elfnomori.com Open in urlscan Pro
183.181.98.52 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://elfnomori.com/
Submission: On February 29 via api (February 29th 2024, 4:13:23 pm UTC) from US — Scanned from JP

Summary HTTP 103 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 103 HTTP transactions. The main IP is 183.181.98.52, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is elfnomori.com.
TLS certificate: Issued by R3 on January 31st 2024. Valid for: 3 months.

This is the only time elfnomori.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	183.181.98.52 183.181.98.52	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
19	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
22	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1 6	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1 13	2404:6800:400... 2404:6800:4004:813::2001	15169 (GOOGLE) (GOOGLE)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 3	216.58.220.130 216.58.220.130	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:828::200e	15169 (GOOGLE) (GOOGLE)
2	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
2	172.217.175.98 172.217.175.98	15169 (GOOGLE) (GOOGLE)
1	13.249.160.129 13.249.160.129	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:825::2006	15169 (GOOGLE) (GOOGLE)
1	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:818::2004	15169 (GOOGLE) (GOOGLE)
2	13.225.183.57 13.225.183.57	16509 (AMAZON-02) (AMAZON-02)
103	21

23 183.181.98.52 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv6051.xserver.jp

elfnomori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:825::2002 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:813::2001 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.220.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s17-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.160.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-160-129.nrt12.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.183.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-57.nrt57.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	573 KB
26	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com	471 KB
23	elfnomori.com elfnomori.com	475 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 264 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 548	94 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 628	3 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 362 fonts.googleapis.com — Cisco Umbrella Rank: 32	209 KB
2	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 974	9 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 136
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 6261	199 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 317	60 KB
1	truste.com choices.truste.com — Cisco Umbrella Rank: 1091	8 KB
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 23727	527 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	4 KB
103	14

	Domain	Requested by
23	elfnomori.com	elfnomori.com
22	fonts.gstatic.com	fonts.googleapis.com
19	pagead2.googlesyndication.com	elfnomori.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	elfnomori.com googleads.g.doubleclick.net
2	choices.trustarc.com	choices.truste.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googleadservices.com	elfnomori.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	beacon.sojern.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	choices.truste.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	cdnjs.cloudflare.com	elfnomori.com
1	ajax.googleapis.com	elfnomori.com
103	21

This site contains links to these domains. Also see Links.

Domain
theland.game
tech.palette-docs.com
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com

Subject Issuer	Validity	Valid
www.elfnomori.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-11-18` - `2024-12-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-12-21`	10 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://elfnomori.com/
Frame ID: 8DAAF555C0738CB35446D26178147A70
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&adk=1812271804&adf=3025194257&lmt=1709223198&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=https%3A%2F%2Felfnomori.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198187&bpp=4&bdt=391&idt=214&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4507642813873&frm=20&pv=2&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=236
Frame ID: B2D359090A36E664FCF6EB5D039EAB09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=90&slotname=3987105917&adk=1112305553&adf=3086966846&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=2&format=786x90&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198191&bpp=2&bdt=396&idt=240&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245
Frame ID: E85EFC702980B3678ACD24813038CFC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=280&slotname=3987105917&adk=2557355347&adf=457014468&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=3&format=786x280&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198193&bpp=1&bdt=397&idt=319&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C786x90&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=321
Frame ID: 831A7D2AD6F1EDF319B56D9472081C16
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDxhPjDBRj-lO6AAjAB&v=APEucNVoG5zPKQ7YhA0wKlEEoSQQHt3TXNKEnv8dV98LzwLaLKDSk8cBR-n5TSdNyBvZIdZvUyQ59sLsFikss7E-f4jpEb79qA
Frame ID: C06836751386BED2D98D665E39AC574C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0EAA0BD2FD52F95F2434C993912D4DEF
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 55A0B3B5EED075745703A4D2DCD6F18D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C1E37A1D45E173ABEE88EB8599B3881E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7203E9E5D337733DE4B0047E235B8F7A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6D487CD23ED8C0E558DFA46B0499EB5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

あつまれエルフの森（THE LAND） | THE LAND～エルフの森～の情報をまとめたファンサイト

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

103
Requests

95 %
HTTPS

57 %
IPv6

14
Domains

21
Subdomains

21
IPs

3
Countries

1906 kB
Transfer

4297 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://theland.game/WhitePaper
Title: THELAND エルフの森 WhitePaper(PDF)

Search URL Search Domain Scan URL

URL: https://tech.palette-docs.com/the-land/undefined/gmu
Title: THELAND エルフの森 GitBook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%E3%81%82%E3%81%A4%E3%81%BE%E3%82%8C%E3%82%A8%E3%83%AB%E3%83%95%E3%81%AE%E6%A3%AE%EF%BC%88THE+LAND%EF%BC%89&url=https%3A%2F%2Felfnomori.com%2F&related=elfnomori_com
Title: X

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Felfnomori.com%2F&t=%E3%81%82%E3%81%A4%E3%81%BE%E3%82%8C%E3%82%A8%E3%83%AB%E3%83%95%E3%81%AE%E6%A3%AE%EF%BC%88THE+LAND%EF%BC%89
Title: Facebook

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/elfnomori.com/
Title: はてブ

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://elfnomori.com/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://twitter.com/elfnomori_com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1

Request Chain 59

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeCtHhdaRGwAAFBzAJKH6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1

Request Chain 74

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCW46TzmgEQsAkYsAkyCCtyDyDi_3UE HTTP 301
https://tpc.googlesyndication.com/simgad/12589505205993449889

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CnEBJHq3gZamdIcOept8Pk-qsyAnE2-r-dcOo8tqeErOQHxABIOe00QxgifPFhPQToAGhwJjxKMgBCakCM39iC6ungj6oAwHIA8sEqgTMAU_Qtm67EEbUVzsduxhw81VvIfj9LhnUZiREsST50KW6bv1bD94xI9vhcFY7afqPKu9Fh0dFzxRBIUPMSMXDQhm68mQeT3maJrIiFCKWmocSorgRRNBB2dPQrwxQiSUq041WGi0rKnu3QyO6HRIdD4J2rQsDZjI6jNbcQo_Jtv80aAzrQkMnMdYT22yVWAV73eIc9cxua6PYYuegOhXK8m76cJm4kLskxfCdoBIAcqEj2vEp0ljO973T3459yhRZZd6ZRyS2JBDNnqMDQMAE_ryfrMkEiAXAmrvDTZIFBAgEGAGSBQQIBRgEoAYugAe2xtvXBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB6a-G9gHAPIHBBDeuwnSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpY0Y7dzPjQhAOaCYICaHR0cHM6Ly93d3cudGVtdS5jb20vanAva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0xMDB-amF-SlBZJmdvb2RzX2lkPTYwMTA5OTUxMjk1MTcxNCZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QyMTI0MDU4LTEmdG9waWNfY2xhc3NpZnk9MTI3gAoByAsB2gwQCgoQ4KDYkNK_zZJDEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi05ODIyNjAzODE4ODMzNTIxGAA&sigh=uQFHnbPHwWo&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqTNlKwH68wkimaRVTHYFaL_trMbv6fVNNH0cCXjej0Z0bbCBhLFAW9TtwKxd-i4OmrWYBdOMVrR_scsw6agMTU9AsHOod_Clxz3sYAQ&template_id=494&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5dc15064ca7195550000000000000000%22,%222%22:%220x736640ccad0d286e0000000000000000%22,%223%22:%220xdb0fc7c9f6ffe8d40000000000000000%22,%224%22:%220x9d9591d021969f400000000000000000%22,%225%22:%220xa89e38506bee54860000000000000000%22},%22debug_key%22:%225237338352469822013%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2202-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229733636855687847585%22}&andc=true

103 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
elfnomori.com/ 336 KB
40 KB 309ms
276ms Document
text/html 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 7d4c69dd4d062c7b545f5ae819f134015f5a0b41017cedf747a0982e6435da4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 16:13:17 GMT
link: <https://elfnomori.com/wp-json/>; rel="https://api.w.org/", <https://elfnomori.com/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json", <https://elfnomori.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding

GET
H2 200 icomoon.woff
elfnomori.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 18 KB
11 KB 29ms
16ms Font
application/font-woff 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?v=2.7.0.2
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: f28983ba3821cb6be34f2a3faf9b03a8befa9ca60b7c3768a9c620c01065ef5a

Request headers

Referer: https://elfnomori.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:28 GMT
server: nginx
etag: W/"4878-61253a7dd743c"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 fontawesome-webfont.woff2
elfnomori.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 34ms
21ms Font
application/octet-stream 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://elfnomori.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: "12d68-61253a7da47bd"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 style.min.css
elfnomori.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 27ms
15ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3&fver=20240131011518
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Wed, 31 Jan 2024 13:15:18 GMT
server: nginx
etag: W/"1ae43-6103dab985996"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 style.css
elfnomori.com/wp-content/themes/cocoon-master/ 246 KB
46 KB 27ms
15ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/style.css?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 8890046bf92be1335bfe225a06c58391db2dc0c1fe273c17f157372f029b0cdb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"3d748-61253a7da093d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 keyframes.css
elfnomori.com/wp-content/themes/cocoon-master/ 291 B
476 B 27ms
15ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/keyframes.css?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: fb1c74d589690a0a4ed9ecd0f0de1a26ce1f12745be44f6750a33de42676683f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: "123-61253a7d74a1e"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 291
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 font-awesome.min.css
elfnomori.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 30 KB
7 KB 27ms
16ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"792a-61253a7da287d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 style.css
elfnomori.com/wp-content/themes/cocoon-master/webfonts/icomoon/ 4 KB
1 KB 31ms
20ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?v=2.7.0.2&ver=6.4.3&fver=20240227021928
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 832afa68bd50da41ac5fa906f57b44d3236d416e894679934e253c2207534cf9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:28 GMT
server: nginx
etag: W/"f8e-61253a7dd743c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 baguetteBox.min.css
elfnomori.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 4 KB
1 KB 31ms
21ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.css?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"e19-61253a7d8441e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 scroll-hint.css
elfnomori.com/wp-content/themes/cocoon-master/plugins/scroll-hint-master/css/ 8 KB
3 KB 30ms
20ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/plugins/scroll-hint-master/css/scroll-hint.css?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: c5e403dd1b364fa7526d95a5abccbb5e5d796be0cc816db1ec156cde452f153a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"21f4-61253a7d8923d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 style.css
elfnomori.com/wp-content/themes/cocoon-master/skins/skin-tegakinote-green-orange/ 57 KB
12 KB 30ms
21ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/skins/skin-tegakinote-green-orange/style.css?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: d8716fb2e5893cdb0d7e65a16607f4d8b71acae4cf20092a850b8afb13997ba6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"e523-61253a7d98c3d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 keyframes.css
elfnomori.com/wp-content/themes/cocoon-master/skins/skin-tegakinote-green-orange/ 201 B
385 B 30ms
21ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/skins/skin-tegakinote-green-orange/keyframes.css?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 9668ef33d183000f5b54ffb23c3477b00e9e33f258fe8ae792d167b4bbafd60c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: "c9-61253a7d98c3d"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 201
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 style.css
elfnomori.com/wp-content/themes/cocoon-child-master/ 1 KB
693 B 30ms
21ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-child-master/style.css?ver=6.4.3&fver=20230528023005
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 66bfc61bea0baed56bfd8209d90ad0f5f2a2ffb81f01d639c2a7bd0b10f8b98d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Sun, 28 May 2023 02:30:05 GMT
server: nginx
etag: W/"403-5fcb7bf7a8ac4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 keyframes.css
elfnomori.com/wp-content/themes/cocoon-child-master/ 130 B
314 B 29ms
22ms Stylesheet
text/css 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.4.3&fver=20230406012131
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Thu, 06 Apr 2023 01:21:31 GMT
server: nginx
etag: "82-5f8a0ba89aa86"
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 130
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 83ms
3ms Script
text/javascript 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1

