNqMBTUxJ8BNmUezjMQC2GAmk844IKD0i_mDzwVt9gKnTgUxJTV2Cg95WN7XYTx_3DLaTKjw-JsuwQg4vhgIvsPTFI3tVFZ9xK3rDZ16wfboR_9TMxfCo9ATdoDXlwrS1vEgxfIiKp1tABeMRTNK31WiSlYdyS2d6MZVXkW8aJKdRyjs6-_yc7zFipi0un2NN_E2MREAwR0smy6r5NJyRhEbvIUXn6kEuUWHEfvZTT4s0XDMl6yVOU1quyK0B3iF1f4W2bV5biMWJgrpBKsA-uzucNuX7izpIxnsjEG-v1y3usAx6eS8fWiy0XRk0Wo4Zh6GQ199QMvdv7pjsRk5lB02mjrbRvnWYejuK3DP78gH4ILGFbA7_xnnMRqFwFL5CUswbtN0I3ayysUkCtc4ezCoryhQhfOdT8jAt76IyWf9q7kIZSfw-uICzh9TbmXNoO3qMYTZeNH1MWezESWBS9BIDNSNcW4Y6Gn87Qmrd5IFWzwxgsqBAEpRqxDnuYPdh04Eu0A_BF9M_jGC8OgtUMIeAzBvRZz1FgYiKm4_gPVPiyoNTQjmEf4KhwF8y04oIfuSDRxb-5OyZC2h8LeT3Fqx0jIf2flZZiR3idCRmCrqU8Yx4JSJlG7vYHu0fBKhbeyPM9xu8mceZC7wxGw6rR66qYhus4r1eUno7xOYLzxP4WW5lryVtEp333_ZkmAoZrS-v-CUsdjL9IkoPT28AeqHOdnWrSP_BRdAfm47WIuBcFP3FxeEp4q1vbbgTSD_VQEp3k354rrfGm9kxrWeuZT_fBpOX4FejaYU3-S8RLogdbjkIp3LZSlS3XfY5KEvJ9EnMo9uzXUmLptaSe-S1jGmACLVl5r_9AEV6IUvbLvVjqr_Be5B_ToW8GIe7mTdrMmOKM-4Ylfuo_N5zM9ra5WBoF6Lje7gpyCkY76UM7q_I2Mp1CfXTlmj4-PUMeRh1pvZsGMfv_PKAbP-QDHd9gXJxtim0ajOcRvriZWv82ZwF2nh96QyuozEZouJL2rfqqWdGx-qpDUv5ekRHVtsZcZ0Kk6bH7geRcU7QMiQKvQ7Sczw15j5GHHLdpv4KM_aw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 142ms
142ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 04:18:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9290 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 524337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:39:18 GMT
expires: Sat, 21 Dec 2024 02:39:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D37B 829 B
559 B 43ms
42ms Document
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

