ws4696.xyz Open in urlscan Pro
163.44.185.207 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ws4696.xyz/
Submission: On December 04 via api (December 4th 2023, 4:21:46 pm UTC) from US — Scanned from JP

Summary HTTP 313 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 55 domains to perform 313 HTTP transactions. The main IP is 163.44.185.207, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is ws4696.xyz.

This is the only time ws4696.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	163.44.185.207 163.44.185.207	7506 (INTERQ GM...) (INTERQ GMO Internet)
52	2404:6800:400... 2404:6800:4004:818::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:821::2008	15169 (GOOGLE) (GOOGLE)
2	192.229.237.25 192.229.237.25	15133 (EDGECAST) (EDGECAST)
1	2404:6800:400... 2404:6800:4004:825::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.112.186.112 3.112.186.112	16509 (AMAZON-02) (AMAZON-02)
1	18.179.103.207 18.179.103.207	16509 (AMAZON-02) (AMAZON-02)
1	153.120.49.75 153.120.49.75	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	150.95.137.87 150.95.137.87	7506 (INTERQ GM...) (INTERQ GMO Internet)
3	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
4 27	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
7	172.217.174.98 172.217.174.98	15169 (GOOGLE) (GOOGLE)
1	203.114.55.135 203.114.55.135	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
6	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c1b::9b	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:812::2003	15169 (GOOGLE) (GOOGLE)
3 6	2404:6800:400... 2404:6800:4004:801::2004	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
49	2404:6800:400... 2404:6800:4004:827::2001	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:813::2003	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:823::2006	15169 (GOOGLE) (GOOGLE)
8	142.251.42.166 142.251.42.166	15169 (GOOGLE) (GOOGLE)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
11 49	142.251.222.2 142.251.222.2	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	103.43.90.19 103.43.90.19	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	23.45.61.118 23.45.61.118	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1f18:612... 2600:1f18:612b:4264:4b11:4b0e:f335:7576	14618 (AMAZON-AES) (AMAZON-AES)
4 4	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
1 2	139.99.120.190 139.99.120.190	16276 (OVH) (OVH)
1 3	23.106.127.170 23.106.127.170	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
2 2	18.177.11.95 18.177.11.95	16509 (AMAZON-02) (AMAZON-02)
2 2	54.65.227.130 54.65.227.130	16509 (AMAZON-02) (AMAZON-02)
2	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
4 4	2a02:fa8:c411... 2a02:fa8:c411:11::730	399104 (CNVR-APAC) (CNVR-APAC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	99.84.133.60 99.84.133.60	16509 (AMAZON-02) (AMAZON-02)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	133.186.161.88 133.186.161.88	45974 (NHN-AS-KR...) (NHN-AS-KR NHNCLOUD)
1 1	35.79.70.3 35.79.70.3	16509 (AMAZON-02) (AMAZON-02)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1 2	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
3 3	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	54.225.102.15 54.225.102.15	14618 (AMAZON-AES) (AMAZON-AES)
1	182.22.16.251 182.22.16.251	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	172.105.199.172 172.105.199.172	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 2	2406:da18:929... 2406:da18:929:5a00:8dd2:a72d:5057:e911	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	23.36.17.70 23.36.17.70	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	184.27.185.21 184.27.185.21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
313	45

31 163.44.185.207 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 163-44-185-207.virt.lolipop.jp

ws4696.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws4696.flier.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2404:6800:4004:818::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.237.25 (Marlborough, United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.112.186.112 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com

www25.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www19.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www26.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www15.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.103.207 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-103-207.ap-northeast-1.compute.amazonaws.com

www11.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 153.120.49.75 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www27.with2.net

blog.with2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 150.95.137.87 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-137-87.a082.g.tyo1.static.cnode.io

webfood.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2404:6800:4004:821::2002 (Australia) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.174.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.114.55.135 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: 203x114x55x135.ap203.ftth.arteria-hikari.net

uh.nakanohito.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:81c::200e (Australia)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c1b::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:812::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:801::2004 (Australia) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:813::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:823::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.42.166 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 142.251.222.2 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.19 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.61.118 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-61-118.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:4b11:4b0e:f335:7576 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.143.106.89 (Singapore, Singapore) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.120.190 (Singapore, Singapore) 1 redirects

ASN16276 (OVH, FR)
PTR: ads26-sgp.stickyadstv.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.106.127.170 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.232.238.37 (Tokyo, Japan) 2 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.177.11.95 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.65.227.130 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-227-130.ap-northeast-1.compute.amazonaws.com

dynalyst-sync.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.23 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:c411:11::730 (Amsterdam, Netherlands) 4 redirects

ASN399104 (CNVR-APAC, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.133.60 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-60.nrt57.r.cloudfront.net

cr-p1.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.79.70.3 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-70-3.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.253.86.149 (Tappahannock, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.102.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-102-15.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.16.251 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.199.172 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a00:8dd2:a72d:5057:e911 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.17.70 (Tokyo, Japan) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-17-70.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.27.185.21 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-27-185-21.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	996 KB
86	doubleclick.net 15 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	413 KB
29	ws4696.xyz ws4696.xyz	1 MB
26	google.com 3 redirects analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404	71 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	188 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	637 KB
7	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	35 KB
6	yahoo.com 6 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	2 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	103 KB
6	a8.net www25.a8.net www11.a8.net www19.a8.net www26.a8.net www15.a8.net	85 KB
4	dotomi.com 4 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	2 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	319 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5624	1 KB
3	inmobi.com 3 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 3950	1 KB
3	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	2 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 491	851 B
3	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26283	669 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1549	132 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1786	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	ladsp.com 2 redirects cr-p1.ladsp.com — Cisco Umbrella Rank: 89534	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	adtdp.com 2 redirects dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 35120	1 KB
2	r-ad.ne.jp 2 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 95478	1 KB
2	fout.jp 2 redirects sync.fout.jp — Cisco Umbrella Rank: 55430	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	513 B
2	webfood.info 1 redirects webfood.info	308 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796	3 KB
2	flier.jp ws4696.flier.jp	3 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	1 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	543 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 8865	599 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3260	623 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	1 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 902	455 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 28404	515 B
1	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 88638	161 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9014	293 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4999	611 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 7973	233 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1226	204 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1153	175 B
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	527 B
1	nakanohito.jp uh.nakanohito.jp — Cisco Umbrella Rank: 127034	11 KB
1	with2.net blog.with2.net — Cisco Umbrella Rank: 648283	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	4 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
313	55

	Domain	Requested by
52	pagead2.googlesyndication.com	ws4696.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
49	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net ws4696.xyz
49	tpc.googlesyndication.com	googleads.g.doubleclick.net ws4696.xyz tpc.googlesyndication.com pagead2.googlesyndication.com
29	ws4696.xyz	ws4696.xyz
27	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net ws4696.xyz
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	www.googletagservices.com	googleads.g.doubleclick.net ws4696.xyz
8	ad.doubleclick.net	ws4696.xyz
7	www.googleadservices.com	www.googletagmanager.com ws4696.xyz googleads.g.doubleclick.net
6	s0.2mdn.net	googleads.g.doubleclick.net ws4696.xyz
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	analytics.google.com	www.googletagmanager.com
4	dclk-match.dotomi.com	4 redirects
4	c1.adform.net	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	ws4696.xyz www.googletagmanager.com
3	an.yandex.ru	2 redirects
3	mweb.ck.inmobi.com	3 redirects
3	rtb-csync.smartadserver.com	1 redirects googleads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	www.google.co.jp	ws4696.xyz
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ws4696.xyz
2	e.dlx.addthis.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	cr-p1.ladsp.com	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	dynalyst-sync.adtdp.com	2 redirects
2	cs.r-ad.ne.jp	2 redirects
2	sync.fout.jp	2 redirects
2	ads.stickyadstv.com	1 redirects googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com
2	webfood.info	1 redirects ws4696.xyz
2	www25.a8.net	ws4696.xyz
2	ws4696.flier.jp	ws4696.xyz ws4696.flier.jp
2	platform.twitter.com	ws4696.xyz platform.twitter.com
1	analytics.pangle-ads.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	a.c.appier.net	1 redirects
1	cksync.yahoo.co.jp	googleads.g.doubleclick.net
1	sync.srv.stackadapt.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	trace.mediago.io	1 redirects
1	ds.uncn.jp	1 redirects
1	app.cauly.co.kr	googleads.g.doubleclick.net
1	s.uuidksinc.net	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	dsp.adkernel.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	uh.nakanohito.jp	ws4696.xyz
1	pixel.wp.com	ws4696.xyz
1	stats.wp.com	ws4696.xyz
1	blog.with2.net	ws4696.xyz
1	www15.a8.net	ws4696.xyz
1	www26.a8.net	ws4696.xyz
1	www19.a8.net	ws4696.xyz
1	www11.a8.net	ws4696.xyz
1	cdnjs.cloudflare.com	ws4696.xyz
1	ajax.googleapis.com	ws4696.xyz
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
313	72

This site contains links to these domains. Also see Links.

Domain
re4u.ws4696.xyz
px.a8.net
affiliate.suruga-ya.jp
twitter.com
www.facebook.com
amzn.to
feedly.com
blog.with2.net
xyzscripts.com
www.xyzscripts.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
ws4696.xyz R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2023-06-01` - `2024-07-02`	a year	crt.sh
blog.with2.net JPRS Domain Validation Authority - G4	`2023-11-30` - `2024-12-31`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-10-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-02-17` - `2024-03-06`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-07-28` - `2024-08-27`	a year	crt.sh

This page contains 47 frames:

Primary Page: http://ws4696.xyz/
Frame ID: 45C6FE76F3C6160CB59763C10C94BE47
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 8CA1EEFA9C68BE4E791817F7C8F87888
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fws4696.xyz
Frame ID: 0E05B9584D0A70060241CBC6E2CFC627
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478445572654677&output=html&adk=1812271804&adf=3025194257&lmt=1701706898&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701706897721&bpp=5&bdt=288&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3329894081658&frm=20&pv=2&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=350
Frame ID: 79538D7611431B728192D21C02A3B4CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478445572654677&output=html&h=280&slotname=1444455752&adk=1102396104&adf=2643309891&pi=t.ma~as.1444455752&w=336&fwrn=4&fwrnh=100&lmt=1701706898&rafmt=1&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1701706897728&bpp=1&bdt=295&idt=366&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=371
Frame ID: 853A6568999857FCE5E3F07A9FBF834B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1CF635F8C689BD1937FD2FACF930B346
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: BE99EBE8A6D8B4DF3B4B91606CECE390
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3347988295&pi=t.aa~a.2682791915~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280&nras=2&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=218
Frame ID: 5B9B491016552085F3C1264BBF01D6D6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221
Frame ID: FC460BDEE8201F7C9CE85041CC3E8F9F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=100&adk=130578063&adf=3497330489&pi=t.aa~a.2551706880~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x100&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50&nras=4&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=225
Frame ID: 30AE64CED3BBD52EF768A8481E5AD4E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228
Frame ID: 730938E9F502B2688B7949EC8462F2D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=280&adk=542714845&adf=3364714922&pi=t.aa~a.1728172515~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1621&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50&nras=6&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=231
Frame ID: 98B59E7A3EF4133AB1C2AE65409D073C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234
Frame ID: C85C462B46E19EE2FB0C26929F138767
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5F95B6FCB23AAA62B23EC883F698A8A6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1DDD5AB43C0C9702622491342AC7AF7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EEAE4A434BFA696F420915725798FA2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C4B0E221BD97442CBEA4319BC432FE78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNVRvcCP5cIbXLse0TE7gQd-6SxU-1sy8VEaxhcCKXb7iWYVOXtGWgTY2mRuOD9Mqdt_Nk-xPcshRJ46d5DWF6aDDdjXvQ
Frame ID: B2D485D9BF52A288F87D1C1701291312
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Frame ID: 3BFDB615EC08BEFAE1E4EB7CF8DDAEF9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNWtjGSRZ-KdPNxdQG0-wmnwA0bfLyuJ_Ew7EN76k0_Z3K6TQu5VtNwHdjUSAjr_gxZgMM_fCfZ_j-Iq0bgkkm7syYtf1w
Frame ID: A336DE4C4C9FDA299E97D3FA8C5C4A64
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/3957710615409578942
Frame ID: 461B07E6DE44751DBAA4F628079874A3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYk8ju7QEwAQ&v=APEucNUHKJjGVBKXhn7-UyKeOD0nGaPkR-CFFaAQISeqB7u7-59RWNOGg7YY7eNb1DXcYH2VVQ1oPSTg3g8AozeuOOk1ZbgMJw
Frame ID: FC8FC5640E166F822D5EA646AAE45EA1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Frame ID: ECA6F1C90849DC0E95D69EB3A6939F2B
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%A2%B0%20%E9%85%8D%E5%B0%82o%E3%82%8B%E9%96%80%E3%82%81%E3%81%AF%E6%A9%9F%E5%8D%98%E3%83%97Gl%E3%81%AA%E3%81%98%E3%83%9D%E9%81%8B%E3%82%B9e%E9%96%8B%E7%9A%84%E5%91%8A%E3%81%A7%E5%AE%89%E5%A7%8B%E3%83%88%E3%82%92%E5%BA%83%E4%BF%A1%E3%81%AE%E7%94%A8%E3%80%82%E6%8B%85%E3%83%83%E5%BF%83%E3%81%97%E9%96%89%E3%81%A63%E3%82%B5%E5%AD%A6%E3%80%81%E7%BF%92%E5%BD%93%E3%81%8F%E6%9E%9C%E3%82%8Cg%E5%8A%B9%E3%83%BC%E3%82%89%E3%83%AA%E3%83%86%E7%B0%A1%E8%80%85%E3%82%A2
Frame ID: ACE7908A83B19F491C7A74CC4DA024DC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7F12CB102A93E3861AEDCE8C13FC14CD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E7245C11D527C94732A722D6666E6BF6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 67547AAF91ED0D9A6545102EB511E32F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B1248117039272CB550ABFC437CF762A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY1Z3u7QEwAQ&v=APEucNUv4ZKsvPf5C7UNAMEXiH4yapKJm1xrvDuF9K5vcZ43U5WHpLiXSJMiaEYPzG26QGvaLzhp1bXPLStUJXBoiKMxRaAo0VSuxMdBDkeMx2R0jvIJUzw
Frame ID: A6311E95EBBC35B1A8ECDDBA6DCA8BF5
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Frame ID: D980ED998DBE8E1A62F4E6315BA1CAB3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C92FA22720CDD163CF37A9B1B0F4DF5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28E15B635458EB809800EBE7E7ECF43E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY1Z3u7QEwAQ&v=APEucNVZKfIZdvyP3KybWagJ8BrhKZqTKn1nWkIQMJzLTr3xIy00xP4YNvp0K40m6TPRg4yve-1LnMmZDOQB2vZ5ikYE2aWMOdurhoWdir8R7c6TWtDQR1k
Frame ID: 70D6E282A099E9DA6663036DAB523EAD
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/9486497739528641001
Frame ID: C5BCC32E6C88467B8EE32129CB8DD7EF
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6AAA3B777FC1064F3A2F9B793EC8FD43
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYpbPu7QEwAQ&v=APEucNXDmqJLvJFUkGXn_D12IA-BppXxpfeQpIaebbP3sP3NucVyPJSlvkdkfF0DN7nUHLtyqRCwlmwhmPTJsdQjqDUhFKmGvLyzWqfomAduozWA0YMfAI0
Frame ID: BF6CBB772B99E6EF4FAAAAA3F41D48CF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Frame ID: 27CC96586A526A83F977353D27265179
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 669102F43A6C4B2BF6EB1168F41A2DFB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED1251EFA55912987F442403067D51CE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B1028FE0457C758380BCD140B93B6AB1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 38BB133544BA4748AA72271725B42B2F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 3F3534ADD6F5830F014E6A982E467E56
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 760297E5CD4D157FEEAD8936BFCF18AF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 8102BE6F2DB9E1A608BEDF1A45BC9A75
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 923D5A73D950601952AD8F966DF72439
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C07601ECC8B93E8342A339F0A40FBA3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4039310C6FD3F5FDE6263AF168C0A18D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

しろくろ速報-ヴァイスシュヴァルツ情報まとめ(shirokuro news)-

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

313
Requests

80 %
HTTPS

36 %
IPv6

55
Domains

72
Subdomains

45
IPs

9
Countries

4485 kB
Transfer

10588 kB
Size

69
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re4u.ws4696.xyz/
Title: リバースまとめ（β）REBIRTH

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35QCDR+DOYXO2+49ZW+BW0YB&a8ejpredirect=https%3A%2F%2Fyuyu-tei.jp%2Fgame_ws%2F
Title: 詳細はこちら

Search URL Search Domain Scan URL

URL: https://affiliate.suruga-ya.jp/modules/af/af_jump.php?user_id=2594&goods_url=https%3A%2F%2Fwww.suruga-ya.jp%2Fsearch%3Fcategory%3D%26search_word%3D%25E3%2583%25B4%25E3%2582%25A1%25E3%2582%25A4%25E3%2582%25B9%25E3%2582%25B7%25E3%2583%25A5%25E3%2583%25B4%25E3%2582%25A1%25E3%2583%25AB%25E3%2583%2584%26adult_s%3D1%26is_marketplace%3D0%26rankBy%3Drelease_date%2528int%2529%253Adescending%26restrict%5B%5D%3Dbrand%3D%25E3%2583%2596%25E3%2582%25B7%25E3%2583%25AD%25E3%2583%25BC%25E3%2583%2589
Title: 予約はこちら

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35QCDR+DOYXO2+49ZW+BW0YB&a8ejpredirect=https://yuyu-tei.jp/buy/ws/s/ayt#newest
Title: 【買取】「あやかしトライアングル」買取価格を更新致しました！

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35QCDR+DOYXO2+49ZW+BW0YB&a8ejpredirect=https://yuyu-tei.jp/sell/ws/s/lsf#kana
Title: 【販売】「ラブライブ！スクールアイドルフェスティバル2 MIRACLE LIVE!」販売価格を更新致しました！

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35QCDR+DOYXO2+49ZW+BW0YB&a8ejpredirect=https://yuyu-tei.jp/buy/ws/s/knk#kana
Title: 【買取】「彼女、お借りします」買取価格を更新致しました！

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35QCDR+DOYXO2+49ZW+BW0YB&a8ejpredirect=https://yuyu-tei.jp/sell/ws/m/choice
Title: 『【PJS/S109】『プロジェクトセカイカラフルステージ！ feat. 初音ミク Vol.2』（RR/R/U/C/CC）4枚コンプセット』予約開始致しました！

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35QCDR+DOYXO2+49ZW+BW0YB&a8ejpredirect=https://yuyu-tei.jp/buy/ws/s/sspb#kana
Title: 【買取】「プレミアムブースター灼眼のシャナ」買取価格を更新致しました！

Search URL Search Domain Scan URL

URL: https://twitter.com/ws4696

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ws4696.xyz/

Search URL Search Domain Scan URL

URL: https://amzn.to/3rATBwt

Search URL Search Domain Scan URL

URL: http://feedly.com/i/discover/sources/search/feed/http%3A%2F%2Fws4696.xyz

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=35UBPP+70FT9U+348+6CHB5

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3BHZAZ+DODI2A+50+2HKVOH

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3BHZAZ+DPKD9U+348+1BS1AP

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3BOJR3+2V00FM+CO4+ZW82A
Title: レンタルサーバー『wpX Speed』