Requested by

Host: elfnomori.com
URL: https://elfnomori.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:25:20 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 24ms
9ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1

Requested by

Host: elfnomori.com
URL: https://elfnomori.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 59982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3718
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb4701e-2c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJXzhsaePOLPF3Dmh%2BugG%2B1f%2Bf6syHrHM8kMcCUYGt1YbDzheT0qbc6wMfyJLLEN59Hfwh6M6UQACqCvnErZwpCQmL9R62GGgurVdgb5%2FTVnetHDpx%2F9yVEpe1RHOeIUG9aRqXupZ4lCUKOk556o%2FirY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85d2319a7b1c80ef-NRT
expires: Tue, 18 Feb 2025 16:13:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 663 KB
177 KB 107ms
60ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kaisei+Decol&family=Kiwi+Maru&family=Klee+One&family=Zen+Kaku+Gothic+New&family=Zen+Maru+Gothic&family=Zen+Kurenaido&display=swap

Requested by

Host: elfnomori.com
URL: https://elfnomori.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce9689e30b5cdb9d7fa1a7a1abe641bb3ffa2c5e929a336f6679ecbb02a881c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 16:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 16:13:17 GMT

GET
H2 200 elfnomori_eye.jpg
elfnomori.com/wp-content/uploads/2023/04/ 122 KB
122 KB 27ms
22ms Image
image/jpeg 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfnomori.com/wp-content/uploads/2023/04/elfnomori_eye.jpg
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: ea5881f1507ec9eb5064603a8739e68ee0a96fc0c16b0825663af4dd01f15e0e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Fri, 07 Apr 2023 08:24:38 GMT
server: nginx
etag: "1e6cd-5f8bac18cd674"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 124621
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 theland.jpg
elfnomori.com/wp-content/uploads/2023/04/ 125 KB
126 KB 33ms
28ms Image
image/jpeg 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfnomori.com/wp-content/uploads/2023/04/theland.jpg
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 1a7acdf59a8c1f69ff30b4d4ef5823b4ce82c839775c0042f197f892be630e58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Thu, 06 Apr 2023 07:35:04 GMT
server: nginx
etag: "1f58e-5f8a5f277af5f"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 128398
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 671522453.png
elfnomori.com/wp-content/siteguard/ 1 KB
2 KB 35ms
31ms Image
image/png 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfnomori.com/wp-content/siteguard/671522453.png
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 103e06467acd73556c403f4bd178bc98b4693dfda46e76cd5049dac5c75bb4da

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Thu, 29 Feb 2024 16:13:17 GMT
server: nginx
etag: W/"5f7-61287898ae02b"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1527
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 baguetteBox.min.js Show response
elfnomori.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/ 9 KB
4 KB 10ms
10ms Script
application/javascript 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/plugins/baguettebox/dist/baguetteBox.min.js?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: d14fb24c37234368d688c39915a6c76c65d542aab34b5ef8cda4534cc2affaa8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"256a-61253a7d8441e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 scroll-hint.min.js Show response
elfnomori.com/wp-content/themes/cocoon-master/plugins/scroll-hint-master/js/ 8 KB
3 KB 10ms
10ms Script
application/javascript 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/plugins/scroll-hint-master/js/scroll-hint.min.js?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: e688bb4a3bc882915bcdc722e00f608b7ac407c77e7c9363ab999725142149c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"2091-61253a7d8923d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 comment-reply.min.js Show response
elfnomori.com/wp-includes/js/ 3 KB
2 KB 10ms
10ms Script
application/javascript 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-includes/js/comment-reply.min.js?ver=6.4.3&fver=20230330021909
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 02:19:09 GMT
server: nginx
etag: W/"ba5-5f814b7b9e140"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 javascript.js Show response
elfnomori.com/wp-content/themes/cocoon-master/ 8 KB
3 KB 11ms
11ms Script
application/javascript 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/javascript.js?ver=6.4.3&fver=20240227021927
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: 434e30c2bf3f77a70f0c1ebccd8f350dc58a984e6a099319718fb190ec16443f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 02:19:27 GMT
server: nginx
etag: W/"1e40-61253a7d74a1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 javascript.js Show response
elfnomori.com/wp-content/themes/cocoon-child-master/ 298 B
493 B 11ms
11ms Script
application/javascript 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://elfnomori.com/wp-content/themes/cocoon-child-master/javascript.js?ver=6.4.3&fver=20230406012131
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
last-modified: Thu, 06 Apr 2023 01:21:31 GMT
server: nginx
etag: "12a-5f8a0ba89aa86"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 298
expires: Thu, 07 Mar 2024 16:13:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 97ms
51ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9822603818833521

Requested by

Host: elfnomori.com
URL: https://elfnomori.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeb42146a7870c3b10520d9ea7a51c6aabdbe788f8504406cd0e8c54d767ea50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elfnomori.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51610
x-xss-protection: 0
server: cafe
etag: 7049229303174336846
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 29 Feb 2024 16:13:17 GMT

GET
H2 200 access.php
elfnomori.com/wp-content/themes/cocoon-master/lib/analytics/ 0
79 B 126ms
126ms Image
text/html 183.181.98.52
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elfnomori.com/wp-content/themes/cocoon-master/lib/analytics/access.php?post_id=10&post_type=page
Requested by: Host: elfnomori.com
URL: https://elfnomori.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.52 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6051.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:18 GMT
server: nginx
accept-ranges: bytes
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.119.woff2
fonts.gstatic.com/s/kleeone/v7/ 28 KB
28 KB 47ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kaisei+Decol&family=Kiwi+Maru&family=Klee+One&family=Zen+Kaku+Gothic+New&family=Zen+Maru+Gothic&family=Zen+Kurenaido&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2513d076178f6dc9025a261576de7b6dc9f39ec683548571af3fcc84cf86820c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:19:35 GMT
x-content-type-options: nosniff
age: 46423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28576
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:19:35 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.117.woff2
fonts.gstatic.com/s/kleeone/v7/ 12 KB
12 KB 47ms
9ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.117.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

731361283b038d7579c5714f7fac17695093479f802a57a23baeabade16497d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 06:22:18 GMT
x-content-type-options: nosniff
age: 121860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11848
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 06:22:18 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.108.woff2
fonts.gstatic.com/s/kleeone/v7/ 17 KB
17 KB 46ms
8ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.108.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c01d42bcc948d7298fea94c0cca663c963137690ccae0aee6ad4b40e20de14a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:27:13 GMT
x-content-type-options: nosniff
age: 45965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:27:13 GMT

GET
H2 200 LDIxapCLNRc6A8oT4p4HM-Y.woff2
fonts.gstatic.com/s/kleeone/v7/ 34 KB
34 KB 43ms
6ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4p4HM-Y.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6abea6a025217fc0962a4af8c4a33e3214489f20abd26de8f694e4a321f237c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 00:22:49 GMT
x-content-type-options: nosniff
age: 57029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35172
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 00:22:49 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.95.woff2
fonts.gstatic.com/s/kleeone/v7/ 16 KB
16 KB 45ms
8ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.95.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f8735927bf2639b148d04368e36bc8727365f2e2c5606c9ed95f6ca34aa4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:28:48 GMT
x-content-type-options: nosniff
age: 45870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16484
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:31:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:28:48 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c605435cf38a1203dbe0d6df863d52ff200c0befe3858d1cdbef25e20ad1212

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 934 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cea95cc321529b0eb81568e6979b4aa0bc34676398340b25249703cbeba40675

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.115.woff2
fonts.gstatic.com/s/kleeone/v7/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.115.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911200499a5d5c1762a0f66e767824a95363fe8dd49d046d5076e0eee2dc35ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:25:01 GMT
x-content-type-options: nosniff
age: 46097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15144
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:25:01 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.110.woff2
fonts.gstatic.com/s/kleeone/v7/ 16 KB
16 KB 5ms
4ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.110.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2853e02a76bde16e1ecadeff9c3e25ab72df7989098dcfbcc414d16483c98773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:24:09 GMT
x-content-type-options: nosniff
age: 46149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16080
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:24:09 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.89.woff2
fonts.gstatic.com/s/kleeone/v7/ 17 KB
17 KB 6ms
5ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.89.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ffd1edb2b26f9f7389ebbee43d7492b626c2be7eb6abd8167b69ccfe5926746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:20:53 GMT
x-content-type-options: nosniff
age: 46345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17596
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:20:53 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.116.woff2
fonts.gstatic.com/s/kleeone/v7/ 15 KB
15 KB 5ms
5ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.116.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56bc9a60a76f24fda9ae0488dd6032bc6463d9c238a493eb3f39a7f9e3fd732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:41:42 GMT
x-content-type-options: nosniff
age: 45096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14936
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:41:42 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.99.woff2
fonts.gstatic.com/s/kleeone/v7/ 19 KB
19 KB 5ms
5ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.99.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