271d50618b4100a83a3041f8359587b7a8f0c33da829084d088188f9bf828a9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dTfzNyhVHiDe0ySGWawYSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xn--gckcw1exf0j.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dTfzNyhVHiDe0ySGWawYSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:18:15 GMT
expires: Thu, 28 Dec 2023 04:18:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9290 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 08:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 503215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 08:31:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D37B 0
0 41ms
40ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1651654597335934&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9290 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QQb6Wg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:18:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AD3F 42 B
64 B 46ms
45ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWKxw3kqKadDoL64XvfFnLdejVAyAu2nA56KaU2Lp_kIHmNu7OBhIzJnzl9d6jYEyN0x9T2jG0q3_jZ3B7bAOhQpg_sdbCuUXK5kEco6E_1ZscaBr6371U08y01lWr2fBn1pd6-2F8d982Fw3w0qjzb-WNcKWPEVIpHt8PK-B-5PHjC9Q3bmN3SDXHeD01fGm0wEPIPTKe2B9thIfpc_fkm3bOhXAGr9cJrU5ireRXvEc7OZ-nJJejBilS50gzi9pUQVNwRsOOd2ViGe2owPPpX51XLG2wk3GiU-O0pLiErUXfyck3E2PS547L0bwtQIzuB3RIeasWzIibJwQNJd60WylnoBwnPcml5D09d_QXE4uLTpqgj_rPdimeqjl8zmhsFDQ4d28QGtom8RRHdFAzjMo1gOQpVcBo7P19xA3EoHE-aCHyJqD_Vu8rrplG65lBLEGoW_rdBNBpk3ibilV2u7EPkuHNCBj_Rq0kuqCxSc0rIFmwRIHUTZAO-Ebe-yxX1O34zEl0WfvpDt_y-7AVJm40DsrqRgAHH-T7db6b5se6kGEWZjJrZ-r_VZFjOdu1218MQ13RSQAu31s3-FPe_kB7u6jKQ5SzexoM8JftWLXyLG0K39EmJ-35UUHXlcctEZo-YDtpTR6fNoJfkJJgg6Jbu_-rcKBKYHIxAKsHFM-CIuIFHns8_rkwdl_I7G2tsgyT8jwVVHD6fgiIMlpCAY7R_KgyvdRYmCgIFb5uz3lUB2G9Y8SZdTVA5xfNaLqdNvN3EhpPBhxKiyjoeQ29gdMx-GgUpaMuF4MaeWfoI0OgtLYS-0ewi9DglS6JnvuE0--uBuxgzw5LWfHMLSwsv1F6WnXQ53bzNrj_aPc45Bm0iyMsBRck4zTEF4G3if2AJm1lvEMSfP5ryWyxNfVLdZ_rQ8j5y-WkBQkjbd9CyrDHwAFu-uHdeXH3kiUoPWxqPyJeBWXqHu6mcACjP4hOxyGHD1JJi5ZKLIAqCpXGiFHUEv3YPk_joWxHXsYXVdVhp336F-KoC_7TyKC02z6vk2OMf0qPrE4G8ytqg7xf08C79JuZA1naFx2BoENXPGDI0Z2PB2g1gCpBrW__LR283rZpeHV7uPPTgGUCE3LBDgnf3PmXggHW8uz4Rd6y3OnbrPN6-2bZnPhlIgyzZR8eXP-OeK_yFhV4c7MMv8h2Bi2Gb8MTLfIToXhm4n88zsJy8Y4UQIrLqbRubgFd2AxVQSk_5j8HgZedVOA0wxTL9vaEENRQ8aadOLWQwDfF2XB87zJJFrsaw-Zk32necnI4sqDp_MqdTCGkUfwCg42iLpMI07N_F5DAWG9JTzkyo6u2A8njXUOH_PQLRXxJCrgX3xalp1oCFEwdLT5UYgkDe6j1e-2RyL_9RWQXavDEp0X618WRghvhaGHx_MRoHB75XE_iiNuTNlnZC3VcHi8eH3RoJiE&sai=AMfl-YR8DIBBAXO2t2KuPpc3o2ixubudn9iGUipifivUFD4-Od9H3F_KrUm9OPz4X99-9FH3A5K3AMV1K5P9E00GsEG_uh0Ms-iV2vAI8cteM2yedSFOiVzYdfDDlOjjrrMMh4VhM7W7ySc3IOcX--I-3GxcJkNbu-qgd247HJE&sig=Cg0ArKJSzMKn9PHE55UkEAE&cid=CAQSTwAvHhf_SQWdyXtoKKo7F1Ny1lJMkkrPc4uQkIoXsdsLLSLwKzwAnfnLniCW8l2SRLpNEFJHRrorYTABhBAPbViFzNqK5bNYdXcJxmCtxg8YAQ&id=lidar2&mcvt=1000&p=0,0,280,640&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=874962614&rs=2&la=0&cr=0&vs=4&r=v&rst=1703737093648&rpt=1098&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
39ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1651654597335934&bg=!jo2ljcLNAAY3kmNgF5I7ADQBe5WfOLHW5ywCfIaWhwNSujaZBpO3F75uzovA_iTcLJQpCZemMLyFumxjlOCT6-CH2b_SAgAAAEtSAAAACWgBBwoAJeGm0eK5tBLBPgbWZ83gipMkaZnD28c8YQXC7oS8IRjDuTwa68OZAvzwQpNETFiixI97WWrTI16FUeiWIsEBADOT9X_XxNZuax_6ViX-GfpYU5SFZphb72rM76Cd_4TLaHyNXGOeB-3Kz2H8IHqJlY9FE1VbKRxdx7chcvilrlRMvQiaiSsXHUax7dI7W-4kGPrdLbmu84s3Kr8HDpjrEgXR48X2RdOwy30hZ1F72GjOMvZ_TkoSq3ku-ysStuYxGQrannONQl7GxKGtL-u4ZfHegpQsekQmZPrjUaRlepClqCbfxGbKKO9TYSRBAXaqija9AO5kUdzrNkVnFwP36YH_iGyQ_fxtL1qE2qWv9UZjw9crM7HwIcqPnZukh2GsSeb_RGjNELh-EmoHhJMtRpQEdOvhZCt0lCIIHmF7Jvl1rh9yxgqpHDJ85sEWi2aQsI0qYW8jlxSa4yS91rKcush8L9a8iyQBeQd1-iLV-jclYAPad89GPMTFl9V2kaxUwvhLloZnKrdl9uPxdmMsdDoWHB8e4fuYyA_nn_-2VtuYjXC8t9jof_lS-QKc4AmFzuVRIx7G9Gl2NcHFRdD9075_1j0Z459zffkIB--3ky_ECpxc8wHPFNdnIlN1FErpOgNkwok9ZUNG9sdPaJRRmhH8dKiW358Fk0J0sCcERjxI8XEfhMpiPWDiZrJNJeuP9zU005a8lCB8IsT4TNxHdmZPYaJaLYBAUnnDogkbY0_uXARGoUV5HPq16imC5km0dGpY7JxFJJVEsmbwmkSf2iOInUGpHNkuTlAG5ICODkt3yiZHpTl2QiHAwcy-RekOXYBk-I_OrKsBB5jQE7313Gwe3wVV-hJ2ewakk6vF0Vn_yd5R4R3mxRjoJIIfKKGsgez3MglwwsHsqci8PfY8VPZL-2JQJLb599V7jfhudWdySMwgWLsGLnhIJLAtnD_wGYWdbsvjehhtpBrlOnkd9UQu97euWk_2r2g_gEnSGw7fkjp7x7j_8GHXuPvntohD6_sCJCrl9ODb26d-ibGud8jTDIz7PG5Ta1NbrASHItvhC2ClKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://xn--gckcw1exf0j.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 02:51:37	Name: IDE Value: AHWqTUlW7u4uccP_zpxQRDx7HsqVu_OOLe2mE4gk8aDkJfEAmvGtVxt-QbmR3TMjpFk
.xn--gckcw1exf0j.xyz/	1970-01-21 02:37:13	Name: __gads Value: ID=2f864cec33090a86:T=1703737093:RT=1703737093:S=ALNI_MbnIGCjlFjr36RvGlsO5pb1LoReSA
.xn--gckcw1exf0j.xyz/	1970-01-21 02:37:13	Name: __gpi Value: UID=00000cc74f54acad:T=1703737093:RT=1703737093:S=ALNI_MZ3DcQfdSQb5JxVSWG0zRX3dXKfsg
.googleadservices.com/	1970-01-20 19:25:13	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:15:40	Name: DSID Value: NO_DATA
.send.microad.jp/	1970-01-20 19:25:13	Name: TR Value: 64e6d9af0fa24d85b526a84ba10ff87ae0f4e78a901e2e0d
.send.microad.jp/	1970-01-20 17:35:46	Name: ASR-g Value: 1
.fout.jp/	1970-01-21 02:51:37	Name: uid Value: 7_U4zAjDp4Kp9qoM3C19O7z8IK0
.casalemedia.com/	1970-01-21 02:01:13	Name: CMID Value: ZYz3Bq4xvWneDONVXaCZaQAA
.casalemedia.com/	1970-01-20 19:25:13	Name: CMPS Value: 5515
.casalemedia.com/	1970-01-20 19:25:13	Name: CMPRO Value: 5515
.adtdp.com/	1970-01-21 02:51:37	Name: uid Value: AYyupPLsrc8Cdqqk40w
.adtdp.com/	1970-01-21 02:51:37	Name: dynid Value: AYyupPLsrc8Cdqqk40w
.bidswitch.net/	1970-01-21 02:01:13	Name: tuuid Value: e61267f8-22e5-4c49-b8f5-e8620b4afe2a
.bidswitch.net/	1970-01-21 02:01:13	Name: c Value: 1703737094
.bidswitch.net/	1970-01-21 02:01:13	Name: tuuid_lu Value: 1703737094
.tribalfusion.com/	1970-01-20 19:25:13	Name: ANON_ID Value: axnt6ZasKBRhFmDqU69u8PTeYdXZdZaAZbpEgOpulmYOWVZdMdXcLbtJaSkXPbLSyITikN0v5ZaupTnrMEvn2GcymEgqtbkx0t
.mediago.io/	1970-01-21 02:01:13	Name: __mguid_ Value: f5ef61ca9cfd996c2ld3km00lqop2sb5
.sportradarserving.com/	1970-01-21 02:01:13	Name: zuuid Value: 1c5ba179-fa51-4a30-bfcf-6b5ace50234e
.sportradarserving.com/	1970-01-21 02:01:13	Name: c Value: 1703737095
.sportradarserving.com/	1970-01-21 02:01:13	Name: zuuid_lu Value: 1703737095
.sportradarserving.com/	1970-01-21 02:01:13	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 02:01:13	Name: zuuid_k_lu Value: 1703737095