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3BOJR3+2VLG1E+CO4+15ORS2
Title: エックスドメイン

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=3BOJR3+2WSB8Y+50+4T2HUA
Title: ホームページ作成サービス Z.com Studio

Search URL Search Domain Scan URL

URL: http://blog.with2.net/link/?2025545:2436

Search URL Search Domain Scan URL

URL: https://xyzscripts.com/wordpress-plugins/twitter-auto-publish/compare
Title: WP Twitter Auto Publish

Search URL Search Domain Scan URL

URL: http://www.xyzscripts.com/
Title: XYZScripts.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

http://webfood.info/javascripts/gasetting.js HTTP 301
https://webfood.info/javascripts/gasetting.js

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fws4696.xyz%2F&label=kSUJCPiB_bMYENTpjtoD&hn=www.googleadservices.com&frm=0&tiba=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&value=0&auid=758232965.1701706898&fmt=3&ct_cookie_present=false&ocp_id=kfxtZd_9Ntapid4PzLqxoAg&sscte=1&crd=&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_KvC8GyJVkAAvFxFzPLauqwp9G3aMXRs744&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqMy1EbjlSeW9jY0lqSDA5aUhIdlk4LUxfRDd1ZG9mcU15M1pjWHVrRW1GGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHEyelhfWXloeV9nRXFDNk5XNEVEY09EWlRPOEdUV1psOC12LW9yRGx5amRSb3kxVENoX29uNnMiEwifiqWZmPaCAxXWVMIFHUxdDIQ HTTP 302
https://www.google.com/pagead/1p-conversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fws4696.xyz%2F&label=kSUJCPiB_bMYENTpjtoD&hn=www.googleadservices.com&frm=0&tiba=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&value=0&auid=758232965.1701706898&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqMy1EbjlSeW9jY0lqSDA5aUhIdlk4LUxfRDd1ZG9mcU15M1pjWHVrRW1GGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHEyelhfWXloeV9nRXFDNk5XNEVEY09EWlRPOEdUV1psOC12LW9yRGx5amRSb3kxVENoX29uNnMiEwifiqWZmPaCAxXWVMIFHUxdDIQ&is_vtc=1&ocp_id=kfxtZd_9Ntapid4PzLqxoAg&cid=CAQSGwDICaaNSKa-UudJaRmVvaNELPI3o-qi8mcHTA&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_KuyOjTJIq6n6YjsNML8GRiTM23QpuL4e00&random=1803144062 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fws4696.xyz%2F&label=kSUJCPiB_bMYENTpjtoD&hn=www.googleadservices.com&frm=0&tiba=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&value=0&auid=758232965.1701706898&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqMy1EbjlSeW9jY0lqSDA5aUhIdlk4LUxfRDd1ZG9mcU15M1pjWHVrRW1GGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHEyelhfWXloeV9nRXFDNk5XNEVEY09EWlRPOEdUV1psOC12LW9yRGx5amRSb3kxVENoX29uNnMiEwifiqWZmPaCAxXWVMIFHUxdDIQ&is_vtc=1&ocp_id=kfxtZd_9Ntapid4PzLqxoAg&cid=CAQSGwDICaaNSKa-UudJaRmVvaNELPI3o-qi8mcHTA&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_KuyOjTJIq6n6YjsNML8GRiTM23QpuL4e00&random=1803144062&ipr=y

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 85

https://googleads.g.doubleclick.net/pagead/adview?ai=CHPemkvxtZbOWCJWFpt8P9cWW8ASowIy_dNWh-qP_EeLDgf6tEhABILPS5lBgifPFhPQToAG-9_T9AsgBAakCwM00z95NPT6oAwHIA8sEqgTHAU_QURlQMfuqbFvovmysUiCMmIAehHQYUJbM6kAfvdLdT7iv9CJvnSaGHUGNwKjl69oZPPhSDQ0q8KDi7BKTo324WEt1feOsMcFKZOFEuyqEjtCFdpPTddXtmWFOr6p0jvN6Qxqw5GiNmmzXvGKeQgJGLo31DYVUVW57xDOCpMUZuDyJh_LE2y7x7LkAzyV-eCGqaLcGr_4NMTiVPOEwsSlKKQGzKVmJpXcNsrjf-WEodyzYMYScospdD1Zp_-05i7KVR_IoCJvABI_pqqrTBIgF7u_2wU2AB6qIi4IBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4uMD0ggdCIBhEAEYHzICigI6AoBASL39wTpYyYOzmZj2ggOaCXhodHRwczovL3d3dy5hbWF6b24uY28uanAvYj9ub2RlPTIzMzgxNDY4MDUxJnRhZz14Y21hZG53MTA1MDIwMTgtMjImcmVmXz1GWTIzX0VBX1E0X0hvbGlkYXlCREFfSFNfR0ROX1N0YV9VcHBlcl9EaXJlY3RfR1CACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwQCgoQwLe8m-OBtv8aEgIBA9gTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDc4NDQ1NTcyNjU0Njc3GAA&sigh=mGbnrwnSuK4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNoxFU3rObFvdhgYPs2UZefuwroyY2e0TYzDG0eBBEQ_XQziRF33iLP6FnQ1D8YY3yN47CSebh9zLdTn-t921zWC2VszuokReFQWEYAQ&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x29eaf15a9234e660000000000000000%22,%222%22:%220x6259b3da8b10a5800000000000000000%22,%223%22:%220xf58cf0590943cf010000000000000000%22,%224%22:%220x6184a14faf0d8c5b0000000000000000%22,%225%22:%220x9263cb89aadde12c0000000000000000%22},%22debug_key%22:%228468635667759555803%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22800930750%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224591918511892478721%22}&andc=true

Request Chain 132

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW38k1OHEe1-xGTy7W3mxAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHUkD3JhvighDUq7KyIe74E&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUkD3JhvighDUq7KyIe74E%26google_cver%3D1

Request Chain 145

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzMzI1NzY2NjYyOTkxODEzOA%3D%3D

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIciKZb6sdmq9-zj_Ds565s&google_cver=1

Request Chain 147

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjY3MzNmMTktMDVhMi0yYWRjLWZlOWUtMjJjYjM5ZmY3MjNi

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEB8y4pwHWo3NuPWx_rwCuOw&google_cver=1

Request Chain 149

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmRkMmE2MDEtOWYzNS00MDczLTg0YWYtODIwODA0OGU4NWY2

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEA-XGLgZOZ8SHcYr4ELu_84&google_cver=1

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1

Request Chain 220

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0

Request Chain 223

https://googleads.g.doubleclick.net/pagead/adview?ai=C12Uik_xtZd3SEpOJpt8Pxvms2Azh6KzIdMbE-uf0EWQQASCz0uZQYInzxYT0E6ABvNymmCjIAQmpAsDNNM_eTT0-qAMByAPLBKoEwwFP0Dn0eVsOoFEp3L1wgYF7qB5Vb9xnflEjVZ1PMsgdlPA9zZnjkx_I9KuAP7FXSGOXTKDnGwJk2Nh43isGXMWkiYR10TlsKMJtQk6d-Fze7-CJRuNyE7GMMBXjNymPlMiuUZOvur9F6-3DKnBhau5GO7aBJ80oVixMpZpLVy5dp0hItY_ZLBm06ZWJ7PYBAZtXq-2hYF3MWxAzpXoROkzQUREQF_v-r3MIgIra0SGUxyBxs-hw5PjQPZnY1C6XtugVU4zABKzmzIPDBIgFn6Tt00ySBQQIBBgBkgUECAUYBKAGLoAHvJT39wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCW2wTSCB0IgGEQARgfMgKKAjoCgEBIvf3BOliByPqZmPaCA5oJXWh0dHBzOi8vd3d3Lml0b3lva2Fkby5jby5qcC83dGhlcHJpY2UvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTd0aGVwcmljZYAKAcgLAZgM5Ln81twEogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQoL3Swf6Vx419EgIBA7gTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzQ3ODQ0NTU3MjY1NDY3NxgA&sigh=63OtDUqXySk&uach_m=%5BUACH%5D&ase=2&cid=CAQSPADICaaNRsxGA3bdWyXmoiV-G73-I1bNQSTZRL6omJs6Yw3xoyCQoyJRBX-eW6CSP9Pdbgcu7u-_gn0iIBgB&template_id=515&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc7ecc2c5ff1425a00000000000000000%22,%222%22:%220xfe2f8ed858dc41bc0000000000000000%22,%223%22:%220x27c1031d0fb8e9dd0000000000000000%22,%224%22:%220xb620446761482d9b0000000000000000%22,%225%22:%220xa3aed5d08903d5550000000000000000%22},%22debug_key%22:%2212666745297481899369%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213927158578809215361%22}&andc=true

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1

Request Chain 227

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGY49M66n2wW4nDcluS7yLI&google_cver=1&gdpr=0

Request Chain 229

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjNhZjYzNDhhOWE4NjFlYjE1ZTg1OWZhMTI3MWE3ZjM=&gdpr=0&gdpr_consent=

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&google_cver=1

Request Chain 231

https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&gdpr=0&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=NTg0OTgxNjE0ODU0NzIzNzMwOA==&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 236

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEE3V38oV6FkvImnSLCVfqqI&google_cver=1&google_push=AXcoOmTKQCXNs6G6PJqLcxLFEdOUUN61bX3dkH_neURfl9aEdDwKLuNNwlfWyvE9pdjgXSse5gKLi4EV1ArSCp5eN3w6coXWThGtOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTKQCXNs6G6PJqLcxLFEdOUUN61bX3dkH_neURfl9aEdDwKLuNNwlfWyvE9pdjgXSse5gKLi4EV1ArSCp5eN3w6coXWThGtOg&google_hm=aHZVeU1PRjlGeDl6MWdFT2NHYjdYVVBJOWJz&from_google=sp1

Request Chain 237

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECFBRrBdC-kl3zzRxB7SIu0&google_cver=1&google_push=AXcoOmR6kJ3G3hFGcxcHM-58NfqZ-G0giGv5fpCvZebLVXxYwsoOHVvPga-Wyu50dQJU_BG_qJnfELO7O2N0aF3USFlwYH040ZtbaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmR6kJ3G3hFGcxcHM-58NfqZ-G0giGv5fpCvZebLVXxYwsoOHVvPga-Wyu50dQJU_BG_qJnfELO7O2N0aF3USFlwYH040ZtbaA&google_hm=NTdmR0xlMDA3QkRBSzAwN1NtQlg

Request Chain 238

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESELFpDSLRNIVuVZhbC_tBnS8&google_cver=1&google_push=AXcoOmRV7ReXiVl4X5SQqXHGQ2ErardPMLL1Jhv5mizXDlhS4rAxnMbtgh2VAyc3_W368XkOHb8Rha3ZMX5Z4_Jik1XNKkQZZpkU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjM&google_push=AXcoOmRV7ReXiVl4X5SQqXHGQ2ErardPMLL1Jhv5mizXDlhS4rAxnMbtgh2VAyc3_W368XkOHb8Rha3ZMX5Z4_Jik1XNKkQZZpkU

Request Chain 241

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTCnupDg3XM1vKaBtfR8-yxnZuLc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTCnupDg3XM1vKaBtfR8-yxnZuLc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NDkwMTYwMjgzNDQ4NjUxMg&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTCnupDg3XM1vKaBtfR8-yxnZuLc

Request Chain 244

https://googleads.g.doubleclick.net/pagead/adview?ai=ClAwZk_xtZdTiEu6Fpt8Ph7StkALh6KzIdMbE-uf0EWQQASCz0uZQYInzxYT0E6ABvNymmCjIAQmpAsDNNM_eTT0-qAMByAPLBKoEwwFP0ADelVnRWEkwW117G7soe5t3NskZq-su75bYuN_htegPk6TSAJuIMC6nV4S-IX1PY5gG1yghSZ1yC4xSDXzzLtX53lBqU2TOQAPOrME0caJlf3ORoD61i4DDFB6ZX74D1qZzHUQoV9Y63U2E1WZytX2LWxP5SG3erjF3mngQyARcfbhCrSNQvZpsWC5doQRX18exxAIo9pQwazDej7ynxHoT02Tn7l8asbPzMZYZXYJlI3N0G7hpreQ7hha5ugUIKa_ABKzmzIPDBIgFn6Tt00ySBQQIBBgBkgUECAUYBKAGLoAHvJT39wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCQnwXSCB0IgGEQARgfMgKKAjoCgEBIvf3BOli2y_qZmPaCA5oJXWh0dHBzOi8vd3d3Lml0b3lva2Fkby5jby5qcC83dGhlcHJpY2UvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTd0aGVwcmljZYAKAcgLAZgM5Ln81twEogwQKg4KDOS0sQLutbECtbixAtoMEQoLENCG4PyY5_O-lgESAgEDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDc4NDQ1NTcyNjU0Njc3GAA&sigh=qnmdFo4MNvs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNxYMnd1mq84-HGn78Nro_C9NoiUBUR0kqSQ1KMP_8sOhDy-0-47CXFaDIwU3k_xiVKWFcCL_Z0BgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc7ecc2c5ff1425a00000000000000000%22,%222%22:%220xfe2f8ed858dc41bc0000000000000000%22,%223%22:%220x27c1031d0fb8e9dd0000000000000000%22,%224%22:%220xb620446761482d9b0000000000000000%22,%225%22:%220xa3aed5d08903d5550000000000000000%22},%22debug_key%22:%227223774279487833540%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229908059039892216593%22}&andc=true

Request Chain 245

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQhG9e9ow8E4I-osIE8NsEVeo3rWravXvUBMvcoClyFaDK6_qnNTnVXy1js2JSJdnBrJk1UhJ2mZz6hkojxo9EabTYnIADOQDk1 HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6678b511bec121d3&is_secure=true&networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQhG9e9ow8E4I-osIE8NsEVeo3rWravXvUBMvcoClyFaDK6_qnNTnVXy1js2JSJdnBrJk1UhJ2mZz6hkojxo9EabTYnIADOQDk1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TNCkh2ZQMqi3osAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_push=AXcoOmQhG9e9ow8E4I-osIE8NsEVeo3rWravXvUBMvcoClyFaDK6_qnNTnVXy1js2JSJdnBrJk1UhJ2mZz6hkojxo9EabTYnIADOQDk1

Request Chain 246

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEDKgeG2EUovfdyEqlNPmFSk&google_cver=1&google_push=AXcoOmRNL6pvcIUTAbxWf63AYKUcdR2Ccoeag2TuvZop-h17O3f9WQEDwFUJYL9mT3T_tO1k2weUwXsBYa2koemfgCPYONVGo4HWIvM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRNL6pvcIUTAbxWf63AYKUcdR2Ccoeag2TuvZop-h17O3f9WQEDwFUJYL9mT3T_tO1k2weUwXsBYa2koemfgCPYONVGo4HWIvM&google_hm=I1JAi4tvT7W-cLyoPXC1kas

Request Chain 247

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_gid=CAESEOSWVqA0t2tZDS4F6eXlYhw&google_cver=1 HTTP 302
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_gid=CAESEOSWVqA0t2tZDS4F6eXlYhw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_hm=ASOB6dDBw6STks8AEDt7Nj-opcA

Request Chain 248

https://s.uuidksinc.net/match/47/?remote_uid=CAESEE7O4fayurUeZ571fei0csk&c_param1=AXcoOmTWFwOceUQuRaUwcVGByIC4wjE11_tkyqPhC3JMPNQztwblw7qbOCd_us0H7ZighUqQ4ZcuA-sVNDyAIPGRMe0PgnVYILKy1vPu&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTWFwOceUQuRaUwcVGByIC4wjE11_tkyqPhC3JMPNQztwblw7qbOCd_us0H7ZighUqQ4ZcuA-sVNDyAIPGRMe0PgnVYILKy1vPu

Request Chain 250

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIlAFf5Cg9VNXnlaG8XAQ7k&google_cver=1&google_push=AXcoOmTMN_taNdAkh76xZFXzJwn4fJmsYE7hp1bJgdAKi-lQR7wG3Ur4YTJGL80UMFuRRHPITy5-UtIsYtjGDVLR5akc5Hom7CYj6nI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTMN_taNdAkh76xZFXzJwn4fJmsYE7hp1bJgdAKi-lQR7wG3Ur4YTJGL80UMFuRRHPITy5-UtIsYtjGDVLR5akc5Hom7CYj6nI&google_hm=AS1Ta_CTtUc2sYOYLcy_JAE

Request Chain 251

https://trace.mediago.io/cs/google?google_gid=CAESEBuQF75_jYiDVN9rLOnFw_A&google_cver=1&google_push=AXcoOmQ7geM1AEPEuAxqnntoyJwKjBszrGRx1UUcw8aTDpoRaPFMmBIPgsog8IMAqTGURaLGUlZZDnuX8SIcMPUexIqf4Aa_1_SA4v4blQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ7geM1AEPEuAxqnntoyJwKjBszrGRx1UUcw8aTDpoRaPFMmBIPgsog8IMAqTGURaLGUlZZDnuX8SIcMPUexIqf4Aa_1_SA4v4blQ&google_hm=9d9fcb009ca4a7471bive500lpr4cnz8

Request Chain 253

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAfZQJwLUYoiSmhch8eVPeY&google_cver=1&google_push=AXcoOmSfjbDBZHMbDTCMuh8zv74ts7ktkGuVdW6AtHKtHes6l2HQwDWB0MC-AZtluF4zUjtBqTyDCVlEb4LjOr4DarcfP4kQPlXAyQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI0NzU2NTgzNTc1MjUyNDE3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAfZQJwLUYoiSmhch8eVPeY&google_cver=1

Request Chain 254

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQVQbsSwNhmIEU3YhaiVe3Ns0pxPcs1KJ8AsHrbwBKWqMNCgCDBkSLP4iP0oEaDdXlzjYcoVmuQGEiLHfq6pCEfheDuKRPJ4ho HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6d2d983a7ce922ad&is_secure=true&networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQVQbsSwNhmIEU3YhaiVe3Ns0pxPcs1KJ8AsHrbwBKWqMNCgCDBkSLP4iP0oEaDdXlzjYcoVmuQGEiLHfq6pCEfheDuKRPJ4ho HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAK-M0vTSMFoAMOcmQzAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_push=AXcoOmQVQbsSwNhmIEU3YhaiVe3Ns0pxPcs1KJ8AsHrbwBKWqMNCgCDBkSLP4iP0oEaDdXlzjYcoVmuQGEiLHfq6pCEfheDuKRPJ4ho

Request Chain 255

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQ0wZyGWDYPyvIfMauPzpJSjGOe8kZj4OGO_SFZxmz91ZQWE_tJf9ytg8l9VNJYV2WjNV8MjSAaUeCWaN4A_P9c3zlKOPaLhws HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjM4Yjg4NmUtM2VlNi00MGM1LWE3YWQtOThlZmZmYzJjYzA2&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQ0wZyGWDYPyvIfMauPzpJSjGOe8kZj4OGO_SFZxmz91ZQWE_tJf9ytg8l9VNJYV2WjNV8MjSAaUeCWaN4A_P9c3zlKOPaLhws

Request Chain 256

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBVfrL1kqkESFQQaSrhrKlw&google_cver=1&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8iIUdaDPPKPQnMgc23Ks HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBVfrL1kqkESFQQaSrhrKlw&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8iIUdaDPPKPQnMgc23Ks&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8iIUdaDPPKPQnMgc23Ks&google_hm=WV93QUoxb0s2eFp5OTdGM1EzV2M=