567dbd15364152d29102145bef23cb9d8676a7dd84223280c9ec39ca7b64c982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:19:53 GMT
x-content-type-options: nosniff
age: 46405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:19:53 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.104.woff2
fonts.gstatic.com/s/kleeone/v7/ 17 KB
17 KB 3ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.104.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9559f0141f3f65b4cacb4376205d5a64e338496e155989d51ef1cfc7d5073a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:23:48 GMT
x-content-type-options: nosniff
age: 46170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16980
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:23:48 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.114.woff2
fonts.gstatic.com/s/kleeone/v7/ 14 KB
14 KB 3ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.114.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c22366ba83250e52442fc5b95e6942bea6789a1d3042919d7869dacef8420f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:28:48 GMT
x-content-type-options: nosniff
age: 45870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14076
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:28:48 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.90.woff2
fonts.gstatic.com/s/kleeone/v7/ 18 KB
18 KB 5ms
4ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.90.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb59b009ed43d7dd4d849dc8e7c14e970bfeab039d4a8cfd24ab4e4e869c25ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:30:56 GMT
x-content-type-options: nosniff
age: 45742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18516
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:30:56 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.107.woff2
fonts.gstatic.com/s/kleeone/v7/ 16 KB
16 KB 4ms
4ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.107.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f94562802e4dd58c51164f53b071c37e25598d7e3cbeda9e81958200615336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:42:01 GMT
x-content-type-options: nosniff
age: 45077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16428
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:42:01 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.79.woff2
fonts.gstatic.com/s/kleeone/v7/ 18 KB
18 KB 3ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.79.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d28fd46a7714dfe56f9e1f699be8ecc6a344ab5d0e0aea89780d1cc45d2b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:15:25 GMT
x-content-type-options: nosniff
age: 46673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18532
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:15:25 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.87.woff2
fonts.gstatic.com/s/kleeone/v7/ 18 KB
18 KB 4ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.87.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb7bae2696bb35e48300a9794862edfa3d00a9cd483b64924bb3fc9a66908e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:23:24 GMT
x-content-type-options: nosniff
age: 46194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18412
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:23:24 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.92.woff2
fonts.gstatic.com/s/kleeone/v7/ 17 KB
18 KB 3ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.92.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a3aab50ccda303500ebdffd2529654711731d76fb23339a820e1445f0386fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:26:53 GMT
x-content-type-options: nosniff
age: 45985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17892
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:26:53 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.76.woff2
fonts.gstatic.com/s/kleeone/v7/ 17 KB
17 KB 3ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.76.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c748b436dcb6beb5549fc17e14afad3d607e2a6c4c33ef2338d7560a601e700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:22:31 GMT
x-content-type-options: nosniff
age: 46247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17404
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:22:31 GMT

GET
H2 200 LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.112.woff2
fonts.gstatic.com/s/kleeone/v7/ 16 KB
16 KB 3ms
2ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kleeone/v7/LDIxapCLNRc6A8oT4q4FUfemSYiv49tfllrv3pe-KYFKDXn9Sg.112.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23aa2efb05a84e18cf3eeccf7f68f781efd022c905b6c470816778fb34d9a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elfnomori.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:15:08 GMT
x-content-type-options: nosniff
age: 46690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16104
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:15:08 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402220101/ 407 KB
138 KB 113ms
72ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402220101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9822603818833521

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5f2a785caf63a6eb410bcad2ea1fa9e16a44ada1f145c80707e3c642f739d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141145
x-xss-protection: 0
server: cafe
etag: 264180352880224019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:13:18 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B2D3 0
465 B 128ms
79ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&adk=1812271804&adf=3025194257&lmt=1709223198&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=https%3A%2F%2Felfnomori.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198187&bpp=4&bdt=391&idt=214&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4507642813873&frm=20&pv=2&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elfnomori.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 16:13:18 GMT
expires: Thu, 29 Feb 2024 16:13:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E85E 25 KB
10 KB 366ms
329ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=90&slotname=3987105917&adk=1112305553&adf=3086966846&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=2&format=786x90&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198191&bpp=2&bdt=396&idt=240&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c203b207f6ddd4b73cdb58843accfcda631cf86b509539ec73384c3a56b0c8cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elfnomori.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 16:13:18 GMT
expires: Thu, 29 Feb 2024 16:13:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 831A 142 KB
44 KB 380ms
380ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=280&slotname=3987105917&adk=2557355347&adf=457014468&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=3&format=786x280&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198193&bpp=1&bdt=397&idt=319&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C786x90&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=321

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e3c4a9ece98502ef315979212d5b799b513c7ed280bfb797c18afecf91e2cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elfnomori.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44746
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 16:13:18 GMT
expires: Thu, 29 Feb 2024 16:13:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C068 448 B
479 B 51ms
50ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDxhPjDBRj-lO6AAjAB&v=APEucNVoG5zPKQ7YhA0wKlEEoSQQHt3TXNKEnv8dV98LzwLaLKDSk8cBR-n5TSdNyBvZIdZvUyQ59sLsFikss7E-f4jpEb79qA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=90&slotname=3987105917&adk=1112305553&adf=3086966846&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=2&format=786x90&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198191&bpp=2&bdt=396&idt=240&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=90&slotname=3987105917&adk=1112305553&adf=3086966846&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=2&format=786x90&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198191&bpp=2&bdt=396&idt=240&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 16:13:18 GMT
expires: Thu, 29 Feb 2024 16:13:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0EAA 93 KB
33 KB 54ms
53ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:13:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame 0EAA 3 KB
1 KB 62ms
1ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 22:54:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 22:54:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame 0EAA 20 KB
8 KB 60ms
0ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 23:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 23:17:56 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0EAA 207 KB
63 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7efecace0085173f1ee9971a7094a6ed99c5c9489afc6d62c5546e16377861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 15:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64043
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:48:56 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EAA 42 B
63 B 36ms
36ms Image
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXt4jRRke3xM0fUc5bJ84SHwtQ3HpEtzGLajGk-Cm5EdF10-eUX-2ZnMlo69mZ-pdmuIOxR79UK5AyqUkzD8G_vJlleGNPXTqyfTmSZUazlOXEI4I

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C068
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
243 B

71ms
44ms

Image
image/png

216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDxhPjDBRj-lO6AAjAB&v=APEucNVoG5zPKQ7YhA0wKlEEoSQQHt3TXNKEnv8dV98LzwLaLKDSk8cBR-n5TSdNyBvZIdZvUyQ59sLsFikss7E-f4jpEb79qA

Protocol

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Feb 2024 16:13:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C068
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1

43 B
763 B

23ms
23ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDxhPjDBRj-lO6AAjAB&v=APEucNVoG5zPKQ7YhA0wKlEEoSQQHt3TXNKEnv8dV98LzwLaLKDSk8cBR-n5TSdNyBvZIdZvUyQ59sLsFikss7E-f4jpEb79qA
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FGQhnQT1IUJuTcs44gL20oZR9ymSyui2oCDuUIR670yypN1LYm7W57mGh9E4rujV8Xl4zjFfzezEoveaDvi1d7qeUnQcOYyDVyz8VQkmKPa4vruSGsp0IOocNRng13wsP8LGFsWJBeMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85d231a18fc26857-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C068
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeCtHhdaRGwAAFBzAJKH6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1