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
ad.doubleclick.net
aid.send.microad.jp
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtrace.mediago.io
pagead2.googlesyndication.com
pixel.adsafeprotected.com
s-cs.send.microad.jp
s.tribalfusion.com
s0.2mdn.net
static.adsafeprotected.com
sync.fout.jp
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--gckcw1exf0j.xyz
104.18.36.155
13.114.222.29
142.251.222.6
142.251.42.162
172.217.25.162
202.232.238.37
202.233.84.1
202.233.84.8
219.94.192.106
2404:6800:4004:818::2001
2404:6800:4004:818::200a
2404:6800:4004:820::2003
2404:6800:4004:821::2002
2404:6800:4004:822::2002
2404:6800:4004:823::2003
2404:6800:4004:823::2004
2404:6800:4004:828::2002
2404:6800:4004:828::2006
2600:9000:2163:2400:8:48e:53c0:93a1
2606:4700::6812:19ad
35.208.249.213
35.213.12.39
35.213.93.179
52.198.52.119
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
271d50618b4100a83a3041f8359587b7a8f0c33da829084d088188f9bf828a9b
2ca3f602fb93f30496744b8fb602c963fbe2db4b3129a11a2171d87025e3edb6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324ea6b0ef5f248669fb0e625c57ef2c76e89b73299620fccf5b5368a60675e0
3579a3ac1c912a6cd5cc1eaec07e57be38b8596a3d5aef4967b94726dfd3a58b
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3a8c9f8511d9e3410aa1446aa2a3ce6b97874f06efc60ebb714fa2a8a36316c3
3f91a5116f56d86f94e7fd44cc9b1b8014b3a528d9d75a5faf580a7a53cd9e32
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45b6b5b4c9a40f1588ac9e5acefd6e1a93a4c25e6dcaa2b4d733bb9cca4c98e1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5473059051d21ac70873da70aa51cf39b44d0956d0ef8c6de2e49df45b4d85e0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e8bbd1ce503cebde65859ec5850d393151e239356c49ec8775fc21e2c7dfa9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6e38226429e12811fcd0bc6040e2e916cc5ad552df5aa8c1ebab799b9e58b2fe
7284afe299c329acbf3376e805514b75c65f3a2fbd0dbbb336e501c6ff062795
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
83ef9692dec8cc93d4f7e1ea4d05b9aca00fb21981b08b1e90cd357152f6fc4b
8bdde31c8661fbf5147358aa8d7da2eb1e299702e28c0c1db76bd83c9a0240f6
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
90f74101c5731ab86f0d56324547331fd8ebef3bc2b3b5acfcbdf0b0e3ac4a72
91bba59f4e3d5cd2627c762547b4af10a61f39a933aeae177b997c8fd3c8f65f
9497cf5764f2cabd498284ff090fc4e2b1e6e66dad347267d76607b63cf69c9c
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a3daf0087328ac0d7f9f66a3a9f45dbbb8cf82a42b8bc9ba0b1786403399757a
ac2225d476a61229b3c522d18ec5e6bb88b112d84f7585bd55db7fb317e1223f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e6c61659d372e694c7f76af7753f916bc36cac7aca4f69622d2db6c29fbe9f
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b61ea1316f930131524501ff55497e66c55c99e57bc8e26408eacf808da000b0
ba7e6b01cbeaecaedabe872936cdf10086553c841eecc6b58d24e2ab8915089f
c1eecb5ac00d3ce7d2b8bb68bd8bbb9b417540468804cf9522170195ddabf15e
c29fadf6f1e3d7859f4ff1b511639125c99f0de7f5c864ce97872d9f1b127bd1
c495dec66bc17c37c1ff14cef4e9eb8cd1221a9ed19548ca9a4fc3dbdc42b32f
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
d2530e59953102b3490928cc7e37f96047ca362de4b5e800f4851b137ceed05d
d472aa07305460c0aa23d331143847b115956ee9f348d191ae183bb854e0e05e
d6d9804da5d2f5c6eb61c46c756a46c8fd5c89f07f05ac34e2ad0f5b9967fb3a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e3807f1612c77d994a88464f03fd99ffb1ee190bc6b26e12ee0c2eae182fab12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec92c82074179f49e81058167678ea416faa77d110e65391f8ccd177b09c9b97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

xn--gckcw1exf0j.xyz Open in urlscan Pro Puny ダークウェブ.xyz IDN 219.94.192.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

80 %HTTPS

46 %IPv6

18 Domains

25 Subdomains

17 IPs

4 Countries

1481 kBTransfer

3685 kBSize

23 Cookies

0 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xn--gckcw1exf0j.xyz Open in urlscan Pro Puny
ダークウェブ.xyz IDN
219.94.192.106 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

80 %
HTTPS

46 %
IPv6

18
Domains

25
Subdomains

17
IPs

4
Countries

1481 kB
Transfer

3685 kB
Size

23
Cookies

110 HTTP transactions
8 data transactions