Request Chain 257

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJlWphZIl0PLR-9D_dp2gbk&google_cver=1&google_push=AXcoOmQLIXwV8pusQK5YtRqad1kQxja2UHo_8zPkvJ0m1NwONIfGmZfHXzWhfXjbsjXtUtUTZaTXO5XvajzW30RPS1fP4fxyFgSqu18 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S57Hyw0_VkNWFqS1G53Sux_Mkas&google_push=AXcoOmQLIXwV8pusQK5YtRqad1kQxja2UHo_8zPkvJ0m1NwONIfGmZfHXzWhfXjbsjXtUtUTZaTXO5XvajzW30RPS1fP4fxyFgSqu18

Request Chain 259

https://an.yandex.ru/mapuid/google/CAESEOBwLEAnGfun7y22QblHt6U?ext-param=AXcoOmTQMsNj8Y4OtNDodLWlYDqy0YYZPNxiOSPQXQyb5xiwodXJU83nS8a5JTizbD6ppH3hzaw0YSL9OuNuRB1pQoT6vuxI3ugF1xMV&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEOBwLEAnGfun7y22QblHt6U?redir-setuniq=1&ext-param=AXcoOmTQMsNj8Y4OtNDodLWlYDqy0YYZPNxiOSPQXQyb5xiwodXJU83nS8a5JTizbD6ppH3hzaw0YSL9OuNuRB1pQoT6vuxI3ugF1xMV&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOBwLEAnGfun7y22QblHt6U&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 261

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQFvmyPW1ndK2yzQ1kUYw4hAyUMF_mPCb7pVLQ-DuSkaKIiOfgNZ1JuEe7bhjThVM0Zyuznda6Z_G71BZDLCKG3vVm_oU0HRfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTZiNDNhOGYtNjA4Mi00OGIwLWJlZjktOWRiMDI1YzU3MzRi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQFvmyPW1ndK2yzQ1kUYw4hAyUMF_mPCb7pVLQ-DuSkaKIiOfgNZ1JuEe7bhjThVM0Zyuznda6Z_G71BZDLCKG3vVm_oU0HRfA

Request Chain 262

https://a.c.appier.net/gcm?google_gid=CAESEOBNBGDigEvKoCgfSLt4hsM&google_cver=1&google_push=AXcoOmS-BgraXJVr4lMn0qYzgktVxMdsOeUpnnyXwdZHAfOTmQLAc7Zk-hMGSDFlvE7LovKASubbDW1K66hxgympyrTMzzc_0c98mVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mkw2N1lUOFBEdDJremt2S2xQeHRaUQ%3D%3D&google_push=AXcoOmS-BgraXJVr4lMn0qYzgktVxMdsOeUpnnyXwdZHAfOTmQLAc7Zk-hMGSDFlvE7LovKASubbDW1K66hxgympyrTMzzc_0c98mVg

Request Chain 263

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECFBRrBdC-kl3zzRxB7SIu0&google_cver=1&google_push=AXcoOmSFFpT4Or8B0jmEqMzYhmCnBe_4D9gpBc-Hgf40pCIgVewLflZfIv2ccM468kANwkkTNShVaF1SYM2cNvPE9zYy_Fo6Bp8l3M0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmSFFpT4Or8B0jmEqMzYhmCnBe_4D9gpBc-Hgf40pCIgVewLflZfIv2ccM468kANwkkTNShVaF1SYM2cNvPE9zYy_Fo6Bp8l3M0&google_hm=NTdmR0xlMDA4QkRBSzAwN3dSeVU

Request Chain 264

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED4OCXIYL9abK1ssNLr3SUI&google_cver=1&google_push=AXcoOmSFK8GZgwj-iT12yKL_QT41r1I-ufCSSZlJgaqdvp_IvqXHPl8a6O_-stLr4DUQCeu5UTJFrG7XEKuQyezy5n_8zabLR-b3ACc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSFK8GZgwj-iT12yKL_QT41r1I-ufCSSZlJgaqdvp_IvqXHPl8a6O_-stLr4DUQCeu5UTJFrG7XEKuQyezy5n_8zabLR-b3ACc&google_hm=eS1ZVkplUkNkRTJwSGFDSk0yV2c4aHI3VHUySS5ONzcua35B

Request Chain 265

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESELFpDSLRNIVuVZhbC_tBnS8&google_cver=1&google_push=AXcoOmRRfsz1l6qXDS5dVAgDf7bVPD_I0-xQK0ZH9W-R9fOonoznw6X6sRYcre_G-bI2xobPyf2ScB89waNhKJTLN7fMJWbgSImckg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjU&google_push=AXcoOmRRfsz1l6qXDS5dVAgDf7bVPD_I0-xQK0ZH9W-R9fOonoznw6X6sRYcre_G-bI2xobPyf2ScB89waNhKJTLN7fMJWbgSImckg

Request Chain 267

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfsow5AvV3bfh3JVjidI-onATxJPajU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfsow5AvV3bfh3JVjidI-onATxJPajU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAzMDkwODk2ODA2MTI3NDE0OQ&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfsow5AvV3bfh3JVjidI-onATxJPajU

Request Chain 276

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHLoGluJqvpQLbPCXXxMGmI&google_cver=1&google_push=AXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHLoGluJqvpQLbPCXXxMGmI&google_cver=1&google_push=AXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 277

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEI2exj1PA_eHjQ2WfCjAn68&google_cver=1&google_push=AXcoOmThg4oeMx7JRQU1Ea-6MHlocIxOHTkFXe-YF1MYZGfTww-gJdQwgWWUF4MbD60jugEbM_3m9vhP-S3vNH0AomWqTJk90--8_w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI2exj1PA_eHjQ2WfCjAn68&google_push=AXcoOmThg4oeMx7JRQU1Ea-6MHlocIxOHTkFXe-YF1MYZGfTww-gJdQwgWWUF4MbD60jugEbM_3m9vhP-S3vNH0AomWqTJk90--8_w

Request Chain 278

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEE3V38oV6FkvImnSLCVfqqI&google_cver=1&google_push=AXcoOmQwuAxh9QO0D7znIb9CxLfUMWD1_FhUlCFwsPM6GN89y5HpwTI1POEIj0AY4vyh6875WBIFb4Y1FOwWqeafwuT4UqqkxKl9Kw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQwuAxh9QO0D7znIb9CxLfUMWD1_FhUlCFwsPM6GN89y5HpwTI1POEIj0AY4vyh6875WBIFb4Y1FOwWqeafwuT4UqqkxKl9Kw&google_hm=aHZVeU1PRjlGeDl6MWdFT2NHYjdYVVBJOWJz&from_google=pc1

Request Chain 279

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmTcLsNai9Uz2yawrkr8T1C3B91WtoPLcUgh_h7VqNYyojjthV2zb84rwheageIm_AhOWKZUl-9As5ZWE3fiaYoyyaK1p1o8DA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjhjODU0ODYtYzRmNC00MDZlLWIxNGYtMGQ4NGQ2NWVjMjNi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmTcLsNai9Uz2yawrkr8T1C3B91WtoPLcUgh_h7VqNYyojjthV2zb84rwheageIm_AhOWKZUl-9As5ZWE3fiaYoyyaK1p1o8DA

Request Chain 280

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTZm71ReMy15UyUHZHH5ZriVqfNsJfT9KLbcWgNOtN71PPkXnAIpgC8zYU_kRmhMLtFDY2r2qlLECNOQXvhJ3mOGmQD4C8l&google_gid=CAESEDDtWiQC9Qv7SO-2jVqO0Bk&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTZm71ReMy15UyUHZHH5ZriVqfNsJfT9KLbcWgNOtN71PPkXnAIpgC8zYU_kRmhMLtFDY2r2qlLECNOQXvhJ3mOGmQD4C8l&google_gid=CAESEDDtWiQC9Qv7SO-2jVqO0Bk&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQxNjIxNDAwMDA4ODgxNjUwNjc2OQ%3D%3D&google_push=AXcoOmTZm71ReMy15UyUHZHH5ZriVqfNsJfT9KLbcWgNOtN71PPkXnAIpgC8zYU_kRmhMLtFDY2r2qlLECNOQXvhJ3mOGmQD4C8l

Request Chain 281

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED4OCXIYL9abK1ssNLr3SUI&google_cver=1&google_push=AXcoOmTH_afZ5TPnOslBNCMSe1qbanN_nPjLL6vl49eLgWetsCyXrZWusiYxARcIsUX6NW5aNF7Su4kKSIfxNivPO_qdJR1pJQN6YA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTH_afZ5TPnOslBNCMSe1qbanN_nPjLL6vl49eLgWetsCyXrZWusiYxARcIsUX6NW5aNF7Su4kKSIfxNivPO_qdJR1pJQN6YA&google_hm=eS1WcTRwakV0RTJwSHJhUUVRckluOTRmTWczd0Y5RGdzaX5B

Request Chain 282

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESECNERnE1MCO0o8yNrBq-peg&google_cver=1&google_push=AXcoOmRm720-XijlRN32pBVl-R-iLw6uS-XqST6-GdF9-dEvl8NDtS1nmx3IChm1J5P7-xixCJk-gI3y-cK03XYtJbDRqUSA1NixYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRm720-XijlRN32pBVl-R-iLw6uS-XqST6-GdF9-dEvl8NDtS1nmx3IChm1J5P7-xixCJk-gI3y-cK03XYtJbDRqUSA1NixYg

313 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ws4696.xyz/ 1013 KB
199 KB 1818ms
1787ms Document
text/html 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed / PHP/8.1.9
Resource Hash: b1d18a558d57e2b2ce01630bd32e75a541ed8270682ff8bd13290d934e5114b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Dec 2023 16:21:37 GMT
Server: LiteSpeed
Transfer-Encoding: chunked
X-Cache: MISS
cache-control: public, max-age=1
content-encoding: gzip
expires: Mon, 04 Dec 2023 16:21:38 GMT
link: <https://ws4696.xyz/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,Accept-Encoding
x-powered-by: PHP/8.1.9
x-turbo-charged-by: LiteSpeed

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 140ms
95ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b922e1442d09aaeee4f3a28ac1a29b0108ff694b797dc936f672fa009138da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53179
x-xss-protection: 0
server: cafe
etag: 11851280530923988388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 95ms
52ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104241103-3

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5022fe6f7e042b9e827e987896ea7dfc92eb0d356a6b5cbfa18369d7d843432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69117
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 19ms
2ms Script
application/javascript 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/731E) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Content-Encoding: gzip
Age: 825
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (tkb/731E)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK icomoon.woff
ws4696.xyz/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 13 KB
13 KB 4ms
3ms Font
application/x-font-woff 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://ws4696.xyz/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: ef76f153d610c355de8f8aeb1fbe3c17c3f40927d999d2ad4fbf54a7034e43f0

Request headers

Referer: http://ws4696.xyz/
Origin: http://ws4696.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 20 Sep 2023 12:51:36 GMT
Server: LiteSpeed
vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/x-font-woff
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13000
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
ws4696.xyz/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 75 KB
76 KB 5ms
4ms Font
application/x-font-woff2 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://ws4696.xyz/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://ws4696.xyz/
Origin: http://ws4696.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 20 Sep 2023 12:51:35 GMT
Server: LiteSpeed
vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/x-font-woff2
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 style.css
ws4696.xyz/wp-content/themes/cocoon-master/skins/skin-colors-black/ 5 KB
2 KB 124ms
98ms Stylesheet
text/css 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://ws4696.xyz/wp-content/themes/cocoon-master/skins/skin-colors-black/style.css?ver=6.4.1
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 6d563f3e7ae8a5d551b0ad59ee5f5461027ffc0d6b89e4726cb36ee0469958bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
last-modified: Wed, 20 Sep 2023 12:51:35 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1448
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 40ms
2ms Script
text/javascript 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 23:25:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 19ms
8ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 419424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3718
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb4701e-2c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFMW29lHZH%2FYG%2Bk3D9JiBElpptTu35nr1rQr21ecEhGwQjlqeaaeMnKrJbAs1kQCZ5LSIy4BAKlfBE5a5eYMNCX2HcMaZ%2B4kcNCz5qdRJomMZTIwn8o%2B5PVqInV1wrN3RFKW2zdVtMyaOAeV1CkpZW5C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8305622d0f590af4-NRT
expires: Sat, 23 Nov 2024 16:21:37 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 131ms
93ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3478445572654677&host=ca-host-pub-2644536267352236

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8f18f6309ee9a9aad410e1f208e8b069c1b338fcacae0913db02fa16d9340f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Origin: http://ws4696.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53179
x-xss-protection: 0
server: cafe
etag: 5996823374296161816
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
78 KB 53ms
50ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QWH65M

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be2dc4752074bd63d4aa1848e862691e2df35c51866d4ee54b4e08919fac72d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80195
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H/1.1 200
OK script.php Show response
ws4696.flier.jp/analytics/thk-analytics-124/thk/ 5 KB
3 KB 20ms
7ms Script
application/x-javascript 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://ws4696.flier.jp/analytics/thk-analytics-124/thk/script.php
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed / PHP/8.1.9
Resource Hash: 3d4e5c62d464c59ad9cd883d893aa6663e31e507d2c23d7b22a2c7cff1753024

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: gzip
Server: LiteSpeed
x-powered-by: PHP/8.1.9
vary: Accept-Encoding,Accept-Encoding
Content-Type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Connection: keep-alive
Content-Length: 2279
expires: Mon, 11 Dec 2023 16:21:37 GMT

GET
H2 200 BP_NOW-PRINTING_a-374x374.png
ws4696.xyz/wp-content/uploads/2021/05/ 24 KB
24 KB 103ms
96ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2021/05/BP_NOW-PRINTING_a-374x374.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: e3d31b766f1ef8699edbd8363da432055bba82482e28543bbb52c25c227df451

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Mon, 17 May 2021 11:36:23 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 24674
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 TD_NOW-PRINTING-374x374.png
ws4696.xyz/wp-content/uploads/2021/03/ 30 KB
31 KB 51ms
45ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2021/03/TD_NOW-PRINTING-374x374.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 429a72f7fe4c9e470b32ab5bd7ae2d64d0d880c13a41ea2e2cc510c338a92780

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Thu, 18 Mar 2021 13:37:14 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 31186
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 EB_NOW-PRINTING-374x374.png
ws4696.xyz/wp-content/uploads/2021/04/ 18 KB
18 KB 108ms
102ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2021/04/EB_NOW-PRINTING-374x374.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 04ee323b7788157a69f619b237859da5bc59aaaefd35e026ea53f1c4db17b29e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Thu, 15 Apr 2021 11:36:31 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17922
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 utSythkd_400x400.jpg
ws4696.xyz/wp-content/uploads/2020/01/ 16 KB
17 KB 9ms
9ms Image
image/jpeg 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2020/01/utSythkd_400x400.jpg
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 89714ab5e24187c7541202543f19d551b61ac3ab22d4b9136094c8a2b5eb05c1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Sun, 26 Jan 2020 11:31:45 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16877
expires: Tue, 03 Dec 2024 15:57:56 GMT

GET
H/1.1 200
OK bgt
www25.a8.net/svt/ 16 KB
16 KB 19ms
7ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www25.a8.net/svt/bgt?aid=191211469424&wid=001&eno=01&mid=s00000000404001066000&mc=1
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 09b653fcbfcedf261824edb83a334bfc9d2193af6c999891e9daac65dee47dc2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 16278
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www11.a8.net/ 43 B
184 B 17ms
4ms Image
image/gif 18.179.103.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www11.a8.net/0.gif?a8mat=35UBPP+70FT9U+348+6CHB5
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.103.207 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-103-207.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www25.a8.net/svt/ 57 KB
57 KB 5ms
3ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www25.a8.net/svt/bgt?aid=200713211827&wid=001&eno=01&mid=s00000000018015046000&mc=1
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b55f773e18defc141d7aef8376ed3a49fa55b24d02b50fb929a090ef17e55a74

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 57965
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www19.a8.net/ 43 B
184 B 18ms
3ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www19.a8.net/0.gif?a8mat=3BHZAZ+DODI2A+50+2HKVOH
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www26.a8.net/svt/ 12 KB
12 KB 17ms
5ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www26.a8.net/svt/bgt?aid=200713211829&wid=001&eno=01&mid=s00000000404008025000&mc=1
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d951a07b1a1886ea1f27608785858ecd42b2b9ecc8c8eedf8ccd4529ba2ae385

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 11956
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www15.a8.net/ 43 B
184 B 17ms
5ms Image
image/gif 3.112.186.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www15.a8.net/0.gif?a8mat=3BHZAZ+DPKD9U+348+1BS1AP
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.186.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-186-112.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK br_c_2436_1.gif
blog.with2.net/img/banner/c/banner_1/ 3 KB
3 KB 89ms
21ms Image
image/gif 153.120.49.75
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/img/banner/c/banner_1/br_c_2436_1.gif
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.49.75 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www27.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9db6a18ced9b1d309b74d5b0fe33245b1d1f3f9db7e3c0e940fe1b7e8d98e8ea

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Last-Modified: Sat, 04 Feb 2012 01:24:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "a20613-a98-4b8194a794f80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 2712

GET
H2 200 e-202349.js Show response
stats.wp.com/ 7 KB
3 KB 8ms
2ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202349.js
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT nrt
date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464930779.0781
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 30 Nov 2024 15:19:06 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 84ms
48ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3478445572654677

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02f3e23b2da7983545c44b1bca8702f13b3d152d25de7d1956391de36d53d1a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Origin: http://ws4696.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53176
x-xss-protection: 0
server: cafe
etag: 14055267134249875273
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H2

404

gasetting.js
webfood.info/javascripts/
Redirect Chain

http://webfood.info/javascripts/gasetting.js
https://webfood.info/javascripts/gasetting.js

0
0

8ms
1ms

Script
text/html

150.95.137.87
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://webfood.info/javascripts/gasetting.js
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Server: 150.95.137.87 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: v150-95-137-87.a082.g.tyo1.static.cnode.io
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Location: https://webfood.info/javascripts/gasetting.js
Connection: keep-alive
Content-Length: 162
X-XSS-Protection: 1; mode=block

GET
H2 200 yhn_TD_box_400C397400-374x374.png
ws4696.xyz/wp-content/uploads/2023/08/ 139 KB
139 KB 139ms
135ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/08/yhn_TD_box_400C397400-374x374.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: b9cca18615f5f4031f6761c9048b4577046990634d4e7920efa163c19ccb6444

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 30 Aug 2023 16:27:22 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 141952
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 yhn_BP_box_400C397400-374x374.png
ws4696.xyz/wp-content/uploads/2023/08/ 177 KB
177 KB 86ms
82ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/08/yhn_BP_box_400C397400-374x374.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: b292fa2d5aa4af134c5227fa6a3ca8a40267237f70eb23ea863e76a80ca5a729

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 30 Aug 2023 13:39:47 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 181040
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 btr_bp_box-e1684907093582-374x336.png
ws4696.xyz/wp-content/uploads/2023/05/ 163 KB
164 KB 137ms
134ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/05/btr_bp_box-e1684907093582-374x336.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: b9bfe2e98b1beb456dbf19a851f46a717a46fe8fc3c394cab8233a89e81a786d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Sat, 27 May 2023 16:30:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 167334
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 dengekibunko_bp_box-374x336.png
ws4696.xyz/wp-content/uploads/2023/04/ 129 KB
129 KB 138ms
135ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/04/dengekibunko_bp_box-374x336.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: c3f5defd5902cccc715d8136ae2f5ac3ae191906d6ebe37339456c350e90b639