43 B
731 B

37ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDxhPjDBRj-lO6AAjAB&v=APEucNVoG5zPKQ7YhA0wKlEEoSQQHt3TXNKEnv8dV98LzwLaLKDSk8cBR-n5TSdNyBvZIdZvUyQ59sLsFikss7E-f4jpEb79qA
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pt1xwmaHv92yw0izi2jfn4tjn3y6Y0tsyVUxPHCDKmEvgMLPiYMY51iF4Xi2XMMcPAe63J7%2FE7FJqpkwKayfvkm1wI7o9cnQ6oszdSbR9zTOJJqPdvQoWEAc%2FJwONnk0cZvYSEHeyHhO%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85d231a18fc46857-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGulC3Shb4vLl2xtBbtbFFw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EAA 0
20 B 42ms
42ms Ping
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2889696334271&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EAA 0
20 B 39ms
39ms Ping
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2889696334271&version=m202401290101&ct=76&x=1&cor=16628357095238713000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0EAA 84 KB
38 KB 84ms
83ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2FZFFrXvNPwgpgEJHCK2gQSN2kbRy5fYULawxZPyBhmB2L2KxClcwMSJ0g5NdM1Q2D3OHOFucwjnY3dGWoq9qdYKAFF4HhESs2SMRl-Jtq7VDeDug28ehW70Cqv7TRzZ0jCTENZv7sKuiRc9KlhTd-NrZrMprKSERC5HxCJ_FSB1rUN_WTYNSx8RCxQI3MTlMnkYZrCDXs_bUGVQmpC71m4Qrsw&dbm_d=AKAmf-Dj1Mh2-xCtblkv0bELzuOPk5weIsVt8pQWTo-Bg__9LFHF3zg9Bm0L-MVkS0uHZRqBtkz1IRhS73dSvgdhALgwkRjrOtllReIv5-RwQBcEoUIWRcHCrk6vOJZtXOjafjiRn1qro6KZPvCPk2FD7g-_y5j-S6Ytokoi1lz5FpfmYOaTLaRe9vOvDvCoEENIV8p_RXIu5bP1klAQlrR5MTvuqCPd7Qk3BLIu_7MjyRFpfaP393PqpPiy-HIjsTnMT0MBM36aHIZtvhvz5EqEAQ0XldwF0H_nG1oVbtgfdqayvqNKRHfLHQYACUzQtz6rdq7ec1rn5dwf6ucbVt5oIe3B7mgzo3NKo9-ZgVp3Jm9Nc5FOi22wrZz0NasxJTER--waGBqwIByl7thCWflbUfbMw5j60ZBaQHCXCdxnw58d1OOxlx6Wf5o5SWPNwNd1TCWOc00NhK63_Ct1ytIz8wdNRfKVqrrKHEYEYG1I4jwXCm7dB5zfi2CzBbvMc4MeRCBmmtF7-s49bv5gURAgcQ506ArlApxQ2WBXCdsRbLICDpUPghU52ZSbdurPH22McrBrRmceekRnT5KjKs1VsCb-STiNVWbCQP-Ll04TJVD3L0_ojdCmSvx7ugZ2ktnPPDX65fgk5mrWJuVCnPamfiTHXpltpsoZJv1MO95kJRilHhcZu8fIkGXrSrzIcuuQUOVAslrgwKRgvcMYBolX1TfqcegzIExzoqyXzRPum9d_LtQkJYDX2fE9_7yq66hknmGMnMVqiErQjaS_xeamCPydPFUBMF5tQoejgns9yjfRveZEegLf8IU5XDyTsj4IFTObcC27dC4lGOVwrfRGOkURmOlKD3xkOcmwrqTSCRip8CrgrAp3i-yzwEAm7o-DHSLy1ThyKSJzyRYUl-dCWz5ClMvTvMkSo4aWGylJ5yGAbTo1CzaBgxwxNVvmZ7tKiGk8MM8VKQOlbLvrHjv-SpGfKLy_c1UWGbIFHzJ77U9xCzUkDEeUdxwsMSVKHIJoHqQ9m0e6Xit2K78BQ2xnKdKCcNXBrBAUoWij353tXZ-MR0UZhIF_wdS9YXQU074awyc2dyednbmW-asSmazI9u9XXXUYycPkNE73Cm0PeImXjnucJgW9WHaqXvh1oHhwJOv_sdcJRtZWR4Z6v1Pr1reCDym5YVKoaCfAVV-S2WaE-uXB3VoZZHGFpbJT3vMekZ4j1lAGZ4vTyCgkff989U9UEH8w9DxniUGbYkID6Z37wH_34zlvt--OxP96ZQ95DJ4XPE_xpbCbvgKzwpAhnOr3fCJ189ELNqMd3xDzYnBHRSm3G92dCol6re70G97iFO1RzSsRVomM_bNC-UL1CMnLuGjzsZnGVcgrKDCdk51kALmPBpwDtylEh28d391u88nAUgFEVgAE7zSqT8vanJp5HAuy_tGB-tp0VZ4ZiZcgIrJIwNaMmHoEfY5pbH79VqbXqaZOEyfMOu2SoGags2QRo0qoI7kn2fX3rZYrKjviHe7hRD2PEtWQOPIia8WwCoi7ATP1MlCk0Xm2PVOeeoNxJe9WVAimeA4cBbiWtvZm62AtIPhm7ceLXFnLxTos9vyyaah-yGFqmSgNl3ippYC2Q16n9GgFC3CWt39voH43kjSyeEa4EUUKJjHw4gopoEbNWshctxGqt2QLuy5n7ip0Dg7XnK2tC2SGcQcPfQW6L6wyiGklKYR1uY28PFkVz9hyFfQTSKIe1WTUMG1ifR3xgdc9i4zOfVpn57jESmniCVLOxjlGm2inBPaczs0qKiE8Cve9wrekevJln5Fkn56diuqdaH40W-ZrmQHG0wS0pUANy7mO1ISnyHT86dOtJm8M-L1UzjYSPSGczUAE4kX8TL6VUXcK631Obr6qMjDQItDzYEArdYd--X2t93hbhCKs2qVJ8vu9cme9jU_WcEV6p-YIEgFYPbnOwQODTIJT2BtuSZSZ6uPDjEf3lhdg1s914DJ5GCnqT3gAmrjRVyfLpjUltR8-C2Aaid6HuieMU5pstHweXJ_q051RacInKkjvCLX5Pfagfkaad2QjG6glT-ZbuNzYJQu_Ud7isd81MlE-PZZ2tYwGPp8wpv0a9_5GH4LQrBRZsZqOHE9N4w_mGM3iq5gC_ZDkeZTCaxTHsAYEGd3OZ4ezvVEVzeoW0iW4PPzAhkiyBlCqF4X3On43kHLHoLNxPOnwvICJ2QxScuAT2W0tscM6_hIx0NWVdapLMPwQMhFnvVmRM23pw-eUzQhSpqxSrL678zHZ3F2F1x2UY-5bE1Bb_t1Yr8EquVEfF19J97Im1r6A5iubYQFde0dyR5OKCRsAAnWDiVbzr7Ln60qP4nUPDfcj4iVCSCIYFU07Yk58yTisbQek6d_s9_E3gwFkcb-EdRU73RgETtsLKJ1PngSvPEkalRTze6X6t6hR60R1MVjdedefDvO59wqXkMNfzLGoo0UaVcFVpZP_ZYL6P5GafQcRgRP_xTCgN1zD-hQ3ippb3y6n6-Z0lxZ0gO2tWTTMMz-pvZCNfnM7fchRHdcvjVB_6SSR6_p2n_MP46f08Txc-fRhNk0Nwsi65Fs2DfiZIb1JtUw_CxteBqEob_BrNBe4RHecSZTnTQ1W7znOLqtwEUBeSa_D2RzgBO3dH2l1rBv1kOlxSbJ3WUu6cOQJWvdbh1J-qPx7ulJv1j9euv-oIrgV56tdki4JUmh4X3MMkw0FNFr60nOt5YcIL6-zPMEa6cgAe_sQ16TNkzusOGlWt3aQkHm3s0GObjsoZVraIitnchIdQQw8rOvdUqFhobTuhIogRUNQrYfRAIW8q_QgEy0oES26fRtAX4Yg2xXkXz5rRosdTIOut65058XeQ3YNdXS0nvzE9C4874WwJDy4okfPi91llZfY1URJmZ71Nr7EFw9OPMYaBs5_OtSVIGPHCu8EfV9IPYfqMUnJC6ZaKE-kXYDyQiV-vPU30soQvmXrDfzxgebvYpj8zZk06SYAZQojSxvGZlJp5SSwMAfmo80_BhvJk2tRlPvebPMLmqI8ZNaPjXqbH3_ooYJRILsJcb5ITZwhgWnu6rr7PBAlIph3Nt9rquhRXt80aQlkwJ8_vVHZoGbc2sU5fwZxMLLFYYfanbA-jJSxFj_goxW7gyfSKZHo1cPxR8j8OoAN2kgyO02_c9ihDgmnNUlubJ0BIPjdQ8mRkSwTByKMlvwD9l5p4nsjVGC2WKQaV9daFlr-aH_FQMmfPLsIfgWkGHP8v0qApc959WIIlDR3rsK5veulgut0fm9IFVPJSHswzIfj98jHSYk88AHrlxLHcahCLSfAwSmbJX2_oqPG7rUIjK0rZfYDTD7d-LEsiIDBCcqlGLY9glv6uSHBu7ab42HNlbLa9jpb1WHYl6L40XJnGF-gbvisKpx87Gfe7rhbmLC6IVGIkly9axvazQ8nT5P8fwVcxbZaZdcTZ79UX1ExYrhUOBFqqzCyeKsSjroV3KDHplFnf6fwi_fy3pXcKQtMR3a2YfMGZJEGqdGuZ9GLirR5m_CJ9qXxN84PNygMqpyZobV3QdpZgWdG0dnkWhZeDlHEkzz0jHZ0s3xoQ4iUutjnRuDy4uDRcNMmq6sneOlQm2d_6_sQ6xQP8r2y0Y7XuGMqYfzilrxKit7m9G9AZW9fvAdZM0qP6r2BIvBpFBbn-og3Ecmh9pDOx69LYjEixsYaQKrggRz4Lk2Pwbc90Q2h0XRpxQXbak2KtsdvztdVN24Q6mW8Sx8&cid=CAQSTgB7FLtqwebqFmZgCojY5IIBlBf_BYyAjjrIvAfg1NL6sBTQTeUkOvEcsAVXvucOGK5vTuIU5Bg2_faFyObycHXL-vNCxHifUKmOY8HwfhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Felfnomori.com%2F&ds=l&xdt=1&iif=1&cor=16628357095238713000&adk=2307692974&idt=61&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28fb922851c41b4c358122f4e69f3a83d0248af4f08256da3f964034930e2b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=90&slotname=3987105917&adk=1112305553&adf=3086966846&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=2&format=786x90&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198191&bpp=2&bdt=396&idt=240&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39278
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 831A 261 B
372 B 42ms
40ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%EF%BC%8D%E6%9C%80%E5%A4%A79mueT0%EF%BC%85%E3%82%AA%E3%83%95

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=280&slotname=3987105917&adk=2557355347&adf=457014468&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=3&format=786x280&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198193&bpp=1&bdt=397&idt=319&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C786x90&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75d1cfcdec499d99051c5c44627e79c59baeec67e72ea326e2e4a5ac2dd19412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 16:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 16:13:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 16:13:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 831A 4 KB
728 B 44ms
43ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 16:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 14:17:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 16:13:18 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame 831A 2 KB
875 B 3ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 23:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 23:17:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/ Frame 831A 23 KB
9 KB 6ms
4ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 22:54:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 22:54:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame 831A 3 KB
1 KB 7ms
5ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 22:54:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 22:54:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame 831A 20 KB
8 KB 5ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 23:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 23:17:56 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 831A 207 KB
63 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7efecace0085173f1ee9971a7094a6ed99c5c9489afc6d62c5546e16377861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 15:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64043
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:48:56 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 831A 36 KB
15 KB 45ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 09:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 29 May 2024 09:15:02 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 831A 25 KB
25 KB 54ms
4ms Image
image/jpeg 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSpRcF3py6F4PgZyjm1XKcOYxq5DK-thQlW5qsl38Wj-KlUkul3S2dSHMREstI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91525d4d85e0e1041498d78cda38158923a18b1659bbd1c99a0a35e348eae132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:29:20 GMT
x-content-type-options: nosniff
age: 45838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25127
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 04:04:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Feb 2025 03:29:20 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 831A 19 KB
20 KB 53ms
3ms Image
image/jpeg 2404:6800:4004:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQpQ8jjDiaXdlnZU9qF9990nNROdhMRkmmYQ9DU3f3qEyZw47o3nBjlg84xPn8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df92dfbb762ab8c9434461fa56c27b99b030edbe1532bed10e55dbd53cea024c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:19:41 GMT
x-content-type-options: nosniff
age: 46417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19591
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 04:47:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Feb 2025 03:19:41 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 831A 25 KB
26 KB 52ms
2ms Image
image/jpeg 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTHY5Gb3Te-SGLYdfcs9LCIl4m9tuMHAZ4Mx6eyRab6igijY0aWFP10SZ4ooA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddf527b6f51467e3acbc4f5a2991d0f5c3bb4ee5779ea9dde4abbf75def49bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:35:13 GMT
x-content-type-options: nosniff
age: 45485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25726
x-xss-protection: 0
last-modified: Sun, 01 Oct 2023 05:00:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Feb 2025 03:35:13 GMT

GET
H2

200

12589505205993449889
tpc.googlesyndication.com/simgad/ Frame 831A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCW46TzmgEQsAkYsAkyCCtyDyDi_3UE
https://tpc.googlesyndication.com/simgad/12589505205993449889

77 KB
78 KB

3ms
1ms

Image
image/png

2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12589505205993449889

Requested by

Protocol

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 03:19:03 GMT
date: Thu, 29 Feb 2024 03:19:03 GMT
x-content-type-options: nosniff
age: 46455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 03:43:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Wed, 28 Feb 2024 18:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 78720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12589505205993449889
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 29 Mar 2024 18:21:18 GMT

GET
DATA 200
OK truncated
/ Frame 831A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9780232b948d9ebd9e752ce5ed91f6e52d1f2ae6c2f2928c52b9d320e769120a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 831A 21 KB
21 KB 4ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:35:34 GMT
x-content-type-options: nosniff
age: 45464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:35:34 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 831A 3 KB
3 KB 6ms
5ms Font
text/html 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj757AzoQG7KX6FF3k70TOtbm0-4rSfZScQi7Qgg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%EF%BC%8D%E6%9C%80%E5%A4%A79mueT0%EF%BC%85%E3%82%AA%E3%83%95

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d43b0ed66d2a4b8b3c420ef0e10f24e34b29af524657a8d06dd87f3da235f15a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 13:15:12 GMT
x-content-type-options: nosniff
age: 10686
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2744
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 29 Feb 2024 13:15:12 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 831A 20 KB
20 KB 4ms
4ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:23:37 GMT
x-content-type-options: nosniff
age: 46181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:23:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 831A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CnEBJHq3gZamdIcOept8Pk-qsyAnE2-r-dcOo8tqeErOQHxABIOe00QxgifPFhPQToAGhwJjxKMgBCakCM39iC6ungj6oAwHIA8sEqgTMAU_Qtm67EEbUVzsduxhw81VvIfj9LhnUZiREsST...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5dc15064ca7195550000000000000000%22,%222%22:%220x736640ccad0d286e0000000000000000%22,%223%22:%220xdb0fc7...

0
0

76ms
39ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5dc15064ca7195550000000000000000%22,%222%22:%220x736640ccad0d286e0000000000000000%22,%223%22:%220xdb0fc7c9f6ffe8d40000000000000000%22,%224%22:%220x9d9591d021969f400000000000000000%22,%225%22:%220xa89e38506bee54860000000000000000%22},%22debug_key%22:%225237338352469822013%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2202-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229733636855687847585%22}&andc=true

Requested by

Host: elfnomori.com
URL: https://elfnomori.com/

Protocol

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5dc15064ca7195550000000000000000","2":"0x736640ccad0d286e0000000000000000","3":"0xdb0fc7c9f6ffe8d40000000000000000","4":"0x9d9591d021969f400000000000000000","5":"0xa89e38506bee54860000000000000000"},"debug_key":"5237338352469822013","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["02-29"],"6":["true"]},"priority":"500","source_event_id":"9733636855687847585"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Feb 2024 16:13:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Feb 2024 16:13:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5dc15064ca7195550000000000000000","2":"0x736640ccad0d286e0000000000000000","3":"0xdb0fc7c9f6ffe8d40000000000000000","4":"0x9d9591d021969f400000000000000000","5":"0xa89e38506bee54860000000000000000"},"debug_key":"5237338352469822013","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["02-29"],"6":["true"]},"priority":"500","source_event_id":"9733636855687847585"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 55A0 51 KB
20 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 03:28:23 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/ Frame 0EAA 30 KB
11 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2FZFFrXvNPwgpgEJHCK2gQSN2kbRy5fYULawxZPyBhmB2L2KxClcwMSJ0g5NdM1Q2D3OHOFucwjnY3dGWoq9qdYKAFF4HhESs2SMRl-Jtq7VDeDug28ehW70Cqv7TRzZ0jCTENZv7sKuiRc9KlhTd-NrZrMprKSERC5HxCJ_FSB1rUN_WTYNSx8RCxQI3MTlMnkYZrCDXs_bUGVQmpC71m4Qrsw&dbm_d=AKAmf-Dj1Mh2-xCtblkv0bELzuOPk5weIsVt8pQWTo-Bg__9LFHF3zg9Bm0L-MVkS0uHZRqBtkz1IRhS73dSvgdhALgwkRjrOtllReIv5-RwQBcEoUIWRcHCrk6vOJZtXOjafjiRn1qro6KZPvCPk2FD7g-_y5j-S6Ytokoi1lz5FpfmYOaTLaRe9vOvDvCoEENIV8p_RXIu5bP1klAQlrR5MTvuqCPd7Qk3BLIu_7MjyRFpfaP393PqpPiy-HIjsTnMT0MBM36aHIZtvhvz5EqEAQ0XldwF0H_nG1oVbtgfdqayvqNKRHfLHQYACUzQtz6rdq7ec1rn5dwf6ucbVt5oIe3B7mgzo3NKo9-ZgVp3Jm9Nc5FOi22wrZz0NasxJTER--waGBqwIByl7thCWflbUfbMw5j60ZBaQHCXCdxnw58d1OOxlx6Wf5o5SWPNwNd1TCWOc00NhK63_Ct1ytIz8wdNRfKVqrrKHEYEYG1I4jwXCm7dB5zfi2CzBbvMc4MeRCBmmtF7-s49bv5gURAgcQ506ArlApxQ2WBXCdsRbLICDpUPghU52ZSbdurPH22McrBrRmceekRnT5KjKs1VsCb-STiNVWbCQP-Ll04TJVD3L0_ojdCmSvx7ugZ2ktnPPDX65fgk5mrWJuVCnPamfiTHXpltpsoZJv1MO95kJRilHhcZu8fIkGXrSrzIcuuQUOVAslrgwKRgvcMYBolX1TfqcegzIExzoqyXzRPum9d_LtQkJYDX2fE9_7yq66hknmGMnMVqiErQjaS_xeamCPydPFUBMF5tQoejgns9yjfRveZEegLf8IU5XDyTsj4IFTObcC27dC4lGOVwrfRGOkURmOlKD3xkOcmwrqTSCRip8CrgrAp3i-yzwEAm7o-DHSLy1ThyKSJzyRYUl-dCWz5ClMvTvMkSo4aWGylJ5yGAbTo1CzaBgxwxNVvmZ7tKiGk8MM8VKQOlbLvrHjv-SpGfKLy_c1UWGbIFHzJ77U9xCzUkDEeUdxwsMSVKHIJoHqQ9m0e6Xit2K78BQ2xnKdKCcNXBrBAUoWij353tXZ-MR0UZhIF_wdS9YXQU074awyc2dyednbmW-asSmazI9u9XXXUYycPkNE73Cm0PeImXjnucJgW9WHaqXvh1oHhwJOv_sdcJRtZWR4Z6v1Pr1reCDym5YVKoaCfAVV-S2WaE-uXB3VoZZHGFpbJT3vMekZ4j1lAGZ4vTyCgkff989U9UEH8w9DxniUGbYkID6Z37wH_34zlvt--OxP96ZQ95DJ4XPE_xpbCbvgKzwpAhnOr3fCJ189ELNqMd3xDzYnBHRSm3G92dCol6re70G97iFO1RzSsRVomM_bNC-UL1CMnLuGjzsZnGVcgrKDCdk51kALmPBpwDtylEh28d391u88nAUgFEVgAE7zSqT8vanJp5HAuy_tGB-tp0VZ4ZiZcgIrJIwNaMmHoEfY5pbH79VqbXqaZOEyfMOu2SoGags2QRo0qoI7kn2fX3rZYrKjviHe7hRD2PEtWQOPIia8WwCoi7ATP1MlCk0Xm2PVOeeoNxJe9WVAimeA4cBbiWtvZm62AtIPhm7ceLXFnLxTos9vyyaah-yGFqmSgNl3ippYC2Q16n9GgFC3CWt39voH43kjSyeEa4EUUKJjHw4gopoEbNWshctxGqt2QLuy5n7ip0Dg7XnK2tC2SGcQcPfQW6L6wyiGklKYR1uY28PFkVz9hyFfQTSKIe1WTUMG1ifR3xgdc9i4zOfVpn57jESmniCVLOxjlGm2inBPaczs0qKiE8Cve9wrekevJln5Fkn56diuqdaH40W-ZrmQHG0wS0pUANy7mO1ISnyHT86dOtJm8M-L1UzjYSPSGczUAE4kX8TL6VUXcK631Obr6qMjDQItDzYEArdYd--X2t93hbhCKs2qVJ8vu9cme9jU_WcEV6p-YIEgFYPbnOwQODTIJT2BtuSZSZ6uPDjEf3lhdg1s914DJ5GCnqT3gAmrjRVyfLpjUltR8-C2Aaid6HuieMU5pstHweXJ_q051RacInKkjvCLX5Pfagfkaad2QjG6glT-ZbuNzYJQu_Ud7isd81MlE-PZZ2tYwGPp8wpv0a9_5GH4LQrBRZsZqOHE9N4w_mGM3iq5gC_ZDkeZTCaxTHsAYEGd3OZ4ezvVEVzeoW0iW4PPzAhkiyBlCqF4X3On43kHLHoLNxPOnwvICJ2QxScuAT2W0tscM6_hIx0NWVdapLMPwQMhFnvVmRM23pw-eUzQhSpqxSrL678zHZ3F2F1x2UY-5bE1Bb_t1Yr8EquVEfF19J97Im1r6A5iubYQFde0dyR5OKCRsAAnWDiVbzr7Ln60qP4nUPDfcj4iVCSCIYFU07Yk58yTisbQek6d_s9_E3gwFkcb-EdRU73RgETtsLKJ1PngSvPEkalRTze6X6t6hR60R1MVjdedefDvO59wqXkMNfzLGoo0UaVcFVpZP_ZYL6P5GafQcRgRP_xTCgN1zD-hQ3ippb3y6n6-Z0lxZ0gO2tWTTMMz-pvZCNfnM7fchRHdcvjVB_6SSR6_p2n_MP46f08Txc-fRhNk0Nwsi65Fs2DfiZIb1JtUw_CxteBqEob_BrNBe4RHecSZTnTQ1W7znOLqtwEUBeSa_D2RzgBO3dH2l1rBv1kOlxSbJ3WUu6cOQJWvdbh1J-qPx7ulJv1j9euv-oIrgV56tdki4JUmh4X3MMkw0FNFr60nOt5YcIL6-zPMEa6cgAe_sQ16TNkzusOGlWt3aQkHm3s0GObjsoZVraIitnchIdQQw8rOvdUqFhobTuhIogRUNQrYfRAIW8q_QgEy0oES26fRtAX4Yg2xXkXz5rRosdTIOut65058XeQ3YNdXS0nvzE9C4874WwJDy4okfPi91llZfY1URJmZ71Nr7EFw9OPMYaBs5_OtSVIGPHCu8EfV9IPYfqMUnJC6ZaKE-kXYDyQiV-vPU30soQvmXrDfzxgebvYpj8zZk06SYAZQojSxvGZlJp5SSwMAfmo80_BhvJk2tRlPvebPMLmqI8ZNaPjXqbH3_ooYJRILsJcb5ITZwhgWnu6rr7PBAlIph3Nt9rquhRXt80aQlkwJ8_vVHZoGbc2sU5fwZxMLLFYYfanbA-jJSxFj_goxW7gyfSKZHo1cPxR8j8OoAN2kgyO02_c9ihDgmnNUlubJ0BIPjdQ8mRkSwTByKMlvwD9l5p4nsjVGC2WKQaV9daFlr-aH_FQMmfPLsIfgWkGHP8v0qApc959WIIlDR3rsK5veulgut0fm9IFVPJSHswzIfj98jHSYk88AHrlxLHcahCLSfAwSmbJX2_oqPG7rUIjK0rZfYDTD7d-LEsiIDBCcqlGLY9glv6uSHBu7ab42HNlbLa9jpb1WHYl6L40XJnGF-gbvisKpx87Gfe7rhbmLC6IVGIkly9axvazQ8nT5P8fwVcxbZaZdcTZ79UX1ExYrhUOBFqqzCyeKsSjroV3KDHplFnf6fwi_fy3pXcKQtMR3a2YfMGZJEGqdGuZ9GLirR5m_CJ9qXxN84PNygMqpyZobV3QdpZgWdG0dnkWhZeDlHEkzz0jHZ0s3xoQ4iUutjnRuDy4uDRcNMmq6sneOlQm2d_6_sQ6xQP8r2y0Y7XuGMqYfzilrxKit7m9G9AZW9fvAdZM0qP6r2BIvBpFBbn-og3Ecmh9pDOx69LYjEixsYaQKrggRz4Lk2Pwbc90Q2h0XRpxQXbak2KtsdvztdVN24Q6mW8Sx8&cid=CAQSTgB7FLtqwebqFmZgCojY5IIBlBf_BYyAjjrIvAfg1NL6sBTQTeUkOvEcsAVXvucOGK5vTuIU5Bg2_faFyObycHXL-vNCxHifUKmOY8HwfhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Felfnomori.com%2F&ds=l&xdt=1&iif=1&cor=16628357095238713000&adk=2307692974&idt=61&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:28:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 9162932350781899495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 03:28:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/ Frame 0EAA 12 KB
4 KB 4ms
4ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 21:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 21:13:38 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0EAA 0
0 135ms
54ms Fetch
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxVPMvqSbQ3gZX96tWMGGg6PvR3ZBsIEVeno_86XcBFGAuF5XQ3qDY95cNn9gq85GIN4onw6HK7bLg28E1smfM4VJuiovu-Q6baRG6YwD3p9_C77_WePRxEusAaYNqi-m6n-3z5FXpv6NxtAAviAAOdz0PoZwmBulwhsPix6BTCvtvpywPS3kMR5h4ReGf5FdV4lyHsFrEKL1vAGrBSGnqhrNrYe3znMLSSr6E2UrRUmPQwBLuRaJLN8opYvG10Ok6yzI8JQKtSFPThtVMZ3Opnr3HKtMfD1vxL0RWzOF2vLUQNJL5Xz9VLKsD3Zbf3imGRKoYipaQCJ9zaEdTr-ZrOusGmnYwNW-yaPel0X0JjN8_ITSlTYL2CXfKmTPUVT0rvXn4XTmiCMO9sdky8YknyfUcPFn4o5NWM5tU78wXsQA0dPARhlC4RDYUfgmGffeFj5z747aiDrpHizSqpMN6Ogwe84HcQiF813UeM93bJ_RRpCiy1wqQmkCLmKIkLPrfWrSD9xXHZYdmTOVMVsqvcNnjnf-ZtAJ93Id8Btfe8GNKPGUQynS1HJQDDSw2muVlqQqrI1I7fTfDfgu9b13mywauV3lCrkQJqh61PHygtHyPaJYt7a5lsvVnxQDgocF7qerXD39ywW7R3bxxucmveM8TKbuHpIWlybsK9iqAQeR6zgHRjMHiktJuBVCaOv_bP4m1kxt-iGdOYF0xhJ6eClkNCnJKcekZMaOjBMjjxRr3BtitKuT-Md_P5XideuEu3boaMAM1ODWumTyMaQRfKke6l1DMyGKB10lCg3Uca8c7LMsrJ7T2kSa_L8V5--nsHaqy6MmZmESESJKxmXwBEDkepow9v1cwF2G_QaCVcMis7jUmDodJ2YMlruov8bz8kOIy3aqD64zsnP70fvblRAR204iy2ciqs0hxf9thc4xzwSik-3IdwBvcW1nBYAdv7jQx5V4IUGdQlnUcjObCiriWbp4sjTfOyWc4IDIVGrPN0H7PzpEciZNF8jZe9xwhbIuJtmhk9kPWbWfpoaL2V1ihbuyGkf8GfhfCEyWy2MX3rzAo5Uj-0zLd7ImSS79f4DfWj8McrtxATC5VVi-JNm_bvkG7pIdz8zky1ni-R72jIDe8MjiUnTYp-52qVGGc7_wBtWXOJtqMgQr8ZX-4ThVc2ng4CpjCXF9W1KJVc8jcnC9fEW66ZSXEMQKmkq-h3To9O77xRLpeXmhfuldWbxtpbbUfm5-B_Z_3YGSQux_PSIM1-XiBPpAnIOyVwGqhIAulFBBNnOTVlBALI5ivtpkjVXfVFfj_6rq1zAYFhw&sai=AMfl-YRNRl4nO-ySBsrOFA9Dclb4NwRChtX_XIbp5DtrBd1goQPBBoVWileQHdM5BXbL59-R92GRu29zI82NY_rdL_FUEBFCepROoMo53Qi_35enqUfyL5fNvxljnKNoThPaSd3e6ksow9LBs43xG15CIIpHBSmPY0XztOGbM6UxVrqE2jPuXzaZQs4Tmeuk76EkfXVGgKKoK9DQoyZOx5luugQBRkp30fcFXI0VV5DDQq3b5wzrbQyO15wMTgPFMsr17E-TS7bdFDQVcpVP6a3zXZ4PJn_ZXlKTQMh2XA&sig=Cg0ArKJSzGBmz60g4Z3FEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240226.44597&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Feb 2024 16:13:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:13:19 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 0EAA 22 KB
8 KB 189ms
171ms Script
text/javascript 13.249.160.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=31047793&js=st0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-129.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