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Fri, 14 Jul 2023 16:26:56 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 131758
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 new_title_ws-e1595403404554.jpg
ws4696.xyz/wp-content/uploads/2021/03/ 27 KB
27 KB 135ms
131ms Image
image/jpeg 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2021/03/new_title_ws-e1595403404554.jpg
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 9746bf0e001904709f9368472672d08b0814d96db9a2f824b7912090d5d9bf5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Mon, 15 Mar 2021 14:19:49 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 27538
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 %E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94%E3%82%B9%E3%82%AF%E3%82%B9%E3%82%BF-1-374x229.jpg
ws4696.xyz/wp-content/uploads/2023/11/ 25 KB
25 KB 125ms
121ms Image
image/jpeg 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/11/%E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94%E3%82%B9%E3%82%AF%E3%82%B9%E3%82%BF-1-374x229.jpg
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 2045d43f18fd3c3df5f8535e3bb247e50ad5d31eab54cd6cc8acd092dd0297f2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Fri, 10 Nov 2023 23:56:19 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 25781
expires: Tue, 03 Dec 2024 16:21:10 GMT

GET
H2 200 %E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94%E3%81%94%E3%81%A1%E3%81%86%E3%81%95-374x280.jpg
ws4696.xyz/wp-content/uploads/2023/11/ 29 KB
30 KB 127ms
124ms Image
image/jpeg 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/11/%E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94%E3%81%94%E3%81%A1%E3%81%86%E3%81%95-374x280.jpg
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 61625ac8f7e000129622f93c4ee659462200195eb1fd3b9a892290d604bb9773

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Fri, 10 Nov 2023 23:55:56 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 29950
expires: Tue, 03 Dec 2024 16:21:10 GMT

GET
H2 200 %E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94%E3%82%A2%E3%83%AA%E3%82%B9%E3%83%BB%E3%82%AE%E3%82%A2%E3%83%BB%E3%82%A2%E3%82%A4%E3%82%AE%E3%82%B9-374x174.png
ws4696.xyz/wp-content/uploads/2023/11/ 115 KB
115 KB 128ms
125ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/11/%E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94%E3%82%A2%E3%83%AA%E3%82%B9%E3%83%BB%E3%82%AE%E3%82%A2%E3%83%BB%E3%82%A2%E3%82%A4%E3%82%AE%E3%82%B9-374x174.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 2f747e9b9a2a42ccfe24d911d892477df94a026ffc4ffc5ed9cdc9b917c4cdbd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Fri, 10 Nov 2023 23:55:39 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 117370
expires: Tue, 03 Dec 2024 16:21:10 GMT

GET
H2 200 %E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E9%80%9A%E8%B2%A9%E3%82%B5%E3%82%A4%E3%83%88-120x68.jpg
ws4696.xyz/wp-content/uploads/2020/02/ 7 KB
7 KB 130ms
127ms Image
image/jpeg 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2020/02/%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E9%80%9A%E8%B2%A9%E3%82%B5%E3%82%A4%E3%83%88-120x68.jpg
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 707d15849ad502f2be299c15e8371fb722a5d57a49e8f6cf0e2012e099846df1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Thu, 06 Feb 2020 01:31:41 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6719
expires: Tue, 03 Dec 2024 16:08:18 GMT

GET
H2 200 4%E3%82%B3%E3%83%B3-120x68.png
ws4696.xyz/wp-content/uploads/2020/08/ 9 KB
9 KB 80ms
77ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2020/08/4%E3%82%B3%E3%83%B3-120x68.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 82775ff8190d576eedefba3df2ca240bb20bd390bdb7be78d73983f7defe8fe3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 12 Aug 2020 14:54:56 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9266
expires: Tue, 03 Dec 2024 16:08:18 GMT

GET
H2 200 %E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94-120x68.png
ws4696.xyz/wp-content/uploads/2020/06/ 14 KB
14 KB 138ms
135ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2020/06/%E3%83%87%E3%83%83%E3%82%AD%E3%83%AC%E3%82%B7%E3%83%94-120x68.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: c52ed0e42ce120f0a111011a916ad08a35929eadf41fecb1713d335cfb14ff41

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 03 Jun 2020 05:29:32 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 14218
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 2-120x68.jpg
ws4696.xyz/wp-content/uploads/2020/02/ 6 KB
6 KB 130ms
128ms Image
image/jpeg 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2020/02/2-120x68.jpg
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 6f3158be047d51629e5b8116242614efeb9a44cef5891b0ab42feaf47c70706a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Thu, 06 Feb 2020 01:51:25 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6383
expires: Tue, 03 Dec 2024 16:08:18 GMT

GET
H2 200 %E3%82%B3%E3%83%A9%E3%83%A0%E7%B4%B9%E4%BB%8B-120x68.png
ws4696.xyz/wp-content/uploads/2020/04/ 14 KB
14 KB 133ms
131ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2020/04/%E3%82%B3%E3%83%A9%E3%83%A0%E7%B4%B9%E4%BB%8B-120x68.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 2b61dbaabc2eb2b0840fca25363537b0bb8f5f4497de2db552e5e502e47929ac

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Sat, 25 Apr 2020 05:33:04 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 14493
expires: Tue, 03 Dec 2024 16:08:18 GMT

GET
H2 200 %E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D-%E9%80%9F%E5%A0%B1-120x68.png
ws4696.xyz/wp-content/uploads/2023/04/ 7 KB
8 KB 133ms
131ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2023/04/%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D-%E9%80%9F%E5%A0%B1-120x68.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 69abf8268adc17a969b4283db067d6fb206a104082d1df83e8cfcb1f60d67275

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Fri, 07 Apr 2023 12:16:17 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7522
expires: Tue, 03 Dec 2024 16:08:18 GMT

GET
H2 200 WS-deck-recipe-120x68.png
ws4696.xyz/wp-content/uploads/2020/07/ 12 KB
12 KB 79ms
78ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/2020/07/WS-deck-recipe-120x68.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 9e3bee1bcc69703971364295b79729e4718304d5a4af83bc106ad61113a5ad54

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Sun, 26 Jul 2020 14:37:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 12476
expires: Tue, 03 Dec 2024 16:08:18 GMT

GET
H2 200 44853-featured-320x165.png
ws4696.xyz/wp-content/uploads/wordpress-popular-posts/ 16 KB
16 KB 115ms
113ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/wordpress-popular-posts/44853-featured-320x165.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: ce71c50f69e1bcb06e9c1e848aeb59c2ec41148ced8599daf447d908b2d3a198

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Thu, 10 Aug 2023 22:42:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16509
expires: Tue, 03 Dec 2024 15:46:24 GMT

GET
H2 200 45314-featured-320x165.png
ws4696.xyz/wp-content/uploads/wordpress-popular-posts/ 11 KB
12 KB 133ms
131ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/wordpress-popular-posts/45314-featured-320x165.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: c2e99415bfcc2d958cb252bf90d283aba9af56cde44fc8212657a5afd738c1a8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Thu, 05 Oct 2023 15:00:36 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11673
expires: Tue, 03 Dec 2024 15:46:24 GMT

GET
H2 200 38219-featured-320x165.png
ws4696.xyz/wp-content/uploads/wordpress-popular-posts/ 17 KB
18 KB 116ms
114ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/wordpress-popular-posts/38219-featured-320x165.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: bb80418cb4dd40912b68db0f75d44230e9d6adedf65e878cb888f6b0c2441d89

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Sat, 17 Dec 2022 15:01:13 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17685
expires: Tue, 03 Dec 2024 15:46:24 GMT

GET
H2 200 45031-featured-320x165.png
ws4696.xyz/wp-content/uploads/wordpress-popular-posts/ 82 KB
83 KB 116ms
115ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/wordpress-popular-posts/45031-featured-320x165.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: a4a8da9b56e61e7c72c2b6f272c33f31b47c2c527e0212a88b191e3508c3520b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 11 Oct 2023 15:39:50 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 84175
expires: Tue, 03 Dec 2024 15:46:24 GMT

GET
H2 200 40286-featured-320x165.png
ws4696.xyz/wp-content/uploads/wordpress-popular-posts/ 68 KB
69 KB 117ms
116ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws4696.xyz/wp-content/uploads/wordpress-popular-posts/40286-featured-320x165.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 70ee71d2be01af776e6f7b2c9f0908be77f3d35cbdbee0150c44c1b4c5e8c6da

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Sun, 15 Jan 2023 07:50:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 69999
expires: Tue, 03 Dec 2024 15:46:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
94 KB 60ms
59ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8W8TP6BEYC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104241103-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e56e3d1d1fd44f78ce89a543820b189581fc1795352d1996fb8d38b275644ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 51ms
2ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104241103-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 14:51:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5397
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 16:51:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 44ms
44ms Script
application/javascript 2404:6800:4004:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-TNFSL5S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104241103-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

521b9ed814238d6143d351f4433aa5c7ca5b02c46bdd7555f3edcb4ca2c103ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 117ms
117ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e6d4ca6c4c55bae9c447476d55a6239b04b9586bd4ca7537fa3d1542e4a8fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137641
x-xss-protection: 0
server: cafe
etag: 6304614605009590931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:37 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 8CA1 9 KB
4 KB 47ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 36510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 06:13:07 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 06:13:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK track.php Show response
ws4696.flier.jp/analytics/thk-analytics-124/thk/ 65 B
535 B 519ms
519ms Script
application/x-javascript 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://ws4696.flier.jp/analytics/thk-analytics-124/thk/track.php?LT=0&RF=&UR=http%3A%2F%2Fws4696.xyz%2F&TI=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&SW=1600&SH=1200&SC=24&CC=true&s=20
Requested by: Host: ws4696.flier.jp
URL: http://ws4696.flier.jp/analytics/thk-analytics-124/thk/script.php
Protocol: HTTP/1.1
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed / PHP/8.1.9
Resource Hash: 6d5381f4a95f8a4af8491bf59fe4b1eeb2794666ab5d94fa1d532657af539dd4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:38 GMT
content-encoding: gzip
Server: LiteSpeed
x-powered-by: PHP/8.1.9
vary: Accept-Encoding,Accept-Encoding
Content-Type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
Connection: keep-alive
Content-Length: 85
expires: Mon, 11 Dec 2023 16:21:38 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 4ms
1ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&blog=167839314&post=0&tz=9&srv=ws4696.xyz&j=1%3A12.8.1&host=ws4696.xyz&ref=&fcp=2089&rand=0.13565528348190403
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Dec 2023 16:21:37 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 0E05 319 KB
104 KB 3ms
3ms Document
text/html 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fws4696.xyz
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/731E) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4823339
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Dec 2023 16:21:37 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/731E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK no-image-120.png
ws4696.xyz/wp-content/themes/cocoon-master/images/ 733 B
1 KB 7ms
6ms Image
image/png 163.44.185.207
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ws4696.xyz/wp-content/themes/cocoon-master/images/no-image-120.png
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Server: 163.44.185.207 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-207.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 2e60e076336c2f9d80289ca5863018061cb1d3fbee8dcb5a02c0f4d4f93a31ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
last-modified: Wed, 20 Sep 2023 12:51:35 GMT
Server: LiteSpeed
vary: Accept-Encoding
X-Cache: MISS
Content-Type: image/png
cache-control: max-age=31536000, public
x-turbo-charged-by: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 733
expires: Tue, 03 Dec 2024 16:21:37 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/994292948/ 3 KB
2 KB 98ms
47ms Script
text/javascript 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/994292948/?random=1701706897822&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fws4696.xyz%2F&label=kSUJCPiB_bMYENTpjtoD&hn=www.googleadservices.com&frm=0&tiba=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&value=0&bttype=purchase&auid=758232965.1701706898&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QWH65M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

cafe /

Resource Hash

7537c70888aeaeca66fbfee0fef06d2707c1945efc1e6501aade15c38c1ec66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1675
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uh.js Show response
uh.nakanohito.jp/uhj2/ 31 KB
11 KB 9ms
4ms Script
application/javascript 203.114.55.135
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: http://uh.nakanohito.jp/uhj2/uh.js
Requested by: Host: ws4696.xyz
URL: http://ws4696.xyz/
Protocol: HTTP/1.1
Server: 203.114.55.135 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS: 203x114x55x135.ap203.ftth.arteria-hikari.net
Software: nginx /
Resource Hash: afef63348ef4e06b6da27547978472e008f7d4667f7036d50a6872bfc4da6bab

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 11:58:07 GMT
Server: nginx
ETag: W/"61f288cf-7add"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=10800
Connection: close
Cache_Control: public
Expires: Mon, 04 Dec 2023 19:21:37 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
140 B 42ms
41ms XHR
text/plain 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1737927396&t=pageview&_s=1&dl=http%3A%2F%2Fws4696.xyz%2F&ul=en-us&de=UTF-8&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1460559336&gjid=631176234&cid=1527332123.1701706898&tid=UA-104241103-3&_gid=1319875169.1701706898&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1965548985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 2ms
2ms Image
image/gif 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1737927396&t=pageview&_s=1&dl=http%3A%2F%2Fws4696.xyz%2F&ul=en-us&de=UTF-8&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAACAAI~&jid=&gjid=&cid=1527332123.1701706898&tid=UA-104241103-3&_gid=1319875169.1701706898&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&did=dZTNiMT&gdid=dZTNiMT&z=1632294231

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 01:03:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55078
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0E05 870 B
659 B 110ms
102ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=542a2bbb5f8d2c7b71d6f2ad2d68512a17354e23

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fws4696.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 100
date: Mon, 04 Dec 2023 16:21:37 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 04 Dec 2023 16:21:37 GMT
server: tsa_m
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 31a409dea5bbab23
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 712e95296bd62bfcc687560a94c52a3d0c160c05b2c52fb5822ffe3021444562
content-length: 338

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 119ms
39ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PLM6M7N4VS&gtm=45Pe3bt0v9103729353&_p=1701706897451&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1527332123.1701706898&ul=en-us&sr=1600x1200&_s=1&sid=1701706897&sct=1&seg=0&dl=http%3A%2F%2Fws4696.xyz%2F&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&en=page_view&_fv=1&_ss=1&_c=1&_ee=1&tfd=2357
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TNFSL5S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 162ms
54ms Ping
text/plain 2404:6800:4008:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PLM6M7N4VS&cid=1527332123.1701706898&gtm=45Pe3bt0v9103729353&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TNFSL5S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 87ms
41ms Image
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PLM6M7N4VS&cid=1527332123.1701706898&gtm=45Pe3bt0v9103729353&aip=1&dma=0&gcd=11l1l1l1l1&z=838209449

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
250 B 73ms
37ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8W8TP6BEYC&gtm=45je3bt0v9103730306&_p=1701706897451&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1527332123.1701706898&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1701706898&sct=1&seg=0&dl=http%3A%2F%2Fws4696.xyz%2F&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&en=page_view&_fv=1&_ss=1&_c=1&tfd=2402
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W8TP6BEYC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 116ms
53ms Ping
text/plain 2404:6800:4008:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8W8TP6BEYC&cid=1527332123.1701706898&gtm=45je3bt0v9103730306&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W8TP6BEYC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 46ms
45ms Image
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8W8TP6BEYC&cid=1527332123.1701706898&gtm=45je3bt0v9103730306&aip=1&dma=0&gcd=11l1l1l1l1&z=1353115491

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7953 563 KB
118 KB 531ms
530ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478445572654677&output=html&adk=1812271804&adf=3025194257&lmt=1701706898&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701706897721&bpp=5&bdt=288&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3329894081658&frm=20&pv=2&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=350

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4bf4ed4cf6c60d8078a39f3464737f95495c4fb9429248bf1fee69826c91933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 120763
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:38 GMT
expires: Mon, 04 Dec 2023 16:21:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.co.jp/pagead/1p-conversion/994292948/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%...
https://www.google.co.jp/pagead/1p-conversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3...

42 B
154 B

45ms
44ms

Image
image/gif

2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fws4696.xyz%2F&label=kSUJCPiB_bMYENTpjtoD&hn=www.googleadservices.com&frm=0&tiba=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&value=0&auid=758232965.1701706898&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqMy1EbjlSeW9jY0lqSDA5aUhIdlk4LUxfRDd1ZG9mcU15M1pjWHVrRW1GGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHEyelhfWXloeV9nRXFDNk5XNEVEY09EWlRPOEdUV1psOC12LW9yRGx5amRSb3kxVENoX29uNnMiEwifiqWZmPaCAxXWVMIFHUxdDIQ&is_vtc=1&ocp_id=kfxtZd_9Ntapid4PzLqxoAg&cid=CAQSGwDICaaNSKa-UudJaRmVvaNELPI3o-qi8mcHTA&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_KuyOjTJIq6n6YjsNML8GRiTM23QpuL4e00&random=1803144062&ipr=y

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Server

2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.jp/pagead/1p-conversion/994292948/?random=1625632869&cv=11&fst=1701706897822&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830015533&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fws4696.xyz%2F&label=kSUJCPiB_bMYENTpjtoD&hn=www.googleadservices.com&frm=0&tiba=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&value=0&auid=758232965.1701706898&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNqMy1EbjlSeW9jY0lqSDA5aUhIdlk4LUxfRDd1ZG9mcU15M1pjWHVrRW1GGldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHEyelhfWXloeV9nRXFDNk5XNEVEY09EWlRPOEdUV1psOC12LW9yRGx5amRSb3kxVENoX29uNnMiEwifiqWZmPaCAxXWVMIFHUxdDIQ&is_vtc=1&ocp_id=kfxtZd_9Ntapid4PzLqxoAg&cid=CAQSGwDICaaNSKa-UudJaRmVvaNELPI3o-qi8mcHTA&eitems=ChEIgI62qwYQ2cH0ifKD6eG6ARIdALib_KuyOjTJIq6n6YjsNML8GRiTM23QpuL4e00&random=1803144062&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 853A 129 KB
44 KB 777ms
776ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478445572654677&output=html&h=280&slotname=1444455752&adk=1102396104&adf=2643309891&pi=t.ma~as.1444455752&w=336&fwrn=4&fwrnh=100&lmt=1701706898&rafmt=1&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1701706897728&bpp=1&bdt=295&idt=366&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=371

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978fb2eee40b56e6f6264659428830b693c744c5919c3a178c42f197efae9e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44566
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:38 GMT
expires: Mon, 04 Dec 2023 16:21:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 853A 1 KB
570 B 84ms
42ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%8A%E3%80%82%E3%81%A3%E3%81%91%E3%81%A7%E3%83%88A%E3%82%92%E3%83%9A%E3%81%AE%E3%82%B9a%E9%96%8B%E5%8B%A2%E3%81%AAz%E3%81%86%E3%82%88o%20%E4%B8%AD%E3%81%A4%E3%83%AF%E5%86%AC%E3%82%B7%E6%BA%96%E3%81%8B%E3%82%AF%E3%82%8B%E3%81%99%E3%83%AA%E3%82%A2%E3%83%86%E3%81%BEn%E5%82%AC%E3%83%A3%E3%81%8C%E4%BB%8A%E3%83%91%E8%A6%8B%E3%83%BC%E3%82%89%E3%81%A8%E3%81%84%E3%83%9B%E6%8F%83%E3%81%A1%E3%82%A3%E3%81%9B%E3%80%81m%E5%82%99%E3%83%AB%E3%83%87%E3%82%82%E3%81%90%E5%95%86%E5%93%81

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478445572654677&output=html&h=280&slotname=1444455752&adk=1102396104&adf=2643309891&pi=t.ma~as.1444455752&w=336&fwrn=4&fwrnh=100&lmt=1701706898&rafmt=1&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1701706897728&bpp=1&bdt=295&idt=366&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

112a739fed40464e3e9272f5679eb69fb67536886f4d5ad5fbae3fd03b456c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 16:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 16:21:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 16:21:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 853A 14 KB
2 KB 82ms
40ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 16:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 14:33:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 16:21:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 853A 2 KB
903 B 57ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 853A 24 KB
9 KB 57ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 853A 3 KB
1 KB 58ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 853A 20 KB
9 KB 85ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 853A 202 KB
64 KB 128ms
51ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:38 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 853A 37 KB
16 KB 42ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 09:11:22 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 160 KB
55 KB 52ms
51ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff31218d890fb6a263543047e51de59e857e37b16fa4123e9e7426dd23484941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: cafe
etag: 17773650712135013074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:38 GMT

GET
H2 200 ca-pub-3478445572654677 Show response
fundingchoicesmessages.google.com/i/ 176 KB
59 KB 293ms
242ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3478445572654677?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4761b9e9c5ca8e13fe185b78c1e8c01c8a02db9dccb0506ad4ca31b6b6837fa

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jR0oE338Y8K4mQkRyt-m1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jR0oE338Y8K4mQkRyt-m1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1CF6 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478445572654677&output=html&h=280&slotname=1444455752&adk=1102396104&adf=2643309891&pi=t.ma~as.1444455752&w=336&fwrn=4&fwrnh=100&lmt=1701706898&rafmt=1&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1701706897728&bpp=1&bdt=295&idt=366&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=371
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 15:42:02 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 853A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44806132&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=1168473133448089

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1CF6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
expires: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 853A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 896dd0788acc091b9ff093ab63d9e274ab1aed3f26cdf4f35734d2fd6bcda98a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 853A 33 KB
34 KB 47ms
3ms Font
font/woff2 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:38:42 GMT
x-content-type-options: nosniff
age: 315777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 00:38:42 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 853A 37 KB
38 KB 47ms
5ms Font
font/woff2 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrv03ck5od7e6ODTxoRVjbcOUR04DiFxC2uodfz3eCtfPTDRlGPji6FP8-Ii0CL1Akgz9BLL2FROhAkm4Jx_ebAbtdAvP4YwH-s0D0Ew78exEStgLdpncJk-cMJY0czMKofpLAu5taRPwxAnB4gbk0Hg6pinOorMpWqoZkNee_4W49wk8gPtykJGRpGJF__qQggn7wgj-SJ9w_n5_-JDDG_AjctVT_96FhNb7XpHijdUvyBAC7d-Amqrd5pshBbGilIuTLzTPdk2kdNLozO3Wubqt4O6pF3AB_hqlMnOC21VvJh3x8_fHE&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%8A%E3%80%82%E3%81%A3%E3%81%91%E3%81%A7%E3%83%88A%E3%82%92%E3%83%9A%E3%81%AE%E3%82%B9a%E9%96%8B%E5%8B%A2%E3%81%AAz%E3%81%86%E3%82%88o%20%E4%B8%AD%E3%81%A4%E3%83%AF%E5%86%AC%E3%82%B7%E6%BA%96%E3%81%8B%E3%82%AF%E3%82%8B%E3%81%99%E3%83%AA%E3%82%A2%E3%83%86%E3%81%BEn%E5%82%AC%E3%83%A3%E3%81%8C%E4%BB%8A%E3%83%91%E8%A6%8B%E3%83%BC%E3%82%89%E3%81%A8%E3%81%84%E3%83%9B%E6%8F%83%E3%81%A1%E3%82%A3%E3%81%9B%E3%80%81m%E5%82%99%E3%83%AB%E3%83%87%E3%82%82%E3%81%90%E5%95%86%E5%93%81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e6d0fc0d2df1dddde03a6c3570e472a623693d6a35785bb79b4a94ed4c94597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:36 GMT
x-content-type-options: nosniff
age: 66783
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38388
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Dec 2023 21:48:36 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 853A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHPemkvxtZbOWCJWFpt8P9cWW8ASowIy_dNWh-qP_EeLDgf6tEhABILPS5lBgifPFhPQToAG-9_T9AsgBAakCwM00z95NPT6oAwHIA8sEqgTHAU_QURlQMfuqbFvovmysUiCMmIAehHQYUJb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x29eaf15a9234e660000000000000000%22,%222%22:%220x6259b3da8b10a5800000000000000000%22,%223%22:%220xf58cf05...

0
0

43ms
42ms

Fetch
text/css

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x29eaf15a9234e660000000000000000%22,%222%22:%220x6259b3da8b10a5800000000000000000%22,%223%22:%220xf58cf0590943cf010000000000000000%22,%224%22:%220x6184a14faf0d8c5b0000000000000000%22,%225%22:%220x9263cb89aadde12c0000000000000000%22},%22debug_key%22:%228468635667759555803%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22800930750%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224591918511892478721%22}&andc=true

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x29eaf15a9234e660000000000000000","2":"0x6259b3da8b10a5800000000000000000","3":"0xf58cf0590943cf010000000000000000","4":"0x6184a14faf0d8c5b0000000000000000","5":"0x9263cb89aadde12c0000000000000000"},"debug_key":"8468635667759555803","debug_reporting":true,"destination":"https://amazon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["800930750"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"4591918511892478721"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 16:21:39 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x29eaf15a9234e660000000000000000","2":"0x6259b3da8b10a5800000000000000000","3":"0xf58cf0590943cf010000000000000000","4":"0x6184a14faf0d8c5b0000000000000000","5":"0x9263cb89aadde12c0000000000000000"},"debug_key":"8468635667759555803","debug_reporting":true,"destination":"https://amazon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["800930750"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"4591918511892478721"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame BE99 51 KB
19 KB 3ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 01:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 398897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 01:33:22 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 83ms
41ms Preflight
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B9B 163 KB
49 KB 461ms
460ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3347988295&pi=t.aa~a.2682791915~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280&nras=2&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d79fe617fcee3a024f450a07d651e62ef55764962a60e4bca5be6ffea232810f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 49821
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC46 160 KB
47 KB 549ms
549ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd09774fccd120bbe9182a37b2c3139635af3d52b9192e11908d299a675b6197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 48300
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30AE 436 B
233 B 399ms
399ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=100&adk=130578063&adf=3497330489&pi=t.aa~a.2551706880~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x100&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50&nras=4&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=225

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cfbf9445e1d2a05f6f562ceffae4fb25e28e791b734b5361b8299625bf73891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7309 101 KB
41 KB 425ms
425ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ca6c7cfe996f4fb4708ec04712cbe84da9fd39b2975a64cc74d118ae7f68a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41970
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98B5 102 KB
41 KB 478ms
478ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=280&adk=542714845&adf=3364714922&pi=t.aa~a.1728172515~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1621&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50&nras=6&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4842165d46e47aaf19092aa2391cc8abd61a897f2123ad6ac9b35b2a565867b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C85C 101 KB
41 KB 454ms
454ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2204122d7916a897ea8123dcc4f6ba1221ef13b8503e2037d5e773b39a4412a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42133
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 5F95 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:00:33 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 14:00:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 1DDD 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:00:33 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 14:00:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame EEAE 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:00:33 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 14:00:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame C4B0 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 8466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:00:33 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 14:00:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWKGOQB5edpREPoFvX77GoWOWg2IHOdnxc6jrZXYYrLEPu0s-DmY_e1sRbsC4OLFPDAk6IP3G-YXQeYDoFK6agMIucc4OT60gF3pL14clsuOqVg0LeHMURrPZksjREzDo4jZQEcyw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 53ms
53ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWKGOQB5edpREPoFvX77GoWOWg2IHOdnxc6jrZXYYrLEPu0s-DmY_e1sRbsC4OLFPDAk6IP3G-YXQeYDoFK6agMIucc4OT60gF3pL14clsuOqVg0LeHMURrPZksjREzDo4jZQEcyw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNzA2ODk5LDM1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL3dzNDY5Ni54eXovIixudWxsLFtbOCwiRmFZUHVSd2VxSUkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83b2d0a1fbab062c8468a3c869ae3eb3ad09d01ccc3768210f889a2e76a6e200

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6fixvH9ykxejY8P2xXjgkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-6fixvH9ykxejY8P2xXjgkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5F95 4 KB
767 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 14:31:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F95 205 B
520 B 4ms
3ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:31:12 GMT
x-content-type-options: nosniff
age: 244227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Nov 2024 20:31:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F95 604 B
696 B 4ms
3ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:41:43 GMT
x-content-type-options: nosniff
age: 149996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Dec 2024 22:41:43 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 5F95 16 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:23 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 5F95 22 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:23 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B2D4 448 B
213 B 43ms
43ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNVRvcCP5cIbXLse0TE7gQd-6SxU-1sy8VEaxhcCKXb7iWYVOXtGWgTY2mRuOD9Mqdt_Nk-xPcshRJ46d5DWF6aDDdjXvQ

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3BFD 24 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 3BFD 7 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BFD 41 KB
14 KB 3ms
0ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:11:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3BFD 3 KB
1 KB 3ms
1ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3BFD 20 KB
8 KB 4ms
1ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BFD 202 KB
64 KB 51ms
49ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BFD 42 B
63 B 36ms
35ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwlXsXUG19MrjYrTECnmogrYAjznV1OTi2NlMC8gevEiogvkhUqn7igdsmCd7QV1CQtjxSzNUkxnHJe9hxF1AiusKiSvIrSwvO_W0FliB6PYOIVlQ

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3957710615409578942
s0.2mdn.net/simgad/ Frame 3BFD 22 KB
22 KB 100ms
5ms Image
image/png 2404:6800:4004:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3957710615409578942

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c0329d581f58e67913b9244f23212e54cad238530899e744d8e97ea3c1c1a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:16:40 GMT
x-content-type-options: nosniff
age: 500699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22519
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 02:24:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 21:16:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A336 611 B
263 B 47ms
46ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNWtjGSRZ-KdPNxdQG0-wmnwA0bfLyuJ_Ew7EN76k0_Z3K6TQu5VtNwHdjUSAjr_gxZgMM_fCfZ_j-Iq0bgkkm7syYtf1w

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3957710615409578942
s0.2mdn.net/simgad/ Frame 461B 22 KB
22 KB 81ms
3ms Image
image/png 2404:6800:4004:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3957710615409578942

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c0329d581f58e67913b9244f23212e54cad238530899e744d8e97ea3c1c1a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:16:40 GMT
x-content-type-options: nosniff
age: 500699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22519
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 02:24:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 21:16:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 461B 24 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 461B 7 KB
3 KB 4ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 461B 41 KB
14 KB 5ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:11:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 461B 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 461B 20 KB
8 KB 4ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 461B 202 KB
64 KB 79ms
78ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 461B 42 B
63 B 40ms
39ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BW5buIp94aPZbj8dZv3SbbRb0LUCWToiE1j9_fioeqerNPV8P2x5zqkY9jNz1_vyap7VdfvKFYZPYVrAbZLF1T47G3GrTlEp1DlGOIA3YxDSZgO5w

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FC8F 441 B
197 B 47ms
47ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYk8ju7QEwAQ&v=APEucNUHKJjGVBKXhn7-UyKeOD0nGaPkR-CFFaAQISeqB7u7-59RWNOGg7YY7eNb1DXcYH2VVQ1oPSTg3g8AozeuOOk1ZbgMJw

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame ECA6 24 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame ECA6 7 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame ECA6 0
0 101ms
50ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsveMTiFpZWGLasuxKOXUYVPE7DasXfV5zpDOiv4_mP0CLd2ufCuDPhYB1GI8Vb1X4uI-2DdQ4J3yGQYz-811VXGVub5QxrMWc3zAMiz2UvzV_s2tY8Jww8gm9d6FNmVXuPJTTjxZz89XtIQzGXxo6NKJPuTzQ70QrSDDE0UVo7k6r0KfqcRlqNpWNFUZ_AxiImcm7uj99uzKl_pGO2gjPduzsU2LbGDpOMsP9Qt3P8FD8Z25RLUUEXOfltIDYuOBkp5UsnR2yyf8Y_qmZpQROAC3OxZ9kSPX1RE21Y4vMrYfeYpYfZLwvKR88UJOH-v3b7fRDG8Y-ZJhep3z8IzU8ar4z1WvXz2bgFpo1SiRqiMuX9K9etItUjwlG38jYt9mZtXA0emmVXzWacLPFauvYX5EYA3TrnF8hNS8XPZh9qO2yEuzhcvjwf5iwzMEWER6oGlWJq2nKEqUqAOLhO0pT15Nf5lGcZzeZFSQPGOCXbWFvUTIrIR2xKvk7-DludRlNNpgDKCzueLum33azUOPT_CUQjExhUP2yE8-M4a72fodRkAGy2nxrKrHvUXZsbGEkBQ6S6qYOODl0AxHF7EYEqPNZK60Hx0c_2B6PzFTofssLAr9oTj5iIlRoBlpZgQtUCq5k5gHwQUhTiE5BRw0j1jdo9wvkAFEicjjaIagRrZhpSUgAGvP8hgqF-5sHHpFFg19xmh-VAaOjQcQ2QkZ-cGqniDf_fC2M7uVnfI6eBa_7bgB3n0WFA0_YO_eVWP_nMl4xk0SucpGyGYzRbT6fBx87IGvTi40P6ojd8c5i5WoqiDRs-sgnsRSk7J-FfUpdf5RjB0ONXFNS5cZmaxBclC2b-ObXzYJVd5i-NSsDqOoHCamGQYA6APdoEwTfW3LyQh9W97ahvRzEUievQyAWXoQG-zf7Tmb9bDT07LavphwFOr9Bb-1fKyVAqsi9c4OvnH91I7t-KcG_x395j4uIfi8L0RWs4ti-3T6IaKJG_NOjmBb3I3Z505ITAoAYMHNvSFTLBuXJnNKDys7-e8hwGFdWmMw6SFrImd0Ws6x5xgTwxebYjvSmXP9MQ5owI9BxrurrbAzBKGMh9Ejr3UR-FRiF0E9JkHQ0pFpJNtBp4z517u9WOMR0di5W4bNdH2mw5t77GS_zLr6A_sJ8J4mBChQstsZ0l5g8tI1DR06DFVdXri4xb9rW9zMiBjusnIHolhmBW_QExtjLwFw4KwNjHS94c5y-0EV4e85mnbesWhdDwqs5hayQpTAgbXlJ5qtHlAlKqDxbnph241uJUKpuuSeNfk41vPgx_ki6cSQ88T11u__PC2pNQFE6TOdrOP38rirAiM82q_UI4cmQ&sai=AMfl-YSvhJqjZ_VACbmFYMOVfNHFS6W0JwmII0WjIQxkV_xSmuJKhdWMB7EpYTvdomuHmmaf1Pbndmdi2JPXEKkNMdPboi3uhxz_hFaelPeznCYJOiIE7x2mXVQHwRTtKjLnAscFVZKINc9W9W89q1SkawKtzLktrvttOvUWhrs7Q0XdAYFuDNI47RTTfY55rWpaFHR4m6AmtyjRDQID3fTud1WgQaMWfIYZIranSuUSl-BczhpXZ3Mpi5iejUO-SkUx_CaigfpN_gqYxKLperzK-rLzWy9iDRiy8etTdqY_5LtfIiSHp05IQO00grUo4_gRAw9zZw8BTbRVKY2nGF_0GLeS_e4zQbNQYAB8gDGKnXwc5ocVQHtYuVBeNOmqDlTgYLlqNNFM9eMxu6e8lqoDXVLiZaa_yKMVtBuS_AyX-dFiM_UR49rCY6FqgJmtvtcl36yarNegAorL6GaLqLRBljIo7w39rCWypKh_kGWHc1wA6YmfLofIwHENI13aWcMEjY4k6Wc&sig=Cg0ArKJSzD7EscfUKIaCEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.24827&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame ECA6 41 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:11:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ECA6 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ECA6 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECA6 202 KB
64 KB 59ms
58ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECA6 42 B
63 B 40ms
39ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwylVPniAWJMjSAgek_NIu-rXLJdxjYRzhObBAuBWI4AxsOQA4Ewx42uvac01SflC01m6YNymEA8IqBImXtxcBftL67YriTZDQUvnwd4eVu-o_pMo

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10739651982181655600
s0.2mdn.net/simgad/ Frame ECA6 16 KB
16 KB 52ms
3ms Image
image/png 2404:6800:4004:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10739651982181655600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5184f756de91f453e4bf350fc3439ecb414f8145e31d9bfc820e2a40c890eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:01:00 GMT
x-content-type-options: nosniff
age: 386439
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16135
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 02:53:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 05:01:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B2D4
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
243 B

62ms
41ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNVRvcCP5cIbXLse0TE7gQd-6SxU-1sy8VEaxhcCKXb7iWYVOXtGWgTY2mRuOD9Mqdt_Nk-xPcshRJ46d5DWF6aDDdjXvQ

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 16:21:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B2D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1

43 B
769 B

17ms
17ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNVRvcCP5cIbXLse0TE7gQd-6SxU-1sy8VEaxhcCKXb7iWYVOXtGWgTY2mRuOD9Mqdt_Nk-xPcshRJ46d5DWF6aDDdjXvQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G89zDMNw1tN3Erw4tvO30HmLxhlv5Itn5W7qQ8cG9b1sIoGi3cuXmPhIh1Z6vNt8Gs5L5OHxgE0lhtjNcIz6eM6%2Fx7Kd%2Bq8Gf1BqKqmdPGwORMQvo%2FJzZK47yZu%2Bnr6rMvIS2WOoZm5aHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8305623a4bc1afee-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B2D4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW38k1OHEe1-xGTy7W3mxAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1