9d87f960aa0c560cf8feb32f6579078cef2da3166cc8c4fd97eaba17ab954b37

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c09ba1505414c7a02a44c3ab16ef8350.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: NRT12-C3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7397
x-xss-protection: 1; mode=block
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: XqwLJ-3R0oYUbHcA9UtV4k81_kKTCf6a0pGA4Dr3Q9-38YsdpYxyew==
expires: Thu, 29 Feb 2024 17:13:19 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0EAA 41 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:29:44 GMT

GET
H2 200 11259655254020187370
s0.2mdn.net/simgad/ Frame 0EAA 60 KB
60 KB 83ms
2ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11259655254020187370

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56abc4bd51553918766ea48d27913e544d4106301344fb4db3b37d648184f530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 16:12:00 GMT
date: Thu, 29 Feb 2024 16:12:00 GMT
x-content-type-options: nosniff
age: 79
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61100
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 06:58:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dcm
beacon.sojern.com/imp/ Frame 0EAA 42 B
199 B 85ms
76ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dcm?auc=ABAjH0jPtq3bUHZ4C0A4j9vVWKl_&io=1014602904&li=20715140042&cr=538675838&io=1014602904&seg=&src=https://elfnomori.com/&ord=%c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822603818833521&output=html&h=90&slotname=3987105917&adk=1112305553&adf=3086966846&pi=t.ma~as.3987105917&w=786&fwrn=1&fwrnh=100&lmt=1709223198&rafmt=2&format=786x90&url=https%3A%2F%2Felfnomori.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709223198191&bpp=2&bdt=396&idt=240&shv=r20240227&mjsv=m202402220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4507642813873&frm=20&pv=1&ga_vid=1460463350.1709223198&ga_sid=1709223198&ga_hid=394624536&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=209&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95325257%2C44795922%2C95322747%2C95325753%2C95322180%2C95324161&oid=2&pvsid=4263116851637218&tmod=362448372&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:19 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
DATA 200
OK truncated
/ Frame 0EAA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0ca4ab45c47467c9073060c518dd1a46f720978a85ecc3491395145ddff25fd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 85ms
41ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 16:13:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C1E3 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 45209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 03:39:50 GMT
expires: Fri, 28 Feb 2025 03:39:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C1E3 51 KB
20 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 03:28:23 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0EAA 0
0 45ms
45ms Fetch
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxVPMvqSbQ3gZX96tWMGGg6PvR3ZBsIEVeno_86XcBFGAuF5XQ3qDY95cNn9gq85GIN4onw6HK7bLg28E1smfM4VJuiovu-Q6baRG6YwD3p9_C77_WePRxEusAaYNqi-m6n-3z5FXpv6NxtAAviAAOdz0PoZwmBulwhsPix6BTCvtvpywPS3kMR5h4ReGf5FdV4lyHsFrEKL1vAGrBSGnqhrNrYe3znMLSSr6E2UrRUmPQwBLuRaJLN8opYvG10Ok6yzI8JQKtSFPThtVMZ3Opnr3HKtMfD1vxL0RWzOF2vLUQNJL5Xz9VLKsD3Zbf3imGRKoYipaQCJ9zaEdTr-ZrOusGmnYwNW-yaPel0X0JjN8_ITSlTYL2CXfKmTPUVT0rvXn4XTmiCMO9sdky8YknyfUcPFn4o5NWM5tU78wXsQA0dPARhlC4RDYUfgmGffeFj5z747aiDrpHizSqpMN6Ogwe84HcQiF813UeM93bJ_RRpCiy1wqQmkCLmKIkLPrfWrSD9xXHZYdmTOVMVsqvcNnjnf-ZtAJ93Id8Btfe8GNKPGUQynS1HJQDDSw2muVlqQqrI1I7fTfDfgu9b13mywauV3lCrkQJqh61PHygtHyPaJYt7a5lsvVnxQDgocF7qerXD39ywW7R3bxxucmveM8TKbuHpIWlybsK9iqAQeR6zgHRjMHiktJuBVCaOv_bP4m1kxt-iGdOYF0xhJ6eClkNCnJKcekZMaOjBMjjxRr3BtitKuT-Md_P5XideuEu3boaMAM1ODWumTyMaQRfKke6l1DMyGKB10lCg3Uca8c7LMsrJ7T2kSa_L8V5--nsHaqy6MmZmESESJKxmXwBEDkepow9v1cwF2G_QaCVcMis7jUmDodJ2YMlruov8bz8kOIy3aqD64zsnP70fvblRAR204iy2ciqs0hxf9thc4xzwSik-3IdwBvcW1nBYAdv7jQx5V4IUGdQlnUcjObCiriWbp4sjTfOyWc4IDIVGrPN0H7PzpEciZNF8jZe9xwhbIuJtmhk9kPWbWfpoaL2V1ihbuyGkf8GfhfCEyWy2MX3rzAo5Uj-0zLd7ImSS79f4DfWj8McrtxATC5VVi-JNm_bvkG7pIdz8zky1ni-R72jIDe8MjiUnTYp-52qVGGc7_wBtWXOJtqMgQr8ZX-4ThVc2ng4CpjCXF9W1KJVc8jcnC9fEW66ZSXEMQKmkq-h3To9O77xRLpeXmhfuldWbxtpbbUfm5-B_Z_3YGSQux_PSIM1-XiBPpAnIOyVwGqhIAulFBBNnOTVlBALI5ivtpkjVXfVFfj_6rq1zAYFhw&sai=AMfl-YRNRl4nO-ySBsrOFA9Dclb4NwRChtX_XIbp5DtrBd1goQPBBoVWileQHdM5BXbL59-R92GRu29zI82NY_rdL_FUEBFCepROoMo53Qi_35enqUfyL5fNvxljnKNoThPaSd3e6ksow9LBs43xG15CIIpHBSmPY0XztOGbM6UxVrqE2jPuXzaZQs4Tmeuk76EkfXVGgKKoK9DQoyZOx5luugQBRkp30fcFXI0VV5DDQq3b5wzrbQyO15wMTgPFMsr17E-TS7bdFDQVcpVP6a3zXZ4PJn_ZXlKTQMh2XA&sig=Cg0ArKJSzGBmz60g4Z3FEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=90&vt=11&dtpt=89&dett=2&cstd=0&cisv=r20240226.44597&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Feb 2024 16:13:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1E3 0
20 B 43ms
43ms Image
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzF5QHq3gZZDROPHLvcAPlbuMiAkAAAAAOAHgBAI&bg=!vb6lvvHNAAaCCwxOogs7ADQBe5WfOBk9_GmyRMsB9HCIUZTL7TNHDOLCZbrX2ja3rCuxZBoa3wmCTNLqbWbicU5X4CAwAgAAADtSAAAABGgBB5kC_lJRL6kJtreqb1x3mMGz02jt2599zbBvPLx4NOpL-AcdXwNdQKPY80m4DD6aMZx9F3jbww4NmdIVhVqDxg5-PZDdyiEeAxSqvvh1kjyo9J09P9QDdY-gBotj90zjm7otJ7qbGHMUhpyWiF2oUPmguZQrTDEe7OK7VViZx5fJt4MYvXsrf3hNYEdWECksjLzFFV6CAMfL_ChnMdNza2qsH07W1AiaZXxnM5_lk0vzMsGtLbO5UcqyFamxlncF7GpX1fkSb2fkDV8y4wwAhcPR1OQ6BbAfrN8Jo9zzibqEm7a1xoE5h_CYX3AnVZbUqZ2uD4K03kYOuCkQOGUwvtKM7js4oAEo4dCX2DgUXksw3P115cJWNmCAwcgtA1kGU1uGWJOHi0lcAjW5FwaQGFg2Moa_BPlDaAegK8wnwll528c3EyG8J2X7Kv47rDB_4DsoH28Ft4YnrWynHXOUnibItf8Vrjhjn3YD0AHhpT_M355c_OaCWY9HCgiFMhtV-D1B9jwqR-El_9_1XqX5i37xpWEGCVudhXFWooX9Jxpvg-iSkPWbf9lYXVkIPvdhFvLRIKyf1fbP_hqwoLfs-ZjTrX7WgRx0Wq7hGEWZa5cjcPW82q_6MjYvPJ8hyd1iYi07laoV-tFDRU9G66JOY7Y1Go-_x4DVZzGhtyTJSj89_QhohebWcbeXsMOJb3pvxjDgkahQVaiL5RgXcazYXonE-nw05_FK96z8YQtK4eo22diAVEpSbpTnNRTQYpBDlfbJbXoYj8NaZlGB11V4f8sE5botB7vOc7LCvB6tYHcE27tCVur-aF092uQvZl1qvJXClyIkN8cJjhtnGEyOwnSrd2R0Ek9gxflEtTkGOW7Hwjq19tOEAWiYtwnNOSCdfo_gjS3aHNbkkk-6EGzdabhVc1sQpCzevnwHQu1HK84XQDD0NCx7_2wCIchUNDBCYeIfXzJM7Si14BjlMnVdrUGcIkx9dbfrzthkaKoHDY_GuaZlffbAhtnMkk2yXw3QqYA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 55ms
54ms XHR
application/json 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240227&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d8660200b43f7d33a67d634425dd4aa612da57c5fe425b1a8d45f0921c02987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12431
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 16:13:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7203 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elfnomori.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 38493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 05:31:46 GMT
expires: Fri, 28 Feb 2025 05:31:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E6D4 829 B
1 KB 94ms
46ms Document
text/html 2404:6800:4004:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

158629b6169ff37aea4b25ab6022e70ea17f645cee3c7f726130cc67d19ecbc7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TIRMVUZqXsB63WxBxu9RDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://elfnomori.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TIRMVUZqXsB63WxBxu9RDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 16:13:19 GMT
expires: Thu, 29 Feb 2024 16:13:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7203 40 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 03:25:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7203 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z6jMpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E6D4 0
0 39ms
39ms Image
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240227&jk=4263116851637218&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240227&jk=4263116851637218&bg=!sbKlsv3NAAauXHXJjlw7ADQBe5WfOBizTRGDDSjALvrR60ijxPfSIFxVZbhfdcQvG8bLiOdAvrubqg8LxlmqhFkkqYQGAgAAADhSAAAAA2gBBwoAney1UtzXEQIEg-n2mxrSxd9vr3XGOX4Tu-USANDAkn0e0nbUE7HPVjLAJwR3l2Ft7LMYzFTgYHQoBHtI2_PSTFCvqkxJ2gxQ9KGkFmLY44aItzpO0CnVa4hVAJhM4fsN-pBkg2HnRadzLze_OdxuH5oXIMk1RJlDzCYWF00l9EW-gOiPArQZ6Upnbk_ISqvfVztDBZtMbcbxMTMSB6GZArU0_dmLw6J-DVftMdYq8VtG01gYLqYPB31MMGBtKUF0cw6lhoin03HOrZluw7OU3EMy2BUhCkBewcJiaKJ02M20DlguZ8JXq0KcpjZXddIOgRS00RlC6M5oey1TlmicdWu5KO_E37nW46UzvIxs2h4JM_DGmhmfvX3ADpHOyjgN3xQQFcFqetrHwEiYNvXR2ruul9B5EC3VGl6xCUEGSPhdkB0sB0TD9lWMw5_ebaBvro-vr9uJHoDewl_lKCjE2tj9thD8wA7Uur2ANhSnKJMb0MALYO3A467hLK26jyMbYV5MyouOYLJyhV6Azojve5GAINREkCyy6In1eYQB1QN4unjZ0iMd27XxqdpIr8BnfdYufZfBmPQq-BQphtY04LBb6ipdfLI9bpYtNwii1HOBipU2kIe1rXFMOgxnDs1bHWQ9y3ORIYFFV2gDopUYiiamj71VfF7_KJSdF9z4kk6VJVd5Uy2RluzxLBnEmEGrwIZpw8bvewxU3YpDNpMDbC8cWbT-Z8t0BkxB5QX2BUMu_XwSnBJmPMZfKKPNVC_X5cmjerUbxwuuRqVdX201WBfXMCZK_UrGK51bBJ9QUeLsiMBfNP8ZZU0ZC7kOoDGqHUq9Vl_-4UCjNrYMzcN0iK-KW4CAFRQ7hLXzsOJZPimfKCIYUgUPouCC-O3XdTYhSy9vj4G5t8D6tPH1rKU-JAEVI5jl97U3PZ8x5DdMCFJTfmILoPLiWoWTE7ycim-7V5A6MK3o_EIX1CzLDaH7KdloUK1hNjkGiXL331nFZHh8rOqQxlAeWu33IwDbqMO6cVzIgoaL2xc97_uV65BPEdgLklnVKwAPsVOw-pTamoH3FjfXjb1JwV53W9i1qknnkL1I9tfeBusBWNqxMJxYd2aXtEVqMuuesGGFTeKZk0pYP2aZr8o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://elfnomori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 st1 Show response
choices.trustarc.com/jsi/ Frame 0EAA 3 KB
3 KB 199ms
173ms Script
text/javascript 13.225.183.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/jsi/st1?aid=sojern02&pid=sojern01&cid=31047793&sz=120x240&c=te-ad2f&rand=ead2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=31047793&js=st0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.183.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-183-57.nrt57.r.cloudfront.net

Software

nginx /

Resource Hash

a1704c9c6df1c2fc1cff113972939318fa7786cd5d0054e7845c26353ccdb86a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d2a5614e52e5c2705c3af7bd77a36d08.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: NRT57-C4
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2133
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 1pwGmpORrd_RMJosSmZFtYDvQUXDzO_kHWmObTKTrOGeYafpHU7VwA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get Show response
choices.trustarc.com/ Frame 0EAA 17 KB
6 KB 528ms
503ms Script
text/javascript 13.225.183.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/get?name=st2.js
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=31047793&js=st0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.183.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-183-57.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: 7044b0c225fd6df66c4f91e37a14a293860937e48b1deee5875279ffb9f32555