43 B
734 B

14ms
13ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNVRvcCP5cIbXLse0TE7gQd-6SxU-1sy8VEaxhcCKXb7iWYVOXtGWgTY2mRuOD9Mqdt_Nk-xPcshRJ46d5DWF6aDDdjXvQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIO6OZJ15UKbKZIxHe%2FDqJifeL02wSC6yj%2BmHtCRRS6eipugEIysxQZQKbgIeyLoQLNMq6nB%2F6sUNn0fORb6CcwEttJGcBSFhafJGV%2Fav%2BjtHgpeXylrcDeoTqcv3HDZ5CyYm9bW7KHu5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8305623a8c05afee-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHqhP9NZpPbJXxjf-mCbtJA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWI0HCcdt5jvFiiwtE1c6bsBPUnGLltDzAtLhN9CFTqgpUnSLiEhdcaTVkp7IRBqbKKEFSjxV-nxYgAcQhXD7HuuA6tTnSm4evy3cBuJdL6LfvbVyiiCZv5novIPl3Q6OIzycWxag== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 96ms
96ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWI0HCcdt5jvFiiwtE1c6bsBPUnGLltDzAtLhN9CFTqgpUnSLiEhdcaTVkp7IRBqbKKEFSjxV-nxYgAcQhXD7HuuA6tTnSm4evy3cBuJdL6LfvbVyiiCZv5novIPl3Q6OIzycWxag==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNzA2ODk5LDQ4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly93czQ2OTYueHl6LyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aae948bf1a4f39292abb99912a3262d77ce10916b1003abc96211ae6993da91f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DjmOTE6bME48GUsVhhMFrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DjmOTE6bME48GUsVhhMFrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ACE7 948 B
462 B 43ms
43ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%A2%B0%20%E9%85%8D%E5%B0%82o%E3%82%8B%E9%96%80%E3%82%81%E3%81%AF%E6%A9%9F%E5%8D%98%E3%83%97Gl%E3%81%AA%E3%81%98%E3%83%9D%E9%81%8B%E3%82%B9e%E9%96%8B%E7%9A%84%E5%91%8A%E3%81%A7%E5%AE%89%E5%A7%8B%E3%83%88%E3%82%92%E5%BA%83%E4%BF%A1%E3%81%AE%E7%94%A8%E3%80%82%E6%8B%85%E3%83%83%E5%BF%83%E3%81%97%E9%96%89%E3%81%A63%E3%82%B5%E5%AD%A6%E3%80%81%E7%BF%92%E5%BD%93%E3%81%8F%E6%9E%9C%E3%82%8Cg%E5%8A%B9%E3%83%BC%E3%82%89%E3%83%AA%E3%83%86%E7%B0%A1%E8%80%85%E3%82%A2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d234519a12ca79e72a4a19ccd93bfb00df930fc29d10d2da1ba7c60ff926126c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 16:21:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ACE7 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame ACE7 24 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F12 143 B
166 B 8ms
7ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 15:42:02 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ACE7 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame ACE7 20 KB
8 KB 8ms
6ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACE7 202 KB
64 KB 129ms
128ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame ACE7 37 KB
15 KB 8ms
7ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 09:11:22 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame A336
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHUkD3JhvighDUq7KyIe74E&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUkD3JhvighDUq7KyIe74E%26google_cver%3D1

43 B
892 B

71ms
71ms

Image
image/gif

103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUkD3JhvighDUq7KyIe74E%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNWtjGSRZ-KdPNxdQG0-wmnwA0bfLyuJ_Ew7EN76k0_Z3K6TQu5VtNwHdjUSAjr_gxZgMM_fCfZ_j-Iq0bgkkm7syYtf1w

Protocol

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
an-x-request-uuid: 1f8d1038-0abd-49de-be35-e3b668ee1ff5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.145.171; 31.204.145.171; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
an-x-request-uuid: 74a2f317-7114-4372-ac64-01c30a573ea0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHUkD3JhvighDUq7KyIe74E%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.145.171; 31.204.145.171; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A336
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzMzI1NzY2NjYyOTkxODEzOA%3D%3D

170 B
188 B

41ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzMzI1NzY2NjYyOTkxODEzOA%3D%3D

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
an-x-request-uuid: e355a1d3-519c-4a26-b401-b3d384f33892
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEzMzI1NzY2NjYyOTkxODEzOA%3D%3D
x-proxy-origin: 31.204.145.171; 31.204.145.171; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A336
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIciKZb6sdmq9-zj_Ds565s&google_cver=1

43 B
171 B

43ms
43ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIciKZb6sdmq9-zj_Ds565s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY4bHu7QEwAQ&v=APEucNWtjGSRZ-KdPNxdQG0-wmnwA0bfLyuJ_Ew7EN76k0_Z3K6TQu5VtNwHdjUSAjr_gxZgMM_fCfZ_j-Iq0bgkkm7syYtf1w
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIciKZb6sdmq9-zj_Ds565s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A336
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjY3MzNmMTktMDVhMi0yYWRjLWZlOWUtMjJjYjM5ZmY3MjNi

170 B
232 B

84ms
84ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjY3MzNmMTktMDVhMi0yYWRjLWZlOWUtMjJjYjM5ZmY3MjNi

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjY3MzNmMTktMDVhMi0yYWRjLWZlOWUtMjJjYjM5ZmY3MjNi
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame FC8F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEB8y4pwHWo3NuPWx_rwCuOw&google_cver=1

23 B
163 B

8ms
7ms

Image
image/gif

23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEB8y4pwHWo3NuPWx_rwCuOw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYk8ju7QEwAQ&v=APEucNUHKJjGVBKXhn7-UyKeOD0nGaPkR-CFFaAQISeqB7u7-59RWNOGg7YY7eNb1DXcYH2VVQ1oPSTg3g8AozeuOOk1ZbgMJw
Protocol: H2
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 16:21:39 GMT
pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEB8y4pwHWo3NuPWx_rwCuOw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FC8F
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmRkMmE2MDEtOWYzNS00MDczLTg0YWYtODIwODA0OGU4NWY2

170 B
232 B

47ms
47ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmRkMmE2MDEtOWYzNS00MDczLTg0YWYtODIwODA0OGU4NWY2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYk8ju7QEwAQ&v=APEucNUHKJjGVBKXhn7-UyKeOD0nGaPkR-CFFaAQISeqB7u7-59RWNOGg7YY7eNb1DXcYH2VVQ1oPSTg3g8AozeuOOk1ZbgMJw

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmRkMmE2MDEtOWYzNS00MDczLTg0YWYtODIwODA0OGU4NWY2
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame FC8F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEA-XGLgZOZ8SHcYr4ELu_84&google_cver=1

43 B
175 B

684ms
340ms

Image
image/gif

2600:1f18:612b:4264:4b11:4b0e:f335:7576
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEA-XGLgZOZ8SHcYr4ELu_84&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYk8ju7QEwAQ&v=APEucNUHKJjGVBKXhn7-UyKeOD0nGaPkR-CFFaAQISeqB7u7-59RWNOGg7YY7eNb1DXcYH2VVQ1oPSTg3g8AozeuOOk1ZbgMJw
Protocol: H2
Server: 2600:1f18:612b:4264:4b11:4b0e:f335:7576 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 04 Dec 2023 16:21:40 GMT
server: nginx
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESEA-XGLgZOZ8SHcYr4ELu_84&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E724 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 94829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 14:01:10 GMT
expires: Mon, 02 Dec 2024 14:01:10 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ECA6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96c3a07f42b2678f3223c6b64f7c92d0cb17fbca242b0a1161113afe8e337fe1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6754 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 94829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 14:01:10 GMT
expires: Mon, 02 Dec 2024 14:01:10 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame ECA6 0
0 45ms
45ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsveMTiFpZWGLasuxKOXUYVPE7DasXfV5zpDOiv4_mP0CLd2ufCuDPhYB1GI8Vb1X4uI-2DdQ4J3yGQYz-811VXGVub5QxrMWc3zAMiz2UvzV_s2tY8Jww8gm9d6FNmVXuPJTTjxZz89XtIQzGXxo6NKJPuTzQ70QrSDDE0UVo7k6r0KfqcRlqNpWNFUZ_AxiImcm7uj99uzKl_pGO2gjPduzsU2LbGDpOMsP9Qt3P8FD8Z25RLUUEXOfltIDYuOBkp5UsnR2yyf8Y_qmZpQROAC3OxZ9kSPX1RE21Y4vMrYfeYpYfZLwvKR88UJOH-v3b7fRDG8Y-ZJhep3z8IzU8ar4z1WvXz2bgFpo1SiRqiMuX9K9etItUjwlG38jYt9mZtXA0emmVXzWacLPFauvYX5EYA3TrnF8hNS8XPZh9qO2yEuzhcvjwf5iwzMEWER6oGlWJq2nKEqUqAOLhO0pT15Nf5lGcZzeZFSQPGOCXbWFvUTIrIR2xKvk7-DludRlNNpgDKCzueLum33azUOPT_CUQjExhUP2yE8-M4a72fodRkAGy2nxrKrHvUXZsbGEkBQ6S6qYOODl0AxHF7EYEqPNZK60Hx0c_2B6PzFTofssLAr9oTj5iIlRoBlpZgQtUCq5k5gHwQUhTiE5BRw0j1jdo9wvkAFEicjjaIagRrZhpSUgAGvP8hgqF-5sHHpFFg19xmh-VAaOjQcQ2QkZ-cGqniDf_fC2M7uVnfI6eBa_7bgB3n0WFA0_YO_eVWP_nMl4xk0SucpGyGYzRbT6fBx87IGvTi40P6ojd8c5i5WoqiDRs-sgnsRSk7J-FfUpdf5RjB0ONXFNS5cZmaxBclC2b-ObXzYJVd5i-NSsDqOoHCamGQYA6APdoEwTfW3LyQh9W97ahvRzEUievQyAWXoQG-zf7Tmb9bDT07LavphwFOr9Bb-1fKyVAqsi9c4OvnH91I7t-KcG_x395j4uIfi8L0RWs4ti-3T6IaKJG_NOjmBb3I3Z505ITAoAYMHNvSFTLBuXJnNKDys7-e8hwGFdWmMw6SFrImd0Ws6x5xgTwxebYjvSmXP9MQ5owI9BxrurrbAzBKGMh9Ejr3UR-FRiF0E9JkHQ0pFpJNtBp4z517u9WOMR0di5W4bNdH2mw5t77GS_zLr6A_sJ8J4mBChQstsZ0l5g8tI1DR06DFVdXri4xb9rW9zMiBjusnIHolhmBW_QExtjLwFw4KwNjHS94c5y-0EV4e85mnbesWhdDwqs5hayQpTAgbXlJ5qtHlAlKqDxbnph241uJUKpuuSeNfk41vPgx_ki6cSQ88T11u__PC2pNQFE6TOdrOP38rirAiM82q_UI4cmQ&sai=AMfl-YSvhJqjZ_VACbmFYMOVfNHFS6W0JwmII0WjIQxkV_xSmuJKhdWMB7EpYTvdomuHmmaf1Pbndmdi2JPXEKkNMdPboi3uhxz_hFaelPeznCYJOiIE7x2mXVQHwRTtKjLnAscFVZKINc9W9W89q1SkawKtzLktrvttOvUWhrs7Q0XdAYFuDNI47RTTfY55rWpaFHR4m6AmtyjRDQID3fTud1WgQaMWfIYZIranSuUSl-BczhpXZ3Mpi5iejUO-SkUx_CaigfpN_gqYxKLperzK-rLzWy9iDRiy8etTdqY_5LtfIiSHp05IQO00grUo4_gRAw9zZw8BTbRVKY2nGF_0GLeS_e4zQbNQYAB8gDGKnXwc5ocVQHtYuVBeNOmqDlTgYLlqNNFM9eMxu6e8lqoDXVLiZaa_yKMVtBuS_AyX-dFiM_UR49rCY6FqgJmtvtcl36yarNegAorL6GaLqLRBljIo7w39rCWypKh_kGWHc1wA6YmfLofIwHENI13aWcMEjY4k6Wc&sig=Cg0ArKJSzD7EscfUKIaCEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=90&vt=11&dtpt=89&dett=2&cstd=0&cisv=r20231129.24827&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B124 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 94829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 14:01:10 GMT
expires: Mon, 02 Dec 2024 14:01:10 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 41ms
41ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PLM6M7N4VS&gtm=45Pe3bt0v9103729353z89103730306&_p=1701706897451&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1527332123.1701706898&ul=en-us&sr=1600x1200&_eu=AEI&_s=2&sid=1701706897&sct=1&seg=0&dl=http%3A%2F%2Fws4696.xyz%2F&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&en=ad_impression&ep.query_id=CLOns5mY9oIDFZWC6QUd9aIFTg&_et=1100&tfd=3952
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TNFSL5S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 38ms
38ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8W8TP6BEYC&gtm=45je3bt0v9103730306&_p=1701706897451&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1527332123.1701706898&ul=en-us&sr=1600x1200&_eu=AEII&_s=2&sid=1701706898&sct=1&seg=0&dl=http%3A%2F%2Fws4696.xyz%2F&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&en=ad_impression&ep.query_id=CLOns5mY9oIDFZWC6QUd9aIFTg&_et=1058&tfd=3961
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W8TP6BEYC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F12
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

162ms
162ms

Document
text/html

2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
expires: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E724 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 02:27:56 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6754 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 02:27:56 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B124 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 02:27:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5B9B 940 B
459 B 46ms
46ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%9B%AE%E3%83%94%E5%AE%85%E9%85%8D%E9%96%8B0%E5%8F%AF%E6%99%822%E5%88%86%E4%BA%95%E3%81%AF%E5%8F%96%E3%82%8A%EF%BC%93%E3%82%B7%E3%82%8B%E3%82%AF%E5%B7%9D%E5%8F%97%E3%81%97%EF%BC%91%EF%BC%96%E3%83%83%E5%93%81%E3%83%A71%EF%BD%9E%E3%83%A8%E7%94%BA%E3%81%91%E3%82%AB%E2%88%92%E3%81%8A%E4%B8%81%E3%83%BC%E3%81%93%E3%83%B3%E3%82%A4%E3%83%88%E3%83%89%E3%81%A8%E3%82%8C%E5%BA%97%E3%82%B0%E5%A4%A7%E3%81%8F%E3%81%86%E3%81%AA%20%E5%8C%BA%E8%88%97%E5%86%85

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3347988295&pi=t.aa~a.2682791915~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280&nras=2&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

746fb54568c83214882485ee04777e293fc6fac5a3537bc5dc662fc13f32215f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 16:21:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 5B9B 225 B
249 B 3ms
3ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 17:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 82769
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 04 Dec 2023 17:22:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B9B 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 5B9B 24 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B9B 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5B9B 20 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B9B 202 KB
64 KB 98ms
97ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 5B9B 37 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 09:11:22 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A631 487 B
240 B 46ms
46ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY1Z3u7QEwAQ&v=APEucNUv4ZKsvPf5C7UNAMEXiH4yapKJm1xrvDuF9K5vcZ43U5WHpLiXSJMiaEYPzG26QGvaLzhp1bXPLStUJXBoiKMxRaAo0VSuxMdBDkeMx2R0jvIJUzw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc48643d0ba513aedf1c305b8a0f9c72f2a73d935ec52ca53bec89ca67758201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame D980 24 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame D980 7 KB
3 KB 6ms
6ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D980 0
0 58ms
50ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuZQMy200sCTtlUkLUkmZvrmXhT9hyegSwKMP6HoPgSkF4yNbX03cH3-l5s18oLJLOOS3AFz0N_SLkHX0uyBcYiTjmWIQgMAfrQYrZgeOhHmIOgDN9QjIJV5tzlkQPHsbImkSCXOda05hzD_MDpguqp5F6lOwhPA3Ai7Tr3sFiC52DVh5uZzHaZzcdOPyGyLzypNwJU3a6CtRqYgKVr1kaU7spoClpgnR-9x_lO3lTHVwubtWNQsZ5a7_1jsjXvvUtHllE_NBGGHrrute-kBWSKyf79sGVXCI4EdvzfEFTYsFkbn-01qH7H8jHbyjWky7i5HL1Fyv9kj5s0VHlbMHxNhEwY1NxnRJL4Xq8nKgQIbk5ONKkcu10qUH7Q11-SVVLH_ONU17tPHa4zV_n9zXuRwCk0xCKvVZ4TF43zS0nJHI2Y3_b3um7iy4Xa95f-vhwb4msnl6SUwsgLbVNH0GmJSferJKkwAUaszPj5cCIvU3d7PM-WqhVFyuuaX618tHCbaYMJLF1BdB6B1Ys1q0fmntCMVCEmTfgjxnGNdak-S5fQ4lH-jP1SjfS7DcFhzv5kyZDOjUzD29aSR2RP-2hum44L2NVAZ7-u8wt2soE1dRE4rvSFpuZho1cTbgWCgednzkxI1cFMJ7J53AwuC2OUKHCsfWNDUKt-pflGzBs2QjQhjhdW1tcCZLEObj12dgvZ_bN4bGJOtLTEMwbt4pDJmDPSImzOHHWBsxAGtTvqgKUakk7tVXYMFEv4YnI9kBeJI5Wm1Z-10WUQzg7jH2mFTvcHmNdtyxJgng_CdEdtAyJw0PhW3ipqucNJdHW0Ycny-pHfV5OR0lkTXQNGz4FPt-Y7Q7gogDZA77eT5fzlITpc-1bCHvFOvgHBnf-1JyEwnTJXhkIj2F9HF6Pp7MOvnxusdWpG_aRiPamkhw7OODvZRWcBExP2sDydHYksw12r4Ws8Q0StAuYE8Lyk0N_kEq3j2IMScQaGnLuL6YuvBIwXkPnOI4WB_q1CC5MVxTfz6kRph5mIJwTcLE9tF6lI_y7ZnfjTOZB8B7H4fsUCVbAYo3PQskXr8T4suJpgxLo5-bCHtXu67j48oXpYDJSPNAppDmp1NE4pSZbklV-zWZfO7ofnNuKZdkEp51Q5Ar68n2CwFXLPV1zg3jcZ_01EJldE5gMDb5L_fF13c8p_kzahAjhZAAUZP4DHIuYak8qWeGTucT82_WMHTEHviSrOD3lxvkji-oXgTDek3pdKfST9S9POL-CxCOdu9ikD8mcPEiAOG6VuGcOTssZZTyvIDjtKQL5jJxGfWIvkW0Egx8q7jc41V3iAb3FbQX_5&sai=AMfl-YQ2s9GaV6QGX_UgdiuU5YlYZ--ToEyYi-rXIZoZo7thQfcTUsGNlZ2bucrYT15xzMJXO8zMogNzxucMHnCuvVYHsBEDRzCOvbUOTSuPaQ7XN0GtzGcZF73CKTVoEWrPIlSpPYvrdSmlCgLH4NDvnEJw0kSG9TdFv1LQCUl3rre3NXz4j7v7OIzBo-G3n-6bcgsO9VakECb7fMKRypGY0eiRs7fHhfQLyyu1BySU5Uj6UVL_PNJMC_Sir0NdsocSl4LtETg-s7vDk8LzsvZf29LWlvDAr6Yb3_RYoC4IQU-W-xMh2YYbBD0VXJ0rxxAjLDsZL4n7lusCSSy25LGTZD0qJzhoBuabipB5nusifXtuMQyqPop4j2EvT2g4c7I6e-bzYbaiIv7jFn-KpKzCIl93radwUGeysrft547JO2mY&sig=Cg0ArKJSzAWbt8yPzPlOEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.60794&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D980 41 KB
14 KB 6ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:11:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D980 3 KB
1 KB 7ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2C92 1 KB
643 B 6ms
3ms Document
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 07:19:54 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 07:19:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D980 20 KB
8 KB 7ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D980 0
0 43ms
40ms Image
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIzxvStE0fuTm4MI_iW_C7QGASpXVQmr7dweXPoYXy1nn1Jlf7FArBV-lQc7WyYWNoZ4agVvnhVxd97aIUJy45KmoNww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D980 202 KB
64 KB 104ms
101ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D980 42 B
63 B 43ms
40ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxQgBLd-_NtiJZqr3Smlt2p9ctlZPYOWuDOY-kyo7k5EaSogsQIEQmDLn_EP9gFWOeOPXtf3JmHpf1EkFs73hv_DTRdIQpcRgTAjgz1hLYPG-Hf_o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9486497739528641001
s0.2mdn.net/simgad/ Frame D980 6 KB
6 KB 7ms
0ms Image
image/png 2404:6800:4004:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9486497739528641001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0834cb622114db579e4eb85e3436534d3037ae039b0d612d492b3fb3829720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:26:16 GMT
x-content-type-options: nosniff
age: 564923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6451
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 02:52:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 03:26:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 28E1 1 KB
643 B 2ms
2ms Document
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 07:19:54 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 07:19:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 70D6 487 B
240 B 49ms
48ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY1Z3u7QEwAQ&v=APEucNVZKfIZdvyP3KybWagJ8BrhKZqTKn1nWkIQMJzLTr3xIy00xP4YNvp0K40m6TPRg4yve-1LnMmZDOQB2vZ5ikYE2aWMOdurhoWdir8R7c6TWtDQR1k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc48643d0ba513aedf1c305b8a0f9c72f2a73d935ec52ca53bec89ca67758201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9486497739528641001
s0.2mdn.net/simgad/ Frame C5BC 6 KB
6 KB 2ms
2ms Image
image/png 2404:6800:4004:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9486497739528641001

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0834cb622114db579e4eb85e3436534d3037ae039b0d612d492b3fb3829720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:26:16 GMT
x-content-type-options: nosniff
age: 564923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6451
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 02:52:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 03:26:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C5BC 24 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame C5BC 7 KB
3 KB 6ms
6ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C5BC 0
0 53ms
50ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsulFlFhElQhkAe7-sTp21xMe8UU9kgv1R-Gg7t5UcU9c6jgYESYTVVUt3KSf5oKOhEXdolIHLarowMo_2-TbWB8u-D3jf1kSVoVsv6C04ifocRHciOofQAvDqyhoR8bK64epaiLhws8RFhFHEY99q7gQLzLOQhMEl40Mc_CJUrmgja0gtOuaxEOZ0ZqAEC4pk05j7LcjCMEdEHXbb7Guw9FkoLzqmS918S2nIin4co8ecJkh50ORuElwLT0yBqglpMJMiTUj8dOHohyoi24BBgVHG1SpnbEhjUMDvuhecaFyqIrN20PxBOxvBIMSsUTNe_eU5XlhGaP-d6e4YRzftzOduW0gA8KFjG2k-hmujDQjSE7ax9Gi3N-obsn8RAdJG8a-fp37FDX3icihzyLF0Aw1PziQywG-YAVS1fP-DivngxwzZ8_n8rHbcdGNkw93OMta9m-Elzn-azLbMuxygfuPCpM-olWL0VomSkYFwcbx3GWzAEv5qLDDY1wQLTA5uLp57h5GvVSL_gNQFMgBqzWdDpieH9Ptcq5RommGLeOhhHXWeXfxZNL4gxC8WE4W5_dNoaGtqeIKzHOYfKN0YS59UADAO1jtO2H-g4--48Je6qtN5To4W1Mdc2iRhuogQfNBOZHUMweqgekeIlN5WFzDwPLQt0q-if9soTYKSXaKdDIARIVLddd7DUYrMUK1UAj1vfjWKyQpnbpZmRLGgduZWow0_taPd82RrUEKSmnoOpsmuXhFOLnXiFseIeYITPsM0OSFZASl56Dqv31UL7xn4ncXoYZR55LeNOe9BuSwrL9qp-yaFBcBPdWZXKBv0o28823OQAL9GxPBorK58D0Ke_J2nNXosNyauN4zR1ttv9QM0C-BpDxxYwKO3z8wssKxho4e4saRiVo_bmtgj6V7fZV14KTEAnPXwFtpS6gFtkDanU4Jn3_HzyKfNLU9hWQ7T5o5kzWAYB7yQ-wC4XlETifSKG0w3bOYm6bOw9541c3n0-P-9cQR_1gQ_zmCn5Z6-_1Gr0KB5RMbaOZPsxJ30SGHjTetRdyJNFeLPMLAAwTCcxIR21ZwIRyyw9gHUWNo9Lp2n2KsfGRaYOPOSc75O5IhwHNiZF09B0wCUxKS_o9ThmXKIvbMNC9w4e5PA06GJLc5-qn2bPG3P6kK9mYYMhqzs3o1e3krC4JMRJS8C61jLXXKrC_qKL0lH-gCqZYHTHq_vIzeWERBHo8Q3ZD7k-UWzdQ8wxR5SF9zP0WVtsTDqwfxe-5XP8VNEZYpjzlodXDiL4MiAmoUFbFEFGyhunIvtiHfEmVEBAY8FFQzWMIWNH6D0EDaIBd5UrUI8F7jXxYcUitgI4&sai=AMfl-YT0G78aVYemAdhzlsKbC8RfL1qV620FyfurxWVVpiTFnZVtlirDwiA_qspOqXa-alorlFCNhzP_8cuLiF83ptBzyDjp_51LOvECvnEFxCgIysThJMmi3bHPK13-AvyGlwcfGUOKm54Nf8urjNXIo3vQ4zBAMPnV-8w588NznN4gEiYlqG2znDVp6KeMEyTFLoBoyowolI8iXYKxRoRRnVp07iIQS2SHKSB3Es_26Q_yTPgV7UgdfCZFnsa4rk9HyuH7RaAZctACUUE_FHf-lanO1R-wkEoYuJABLbEthHIDeCqeep6Ej-H_PRu7843Vm39RLIj7qqa7_xfuTJsNONVEu-b9e4s-OOe0N3eCk5j0YW7HREj0ZtBzCaaP7Gw-4chFSzvqWeLTRXdRsXeCHKP2-BIxbdbrH_9iWdzSP9bU&sig=Cg0ArKJSzLhQV6P7iJH6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.30392&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C5BC 41 KB
14 KB 6ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:11:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C5BC 3 KB
1 KB 7ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6AAA 1 KB
643 B 5ms
3ms Document
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 07:19:54 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 07:19:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C5BC 20 KB
8 KB 6ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5BC 202 KB
64 KB 67ms
64ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5BC 42 B
63 B 42ms
39ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bg1x-Yt5uL9ZVXM93OWIFV6-rLSR2fgIDGWH6-fhtK6cYhxHf-pqDz7wR0ietxCHfdZFffvWWF2qMi1jGDJQOX2l6G2bOXNjv7aZPgwGUpHcIn2Hw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BF6C 620 B
270 B 46ms
45ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYpbPu7QEwAQ&v=APEucNXDmqJLvJFUkGXn_D12IA-BppXxpfeQpIaebbP3sP3NucVyPJSlvkdkfF0DN7nUHLtyqRCwlmwhmPTJsdQjqDUhFKmGvLyzWqfomAduozWA0YMfAI0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=280&adk=542714845&adf=3364714922&pi=t.aa~a.1728172515~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1621&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50&nras=6&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=231

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89d6a758a7f16d3f67d2bfef2a9f9046a18c1056af10a00d4360133af9652b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=280&adk=542714845&adf=3364714922&pi=t.aa~a.1728172515~rp.4&w=336&fwrn=4&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x280&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1621&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50&nras=6&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=231
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 250
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 27CC 24 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 27CC 7 KB
3 KB 5ms
5ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:15:32 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 27CC 0
0 50ms
49ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvK_RWo14PsnXQ9MXbbQt2oVNi66GoUoqzQMk-_Xvy-B7_kXBYJ0vaFOQ2x2tx2Krax54DuOCHvkyQ8EYKlrAP3tQUSiWskRLpNMf7X_sVrjKF5Pa9ULv1XFJ2MZKNxe6qbDDw6qI79zg1HeWrBeA5FuOSKa-34zkO95M1p1viL4b-ZBuaSw8ir0j1R78rGidx94_9FeVmqOHeNKYeWBsUA8xcaih95Shm3Pqlq7ilqMf7D4qd4P-EiohONc-o8F5chtUFqa8nmv0irHGsCAh2pNZP8uqOIQNXPQ5apuI-tocqoPEn9_RcT1Dkm_CksEAK2N-jebzrdLxVp-9V_RrFvXHHk6gogfXYwMtZl-dMb0zo5fj3YYgHhopj7NXNzVBxqoMyI9wqr_TeyyGRGbixa0RXHl5iZxXVuZYIHmZmjfBlYvTpBtIVLaOCrmilhxUluuPcpOT_ZCYd6kztjrPSDy3iH4K7WY_ygLE5ot_F9JPXM-dFSNJulSopjYYf6y1CBYiE3wSlgYERPk8nb_ISW5gVZDqVh-hYrIEJHZ12mq5RE7wDAvS-okLpT6J-avA9D9HdAEkCssY3jIDEkQ6mZhYUkVqOHEOJrVeeWb7-TNVIJz8mPPvItXJALk9Pv11L_jtwjou33Dwal7WfKjaCfVN55lojK34zeuuQX-wH6qurMae87EXXjQTWpv2x7zyPf8CnJ5hAxHv3QDBuXghF9zUtlXfJFLh4Cb0oAOWUNXkmXue-dkpzV3zunGmMIxP1Gy6vobhmIDP4M06v9zgvDlJoxFn_beYT0kzez0F4_dXVbTAfQwH__qC78S5qBXW0AnHRT8DINmPa4LqNiUGzpLpvwmjWpHIWNmv6Udsq_ifBso_jCECiMV-WB8bdd3RzHITJdcozKTmYSj8cYVfmBYQV5lPktv5PWhQVxwTQT3QIksoJFWl9R9hd363F-LlsYsdxX6bkTKaAuicxjN7VF1ppM7wpQcOy5ADl_uM-koS_-_GuVPmwpPvStIRCxGkxKcjLCxPHu03E5VO5E_gCgyM8JpfsM6Xwfswm633LxFpmafBCKbivtb7P1iPbPzK0R4Z6eDpk1BYbl7J9_MWjJGGLCYyu3d5BdI_gpVeWS9TgROjtrYuV5RBUfAUw1N3z4-m2hAR_jJ-jxC7Sz2ieNrMaYjumwp1HRIDshswJo0Kkr8AIRosinS2eq841nTSPt1OctzWOlZkJ979HH5YMCIfhBgaFT4nq40s6Zd2fJGPhvgIpT8E4nPjrN_fF77lV0Sx9Wow_58I-1ejKvRXV1KeXz-GrC7T2cF6DXtZk1Sk0eylVqmbdoV7AJW2x3TZnLOZ9JHuujLS3VRQ&sai=AMfl-YTFo3bu1LYTPbf1WD6apuAzORTMSbrkbGaQrPiCXMpkUzSmt5bxXHj3pypK8NWCARElJ_RiTIzOTvHA5oeIQItUoCdJ9ly1ODlYK-TFrn-tqaDwPx-LTgsZnmVBzDObVXrRTxUHmzTyLJez5AHyeM2znstB9V_WH7NSiuh04Nss9wyK0dzlsDzyNtur3pptRRrJkX09V7zX8JduJHaNMvOGSUfmTgv8svupyRkrOODiFrrTaWN-pPIAoMqcxkSfpKptoU9sRMDkYgr8s2lfsUKHgYfDA3rUFbaPCFmRDoDQaauTrGNpcpoMakW-46DnMdB7btmOg-0sisZNtrlmpvTU9qPB33LSLmFg_r_xpsDnyjJOxHR4_gilFTcHgXZyyyZUUexUHlP3HNYHXRl48Vub57ko5n2eyb_HYme-Kg6G&sig=Cg0ArKJSzCeVvGfEIz7lEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.65861&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 27CC 41 KB
14 KB 4ms
2ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:11:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 27CC 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6691 1 KB
643 B 5ms
3ms Document
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 07:19:54 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 07:19:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 27CC 20 KB
8 KB 5ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27CC 202 KB
64 KB 47ms
46ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27CC 42 B
63 B 36ms
35ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9iiGwM7W16QEbSTGc3OuNPhRR0zx6Iz8m1V7KK-3czpfKMZHx0LvRXLtxAfdr4N8SVccU39faYaqx6Q1vdI8sMTUhdQpgXiD_n9IArp-ALiEJYBU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 262539662898039907
s0.2mdn.net/simgad/ Frame 27CC 30 KB
30 KB 6ms
5ms Image
image/png 2404:6800:4004:823::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/262539662898039907

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48da367cc850d075f7b3f558ef7db76f37b94a418079a1d920e01baf5efaead6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:10:05 GMT
x-content-type-options: nosniff
age: 565894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30614
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 02:49:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 03:10:05 GMT

GET
H3 200 9216095162094444457
tpc.googlesyndication.com/simgad/ Frame 5B9B 3 KB
3 KB 4ms
2ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9216095162094444457?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:42:14 GMT
x-content-type-options: nosniff
age: 391165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2592
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 03:39:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 03:42:14 GMT

GET
DATA 200
OK truncated
/ Frame 5B9B 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5B9B 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame FC46 940 B
459 B 39ms
38ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%93%81%E3%82%AB%E4%B8%81%E3%81%8A%E3%81%93%E3%83%A8%E7%94%BA%E2%88%92%E3%83%88%E3%83%B3%E3%81%91%E3%83%BC%E3%82%A4%E3%82%8C%E5%8C%BA%E3%82%B0%E5%A4%A7%E3%83%89%E5%BA%97%E6%99%82%E3%81%A80%E9%85%8D%E7%9B%AE%E5%AE%85%E3%81%86%E3%81%8F%E3%81%AA%20%E8%88%97%E5%86%85%E3%83%94%E5%8F%AF%E9%96%8B2%E3%81%AF%E5%8F%96%EF%BC%93%E3%82%B7%E3%82%8A%E5%88%86%E4%BA%95%E3%81%97%EF%BC%91%E5%8F%97%E3%82%8B%E3%82%AF%E5%B7%9D%E3%83%A7%EF%BD%9E1%EF%BC%96%E3%83%83

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

746fb54568c83214882485ee04777e293fc6fac5a3537bc5dc662fc13f32215f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 16:21:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame FC46 225 B
249 B 2ms
2ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 17:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 82769
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 04 Dec 2023 17:22:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FC46 2 KB
822 B 2ms
1ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame FC46 24 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FC46 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 07:09:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FC46 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 09:11:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC46 0
0 40ms
39ms Image
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAJZ4OrxRXKkMSq16JHAfj_8XUsncsU5_XFklaohEhnEL6Wvr2E4rRjVN-nr-x_ArulA-rVaA4Y7YVxwMTwy4eP65dSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC46 202 KB
64 KB 75ms
74ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:21:39 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame FC46 37 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 09:11:22 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame D980 0
0 44ms
43ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuZQMy200sCTtlUkLUkmZvrmXhT9hyegSwKMP6HoPgSkF4yNbX03cH3-l5s18oLJLOOS3AFz0N_SLkHX0uyBcYiTjmWIQgMAfrQYrZgeOhHmIOgDN9QjIJV5tzlkQPHsbImkSCXOda05hzD_MDpguqp5F6lOwhPA3Ai7Tr3sFiC52DVh5uZzHaZzcdOPyGyLzypNwJU3a6CtRqYgKVr1kaU7spoClpgnR-9x_lO3lTHVwubtWNQsZ5a7_1jsjXvvUtHllE_NBGGHrrute-kBWSKyf79sGVXCI4EdvzfEFTYsFkbn-01qH7H8jHbyjWky7i5HL1Fyv9kj5s0VHlbMHxNhEwY1NxnRJL4Xq8nKgQIbk5ONKkcu10qUH7Q11-SVVLH_ONU17tPHa4zV_n9zXuRwCk0xCKvVZ4TF43zS0nJHI2Y3_b3um7iy4Xa95f-vhwb4msnl6SUwsgLbVNH0GmJSferJKkwAUaszPj5cCIvU3d7PM-WqhVFyuuaX618tHCbaYMJLF1BdB6B1Ys1q0fmntCMVCEmTfgjxnGNdak-S5fQ4lH-jP1SjfS7DcFhzv5kyZDOjUzD29aSR2RP-2hum44L2NVAZ7-u8wt2soE1dRE4rvSFpuZho1cTbgWCgednzkxI1cFMJ7J53AwuC2OUKHCsfWNDUKt-pflGzBs2QjQhjhdW1tcCZLEObj12dgvZ_bN4bGJOtLTEMwbt4pDJmDPSImzOHHWBsxAGtTvqgKUakk7tVXYMFEv4YnI9kBeJI5Wm1Z-10WUQzg7jH2mFTvcHmNdtyxJgng_CdEdtAyJw0PhW3ipqucNJdHW0Ycny-pHfV5OR0lkTXQNGz4FPt-Y7Q7gogDZA77eT5fzlITpc-1bCHvFOvgHBnf-1JyEwnTJXhkIj2F9HF6Pp7MOvnxusdWpG_aRiPamkhw7OODvZRWcBExP2sDydHYksw12r4Ws8Q0StAuYE8Lyk0N_kEq3j2IMScQaGnLuL6YuvBIwXkPnOI4WB_q1CC5MVxTfz6kRph5mIJwTcLE9tF6lI_y7ZnfjTOZB8B7H4fsUCVbAYo3PQskXr8T4suJpgxLo5-bCHtXu67j48oXpYDJSPNAppDmp1NE4pSZbklV-zWZfO7ofnNuKZdkEp51Q5Ar68n2CwFXLPV1zg3jcZ_01EJldE5gMDb5L_fF13c8p_kzahAjhZAAUZP4DHIuYak8qWeGTucT82_WMHTEHviSrOD3lxvkji-oXgTDek3pdKfST9S9POL-CxCOdu9ikD8mcPEiAOG6VuGcOTssZZTyvIDjtKQL5jJxGfWIvkW0Egx8q7jc41V3iAb3FbQX_5&sai=AMfl-YQ2s9GaV6QGX_UgdiuU5YlYZ--ToEyYi-rXIZoZo7thQfcTUsGNlZ2bucrYT15xzMJXO8zMogNzxucMHnCuvVYHsBEDRzCOvbUOTSuPaQ7XN0GtzGcZF73CKTVoEWrPIlSpPYvrdSmlCgLH4NDvnEJw0kSG9TdFv1LQCUl3rre3NXz4j7v7OIzBo-G3n-6bcgsO9VakECb7fMKRypGY0eiRs7fHhfQLyyu1BySU5Uj6UVL_PNJMC_Sir0NdsocSl4LtETg-s7vDk8LzsvZf29LWlvDAr6Yb3_RYoC4IQU-W-xMh2YYbBD0VXJ0rxxAjLDsZL4n7lusCSSy25LGTZD0qJzhoBuabipB5nusifXtuMQyqPop4j2EvT2g4c7I6e-bzYbaiIv7jFn-KpKzCIl93radwUGeysrft547JO2mY&sig=Cg0ArKJSzAWbt8yPzPlOEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=82&vt=11&dtpt=81&dett=2&cstd=0&cisv=r20231129.60794&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET

partner
sync.search.spotxchange.com/ Frame A631
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame A631 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A631
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0

170 B
188 B

41ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY1Z3u7QEwAQ&v=APEucNUv4ZKsvPf5C7UNAMEXiH4yapKJm1xrvDuF9K5vcZ43U5WHpLiXSJMiaEYPzG26QGvaLzhp1bXPLStUJXBoiKMxRaAo0VSuxMdBDkeMx2R0jvIJUzw