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Feb 2024 16:13:20 GMT
content-encoding: gzip
via: 1.1 d2a5614e52e5c2705c3af7bd77a36d08.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 03:10:26 GMT
server: nginx
x-amz-cf-pop: NRT57-C4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: wn6FoEVlBcwZsblTMi_Lzl65lPHIPk4gw7OEBc8wuRgI26lPkizPxQ==
expires: Sat, 30 Mar 2024 16:13:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EAA 42 B
64 B 57ms
56ms Fetch
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLTIBkv9z67jcxCMtmPvHsbfiMRKWHIikQDUl-mxdP-1kXhbVwscBnPZL-HWkL7akRC20U-p0zbx7acY-r380i9ujDEvPhgnISevhL8pVLs7t_pHx7WR7BqoLS-rHQcfM6O7k6W6pP0MbracS6Eg2g2hnbmVyiST4&sai=AMfl-YRXs5H8wBKQkGkmvgZ8I5QH3S5XDTsD-WGy8oz8AwhaFzs51N3y8e9bnWVjBT6iN1qhvdmqk1ZcXODhJiY2Uu1-je_MljOipgk2Xl-I_pma6N-kj0CWIMj7I9lHdZNNCZyUAk1QxC4HJSumDCar&sig=Cg0ArKJSzEe9NKHdg1_SEAE&cid=CAQSTgB7FLtqwebqFmZgCojY5IIBlBf_BYyAjjrIvAfg1NL6sBTQTeUkOvEcsAVXvucOGK5vTuIU5Bg2_faFyObycHXL-vNCxHifUKmOY8HwfhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1112305553&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=515599900&rst=1709223198812&rpt=333&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EAA 0
20 B 39ms
38ms Ping
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2889696334271&version=m202401290101&ct=76&x=1&cor=16628357095238713000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 16:13:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 04:23:03	Name: IDE Value: AHWqTUk9OrHgpykUhRsghrEYEDlZ1eBgrxzNKetotDCAywTGAl7cvlnoB7Eke5Pc
.send.microad.jp/	1970-01-20 20:56:39	Name: TR Value: fb31a3570052492ff4bb02497d2f6d6ddde99cdeced7500b
.doubleclick.net/	1970-01-20 18:47:04	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-21 03:32:39	Name: CMID Value: ZeCtHhdaRGwAAFBzAJKH6AAA
.casalemedia.com/	1970-01-20 20:56:39	Name: CMPS Value: 5417
.casalemedia.com/	1970-01-20 20:56:39	Name: CMPRO Value: 5417
.elfnomori.com/	1970-01-21 04:08:39	Name: __gads Value: ID=e8073e211e838255:T=1709223198:RT=1709223198:S=ALNI_MYBWborXpRyKyJBX9rr9F3OrfEPlA
.elfnomori.com/	1970-01-21 04:08:39	Name: __gpi Value: UID=00000d206cd8cefa:T=1709223198:RT=1709223198:S=ALNI_MZb-2_8dY9NHzWbqGyp_t1_fwnFpw
.elfnomori.com/	1970-01-20 23:06:15	Name: __eoi Value: ID=15e444fb82c55eba:T=1709223198:RT=1709223198:S=AA-AfjY6z-rkZXOFFk1lj_UcWhDn
.doubleclick.net/	1970-01-20 23:06:15	Name: APC Value: AfxxVi4NDv9aJzzB-XbSCnwfxwlGYMDg8zidZd-ligBzQu8Q2_Bf-A
.doubleclick.net/	1970-01-20 23:06:15	Name: receive-cookie-deprecation Value: 1
.googleadservices.com/	1970-01-20 20:56:39	Name: ar_debug Value: 1

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elfnomori.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
beacon.sojern.com
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
elfnomori.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s-cs.send.microad.jp
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
107.178.244.119
13.225.183.57
13.249.160.129
142.251.42.194
172.217.175.98
172.64.151.101
183.181.98.52
202.233.84.8
216.58.220.130
2404:6800:4004:813::2001
2404:6800:4004:818::2004
2404:6800:4004:81e::200a
2404:6800:4004:821::200a
2404:6800:4004:822::200e
2404:6800:4004:823::2003
2404:6800:4004:825::2002
2404:6800:4004:825::2006
2404:6800:4004:826::2002
2404:6800:4004:826::2003
2404:6800:4004:828::200e
2606:4700::6811:190e
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
02f94562802e4dd58c51164f53b071c37e25598d7e3cbeda9e81958200615336
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ddf527b6f51467e3acbc4f5a2991d0f5c3bb4ee5779ea9dde4abbf75def49bc
103e06467acd73556c403f4bd178bc98b4693dfda46e76cd5049dac5c75bb4da
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
158629b6169ff37aea4b25ab6022e70ea17f645cee3c7f726130cc67d19ecbc7
1a7acdf59a8c1f69ff30b4d4ef5823b4ce82c839775c0042f197f892be630e58
1ffd1edb2b26f9f7389ebbee43d7492b626c2be7eb6abd8167b69ccfe5926746
2513d076178f6dc9025a261576de7b6dc9f39ec683548571af3fcc84cf86820c
2853e02a76bde16e1ecadeff9c3e25ab72df7989098dcfbcc414d16483c98773
28fb922851c41b4c358122f4e69f3a83d0248af4f08256da3f964034930e2b17
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c605435cf38a1203dbe0d6df863d52ff200c0befe3858d1cdbef25e20ad1212
3eb7bae2696bb35e48300a9794862edfa3d00a9cd483b64924bb3fc9a66908e0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
434e30c2bf3f77a70f0c1ebccd8f350dc58a984e6a099319718fb190ec16443f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4d8660200b43f7d33a67d634425dd4aa612da57c5fe425b1a8d45f0921c02987
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567dbd15364152d29102145bef23cb9d8676a7dd84223280c9ec39ca7b64c982
56abc4bd51553918766ea48d27913e544d4106301344fb4db3b37d648184f530
5a3aab50ccda303500ebdffd2529654711731d76fb23339a820e1445f0386fe7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5
66bfc61bea0baed56bfd8209d90ad0f5f2a2ffb81f01d639c2a7bd0b10f8b98d
6abea6a025217fc0962a4af8c4a33e3214489f20abd26de8f694e4a321f237c4
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
7044b0c225fd6df66c4f91e37a14a293860937e48b1deee5875279ffb9f32555
70b31859862eb4792df8aa4daa383b355918490f84d956eb5ec12f3aa53b98bd
70d28fd46a7714dfe56f9e1f699be8ecc6a344ab5d0e0aea89780d1cc45d2b94
731361283b038d7579c5714f7fac17695093479f802a57a23baeabade16497d2
75d1cfcdec499d99051c5c44627e79c59baeec67e72ea326e2e4a5ac2dd19412
7d4c69dd4d062c7b545f5ae819f134015f5a0b41017cedf747a0982e6435da4e
7e3c4a9ece98502ef315979212d5b799b513c7ed280bfb797c18afecf91e2cf5
832afa68bd50da41ac5fa906f57b44d3236d416e894679934e253c2207534cf9
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8890046bf92be1335bfe225a06c58391db2dc0c1fe273c17f157372f029b0cdb
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8c748b436dcb6beb5549fc17e14afad3d607e2a6c4c33ef2338d7560a601e700
911200499a5d5c1762a0f66e767824a95363fe8dd49d046d5076e0eee2dc35ac
91525d4d85e0e1041498d78cda38158923a18b1659bbd1c99a0a35e348eae132
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9559f0141f3f65b4cacb4376205d5a64e338496e155989d51ef1cfc7d5073a9f
9668ef33d183000f5b54ffb23c3477b00e9e33f258fe8ae792d167b4bbafd60c
9780232b948d9ebd9e752ce5ed91f6e52d1f2ae6c2f2928c52b9d320e769120a
9c22366ba83250e52442fc5b95e6942bea6789a1d3042919d7869dacef8420f5
9d87f960aa0c560cf8feb32f6579078cef2da3166cc8c4fd97eaba17ab954b37
a1704c9c6df1c2fc1cff113972939318fa7786cd5d0054e7845c26353ccdb86a
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4f8735927bf2639b148d04368e36bc8727365f2e2c5606c9ed95f6ca34aa4ee
a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aeb42146a7870c3b10520d9ea7a51c6aabdbe788f8504406cd0e8c54d767ea50
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23aa2efb05a84e18cf3eeccf7f68f781efd022c905b6c470816778fb34d9a67
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b5f2a785caf63a6eb410bcad2ea1fa9e16a44ada1f145c80707e3c642f739d63
bc7efecace0085173f1ee9971a7094a6ed99c5c9489afc6d62c5546e16377861
c01d42bcc948d7298fea94c0cca663c963137690ccae0aee6ad4b40e20de14a9
c203b207f6ddd4b73cdb58843accfcda631cf86b509539ec73384c3a56b0c8cc
c5e403dd1b364fa7526d95a5abccbb5e5d796be0cc816db1ec156cde452f153a
ce9689e30b5cdb9d7fa1a7a1abe641bb3ffa2c5e929a336f6679ecbb02a881c9
cea95cc321529b0eb81568e6979b4aa0bc34676398340b25249703cbeba40675
d14fb24c37234368d688c39915a6c76c65d542aab34b5ef8cda4534cc2affaa8
d43b0ed66d2a4b8b3c420ef0e10f24e34b29af524657a8d06dd87f3da235f15a
d8716fb2e5893cdb0d7e65a16607f4d8b71acae4cf20092a850b8afb13997ba6
df92dfbb762ab8c9434461fa56c27b99b030edbe1532bed10e55dbd53cea024c
e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774
e0ca4ab45c47467c9073060c518dd1a46f720978a85ecc3491395145ddff25fd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56bc9a60a76f24fda9ae0488dd6032bc6463d9c238a493eb3f39a7f9e3fd732
e688bb4a3bc882915bcdc722e00f608b7ac407c77e7c9363ab999725142149c5
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ea5881f1507ec9eb5064603a8739e68ee0a96fc0c16b0825663af4dd01f15e0e
eb59b009ed43d7dd4d849dc8e7c14e970bfeab039d4a8cfd24ab4e4e869c25ae
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28983ba3821cb6be34f2a3faf9b03a8befa9ca60b7c3768a9c620c01065ef5a
fb1c74d589690a0a4ed9ecd0f0de1a26ce1f12745be44f6750a33de42676683f

elfnomori.com Open in urlscan Pro 183.181.98.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

95 %HTTPS

57 %IPv6

14 Domains

21 Subdomains

21 IPs

3 Countries

1906 kBTransfer

4297 kBSize

12 Cookies

7 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elfnomori.com Open in urlscan Pro
183.181.98.52 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

95 %
HTTPS

57 %
IPv6

14
Domains

21
Subdomains

21
IPs

3
Countries

1906 kB
Transfer

4297 kB
Size

12
Cookies

103 HTTP transactions
4 data transactions