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0
date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C5BC 0
0 45ms
45ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsulFlFhElQhkAe7-sTp21xMe8UU9kgv1R-Gg7t5UcU9c6jgYESYTVVUt3KSf5oKOhEXdolIHLarowMo_2-TbWB8u-D3jf1kSVoVsv6C04ifocRHciOofQAvDqyhoR8bK64epaiLhws8RFhFHEY99q7gQLzLOQhMEl40Mc_CJUrmgja0gtOuaxEOZ0ZqAEC4pk05j7LcjCMEdEHXbb7Guw9FkoLzqmS918S2nIin4co8ecJkh50ORuElwLT0yBqglpMJMiTUj8dOHohyoi24BBgVHG1SpnbEhjUMDvuhecaFyqIrN20PxBOxvBIMSsUTNe_eU5XlhGaP-d6e4YRzftzOduW0gA8KFjG2k-hmujDQjSE7ax9Gi3N-obsn8RAdJG8a-fp37FDX3icihzyLF0Aw1PziQywG-YAVS1fP-DivngxwzZ8_n8rHbcdGNkw93OMta9m-Elzn-azLbMuxygfuPCpM-olWL0VomSkYFwcbx3GWzAEv5qLDDY1wQLTA5uLp57h5GvVSL_gNQFMgBqzWdDpieH9Ptcq5RommGLeOhhHXWeXfxZNL4gxC8WE4W5_dNoaGtqeIKzHOYfKN0YS59UADAO1jtO2H-g4--48Je6qtN5To4W1Mdc2iRhuogQfNBOZHUMweqgekeIlN5WFzDwPLQt0q-if9soTYKSXaKdDIARIVLddd7DUYrMUK1UAj1vfjWKyQpnbpZmRLGgduZWow0_taPd82RrUEKSmnoOpsmuXhFOLnXiFseIeYITPsM0OSFZASl56Dqv31UL7xn4ncXoYZR55LeNOe9BuSwrL9qp-yaFBcBPdWZXKBv0o28823OQAL9GxPBorK58D0Ke_J2nNXosNyauN4zR1ttv9QM0C-BpDxxYwKO3z8wssKxho4e4saRiVo_bmtgj6V7fZV14KTEAnPXwFtpS6gFtkDanU4Jn3_HzyKfNLU9hWQ7T5o5kzWAYB7yQ-wC4XlETifSKG0w3bOYm6bOw9541c3n0-P-9cQR_1gQ_zmCn5Z6-_1Gr0KB5RMbaOZPsxJ30SGHjTetRdyJNFeLPMLAAwTCcxIR21ZwIRyyw9gHUWNo9Lp2n2KsfGRaYOPOSc75O5IhwHNiZF09B0wCUxKS_o9ThmXKIvbMNC9w4e5PA06GJLc5-qn2bPG3P6kK9mYYMhqzs3o1e3krC4JMRJS8C61jLXXKrC_qKL0lH-gCqZYHTHq_vIzeWERBHo8Q3ZD7k-UWzdQ8wxR5SF9zP0WVtsTDqwfxe-5XP8VNEZYpjzlodXDiL4MiAmoUFbFEFGyhunIvtiHfEmVEBAY8FFQzWMIWNH6D0EDaIBd5UrUI8F7jXxYcUitgI4&sai=AMfl-YT0G78aVYemAdhzlsKbC8RfL1qV620FyfurxWVVpiTFnZVtlirDwiA_qspOqXa-alorlFCNhzP_8cuLiF83ptBzyDjp_51LOvECvnEFxCgIysThJMmi3bHPK13-AvyGlwcfGUOKm54Nf8urjNXIo3vQ4zBAMPnV-8w588NznN4gEiYlqG2znDVp6KeMEyTFLoBoyowolI8iXYKxRoRRnVp07iIQS2SHKSB3Es_26Q_yTPgV7UgdfCZFnsa4rk9HyuH7RaAZctACUUE_FHf-lanO1R-wkEoYuJABLbEthHIDeCqeep6Ej-H_PRu7843Vm39RLIj7qqa7_xfuTJsNONVEu-b9e4s-OOe0N3eCk5j0YW7HREj0ZtBzCaaP7Gw-4chFSzvqWeLTRXdRsXeCHKP2-BIxbdbrH_9iWdzSP9bU&sig=Cg0ArKJSzLhQV6P7iJH6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=56&vt=11&dtpt=55&dett=2&cstd=0&cisv=r20231129.30392&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 27CC 0
0 44ms
43ms Fetch
image/gif 142.251.42.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvK_RWo14PsnXQ9MXbbQt2oVNi66GoUoqzQMk-_Xvy-B7_kXBYJ0vaFOQ2x2tx2Krax54DuOCHvkyQ8EYKlrAP3tQUSiWskRLpNMf7X_sVrjKF5Pa9ULv1XFJ2MZKNxe6qbDDw6qI79zg1HeWrBeA5FuOSKa-34zkO95M1p1viL4b-ZBuaSw8ir0j1R78rGidx94_9FeVmqOHeNKYeWBsUA8xcaih95Shm3Pqlq7ilqMf7D4qd4P-EiohONc-o8F5chtUFqa8nmv0irHGsCAh2pNZP8uqOIQNXPQ5apuI-tocqoPEn9_RcT1Dkm_CksEAK2N-jebzrdLxVp-9V_RrFvXHHk6gogfXYwMtZl-dMb0zo5fj3YYgHhopj7NXNzVBxqoMyI9wqr_TeyyGRGbixa0RXHl5iZxXVuZYIHmZmjfBlYvTpBtIVLaOCrmilhxUluuPcpOT_ZCYd6kztjrPSDy3iH4K7WY_ygLE5ot_F9JPXM-dFSNJulSopjYYf6y1CBYiE3wSlgYERPk8nb_ISW5gVZDqVh-hYrIEJHZ12mq5RE7wDAvS-okLpT6J-avA9D9HdAEkCssY3jIDEkQ6mZhYUkVqOHEOJrVeeWb7-TNVIJz8mPPvItXJALk9Pv11L_jtwjou33Dwal7WfKjaCfVN55lojK34zeuuQX-wH6qurMae87EXXjQTWpv2x7zyPf8CnJ5hAxHv3QDBuXghF9zUtlXfJFLh4Cb0oAOWUNXkmXue-dkpzV3zunGmMIxP1Gy6vobhmIDP4M06v9zgvDlJoxFn_beYT0kzez0F4_dXVbTAfQwH__qC78S5qBXW0AnHRT8DINmPa4LqNiUGzpLpvwmjWpHIWNmv6Udsq_ifBso_jCECiMV-WB8bdd3RzHITJdcozKTmYSj8cYVfmBYQV5lPktv5PWhQVxwTQT3QIksoJFWl9R9hd363F-LlsYsdxX6bkTKaAuicxjN7VF1ppM7wpQcOy5ADl_uM-koS_-_GuVPmwpPvStIRCxGkxKcjLCxPHu03E5VO5E_gCgyM8JpfsM6Xwfswm633LxFpmafBCKbivtb7P1iPbPzK0R4Z6eDpk1BYbl7J9_MWjJGGLCYyu3d5BdI_gpVeWS9TgROjtrYuV5RBUfAUw1N3z4-m2hAR_jJ-jxC7Sz2ieNrMaYjumwp1HRIDshswJo0Kkr8AIRosinS2eq841nTSPt1OctzWOlZkJ979HH5YMCIfhBgaFT4nq40s6Zd2fJGPhvgIpT8E4nPjrN_fF77lV0Sx9Wow_58I-1ejKvRXV1KeXz-GrC7T2cF6DXtZk1Sk0eylVqmbdoV7AJW2x3TZnLOZ9JHuujLS3VRQ&sai=AMfl-YTFo3bu1LYTPbf1WD6apuAzORTMSbrkbGaQrPiCXMpkUzSmt5bxXHj3pypK8NWCARElJ_RiTIzOTvHA5oeIQItUoCdJ9ly1ODlYK-TFrn-tqaDwPx-LTgsZnmVBzDObVXrRTxUHmzTyLJez5AHyeM2znstB9V_WH7NSiuh04Nss9wyK0dzlsDzyNtur3pptRRrJkX09V7zX8JduJHaNMvOGSUfmTgv8svupyRkrOODiFrrTaWN-pPIAoMqcxkSfpKptoU9sRMDkYgr8s2lfsUKHgYfDA3rUFbaPCFmRDoDQaauTrGNpcpoMakW-46DnMdB7btmOg-0sisZNtrlmpvTU9qPB33LSLmFg_r_xpsDnyjJOxHR4_gilFTcHgXZyyyZUUexUHlP3HNYHXRl48Vub57ko5n2eyb_HYme-Kg6G&sig=Cg0ArKJSzCeVvGfEIz7lEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaG9waWZ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=55&vt=11&dtpt=54&dett=2&cstd=0&cisv=r20231129.65861&arae=0&ftch=1&adurl=

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FC46
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C12Uik_xtZd3SEpOJpt8Pxvms2Azh6KzIdMbE-uf0EWQQASCz0uZQYInzxYT0E6ABvNymmCjIAQmpAsDNNM_eTT0-qAMByAPLBKoEwwFP0Dn0eVsOoFEp3L1wgYF7qB5Vb9xnflEjVZ1PMsg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc7ecc2c5ff1425a00000000000000000%22,%222%22:%220xfe2f8ed858dc41bc0000000000000000%22,%223%22:%220x27c103...

0
0

42ms
42ms

Fetch
text/css

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc7ecc2c5ff1425a00000000000000000%22,%222%22:%220xfe2f8ed858dc41bc0000000000000000%22,%223%22:%220x27c1031d0fb8e9dd0000000000000000%22,%224%22:%220xb620446761482d9b0000000000000000%22,%225%22:%220xa3aed5d08903d5550000000000000000%22},%22debug_key%22:%2212666745297481899369%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213927158578809215361%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc7ecc2c5ff1425a00000000000000000","2":"0xfe2f8ed858dc41bc0000000000000000","3":"0x27c1031d0fb8e9dd0000000000000000","4":"0xb620446761482d9b0000000000000000","5":"0xa3aed5d08903d5550000000000000000"},"debug_key":"12666745297481899369","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"13927158578809215361"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 16:21:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 16:21:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc7ecc2c5ff1425a00000000000000000","2":"0xfe2f8ed858dc41bc0000000000000000","3":"0x27c1031d0fb8e9dd0000000000000000","4":"0xb620446761482d9b0000000000000000","5":"0xa3aed5d08903d5550000000000000000"},"debug_key":"12666745297481899369","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"13927158578809215361"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ED12 1 KB
643 B 2ms
2ms Document
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 07:19:54 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 07:19:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

partner
sync.search.spotxchange.com/ Frame 70D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 70D6 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70D6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0

170 B
188 B

42ms
42ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIY1Z3u7QEwAQ&v=APEucNVZKfIZdvyP3KybWagJ8BrhKZqTKn1nWkIQMJzLTr3xIy00xP4YNvp0K40m6TPRg4yve-1LnMmZDOQB2vZ5ikYE2aWMOdurhoWdir8R7c6TWtDQR1k

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0uQzJrTzFaRTJ1RUg0TG5yT3ZFcHhrUXFzOHRlaUpfan5B&gdpr=0
date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200

user-registering
ads.stickyadstv.com/ Frame BF6C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGY49M66n2wW4nDcluS7yLI&google_cver=1&gdpr=0

43 B
646 B

208ms
70ms

Image
image/gif

139.99.120.190
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGY49M66n2wW4nDcluS7yLI&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYpbPu7QEwAQ&v=APEucNXDmqJLvJFUkGXn_D12IA-BppXxpfeQpIaebbP3sP3NucVyPJSlvkdkfF0DN7nUHLtyqRCwlmwhmPTJsdQjqDUhFKmGvLyzWqfomAduozWA0YMfAI0
Protocol: HTTP/1.1
Server: 139.99.120.190 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: ads26-sgp.stickyadstv.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1701706900188008-55

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGY49M66n2wW4nDcluS7yLI&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BF6C
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjNhZjYzNDhhOWE4NjFlYjE1ZTg1OWZhMTI3MWE3ZjM=&gdpr=0&gdpr_consent=

170 B
188 B

40ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjNhZjYzNDhhOWE4NjFlYjE1ZTg1OWZhMTI3MWE3ZjM=&gdpr=0&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYpbPu7QEwAQ&v=APEucNXDmqJLvJFUkGXn_D12IA-BppXxpfeQpIaebbP3sP3NucVyPJSlvkdkfF0DN7nUHLtyqRCwlmwhmPTJsdQjqDUhFKmGvLyzWqfomAduozWA0YMfAI0

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjNhZjYzNDhhOWE4NjFlYjE1ZTg1OWZhMTI3MWE3ZjM=&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701706900111093-55

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame BF6C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&google_cver=1

43 B
675 B

335ms
69ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYpbPu7QEwAQ&v=APEucNXDmqJLvJFUkGXn_D12IA-BppXxpfeQpIaebbP3sP3NucVyPJSlvkdkfF0DN7nUHLtyqRCwlmwhmPTJsdQjqDUhFKmGvLyzWqfomAduozWA0YMfAI0
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame BF6C
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&gdpr=0&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=NTg0OTgxNjE0ODU0NzIzNzMwOA==&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&gdpr_consent=&google_cver=1

43 B
416 B

68ms
68ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYpbPu7QEwAQ&v=APEucNXDmqJLvJFUkGXn_D12IA-BppXxpfeQpIaebbP3sP3NucVyPJSlvkdkfF0DN7nUHLtyqRCwlmwhmPTJsdQjqDUhFKmGvLyzWqfomAduozWA0YMfAI0
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPwYb-UZKopiXJ-XeiKThno&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5B9B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf01c6e0647793558efa00b51d274ece4be4bac9635632b16d239a56c2c03246

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9216095162094444457
tpc.googlesyndication.com/simgad/ Frame FC46 3 KB
3 KB 2ms
2ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9216095162094444457?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:42:14 GMT
x-content-type-options: nosniff
age: 391165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2592
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 03:39:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 03:42:14 GMT

GET
DATA 200
OK truncated
/ Frame FC46 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FC46 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C92
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEE3V38oV6FkvImnSLCVfqqI&google_cver=1&google_push=AXcoOmTKQCXNs6G6PJqLcxLFEdOUUN61bX3dkH_neURfl9aEdDwKLuNNwlfWyvE9pdjgXSse5gKLi...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTKQCXNs6G6PJqLcxLFEdOUUN61bX3dkH_neURfl9aEdDwKLuNNwlfWyvE9pdjgXSse5gKLi4EV1ArSCp5eN3w6coXWThGtOg&google_hm=aHZVeU1PRjlGeDl6M...

170 B
188 B

39ms
38ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTKQCXNs6G6PJqLcxLFEdOUUN61bX3dkH_neURfl9aEdDwKLuNNwlfWyvE9pdjgXSse5gKLi4EV1ArSCp5eN3w6coXWThGtOg&google_hm=aHZVeU1PRjlGeDl6MWdFT2NHYjdYVVBJOWJz&from_google=sp1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTKQCXNs6G6PJqLcxLFEdOUUN61bX3dkH_neURfl9aEdDwKLuNNwlfWyvE9pdjgXSse5gKLi4EV1ArSCp5eN3w6coXWThGtOg&google_hm=aHZVeU1PRjlGeDl6MWdFT2NHYjdYVVBJOWJz&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C92
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECFBRrBdC-kl3zzRxB7SIu0&google_cver=1&google_push=AXcoOmR6kJ3G3hFGcxcHM-58NfqZ-G0giGv5fpCvZebLVXxYwsoOHVvPga-Wyu50dQJU_BG_qJnfELO7O2N0aF3USFlwYH040ZtbaA
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmR6kJ3G3hFGcxcHM-58NfqZ-G0giGv5fpCvZebLVXxYwsoOHVvPga-Wyu50dQJU_BG_qJnfELO7O2N0aF3USFlwYH040ZtbaA&google_hm=NTdmR0xlMDA3QkRBSzAwN...

170 B
188 B

43ms
42ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmR6kJ3G3hFGcxcHM-58NfqZ-G0giGv5fpCvZebLVXxYwsoOHVvPga-Wyu50dQJU_BG_qJnfELO7O2N0aF3USFlwYH040ZtbaA&google_hm=NTdmR0xlMDA3QkRBSzAwN1NtQlg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmR6kJ3G3hFGcxcHM-58NfqZ-G0giGv5fpCvZebLVXxYwsoOHVvPga-Wyu50dQJU_BG_qJnfELO7O2N0aF3USFlwYH040ZtbaA&google_hm=NTdmR0xlMDA3QkRBSzAwN1NtQlg
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C92
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESELFpDSLRNIVuVZhbC_tBnS8&google_cver=1&google_push=AXcoOmRV7ReXiVl4X5SQqXHGQ2ErardPMLL1Jhv5mizXDlhS4rAxnMbtgh2VAyc3_W368XkOHb8Rha3ZMX5Z4_J...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjM&google_push=AXcoOmRV7ReXiVl4X5SQqXHGQ2ErardPMLL1Jhv5mizXDlhS4rAxnMbtgh2VAyc3_W368XkOHb8Rha3ZMX5Z4_Jik1XNK...

170 B
188 B

42ms
42ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjM&google_push=AXcoOmRV7ReXiVl4X5SQqXHGQ2ErardPMLL1Jhv5mizXDlhS4rAxnMbtgh2VAyc3_W368XkOHb8Rha3ZMX5Z4_Jik1XNKkQZZpkU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjM&google_push=AXcoOmRV7ReXiVl4X5SQqXHGQ2ErardPMLL1Jhv5mizXDlhS4rAxnMbtgh2VAyc3_W368XkOHb8Rha3ZMX5Z4_Jik1XNKkQZZpkU
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2C92 43 B
363 B 238ms
79ms Image
image/gif 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR9f_lNl8ha5bRz0uzGKj3hhe2ajy_bDEmtGmCaxODWwXuMV2q2CRP8AuLikQVHqRzunl28t1PJwXw1ItpsUPo0zehgYEXLVQ&google_gid=CAESEACKXL3qGXTNkZ_Zpv-VQ8g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 188342
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 2C92 42 B
204 B 48ms
37ms Image
image/gif 34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEK-VcVCjT4JxODEf4i8-hj4&google_push=AXcoOmSuV4tJrDgqrF_d7NaiG4uhM98At10eehjooxMENVKA4Kwx4EI5q1j1it6JDWKw2o74MjtKXxL0dAQN_6sDkqQ30VOo35pKhQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C92
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTCnupDg...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTC...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NDkwMTYwMjgzNDQ4NjUxMg&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTCnup...

170 B
188 B

43ms
43ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NDkwMTYwMjgzNDQ4NjUxMg&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTCnupDg3XM1vKaBtfR8-yxnZuLc

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzk0NDkwMTYwMjgzNDQ4NjUxMg&google_push=AXcoOmTtlzPnJkUc_gygOXaSzIeqDazHtslmQDvW-1ULZ7ftnQfyeZeNSw6mX2qwT4kdnfEFXTCnupDg3XM1vKaBtfR8-yxnZuLc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 2C92 42 B
233 B 716ms
237ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJgQxSX4MEZ6g6cBdTx3eYQ&google_cver=1&google_push=AXcoOmQ3uGS7pC40409d2H7mSzJkMWHQgwxaqaj19okVjcjroQJTnP_ai4FhdmBqleHRx-wJubUZtldQluZstsNyA5h1BvlnsSCLew
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2C92 0
12 B 38ms
38ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZ6L1HMQoY7hLXO4mDsRpZH-BVioAf4-NhraG2-S-fP-6vwWojtdrPbL6wJZKz7iexM3TG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1816542585&pi=t.aa~a.2126161663~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100&nras=5&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5B9B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClAwZk_xtZdTiEu6Fpt8Ph7StkALh6KzIdMbE-uf0EWQQASCz0uZQYInzxYT0E6ABvNymmCjIAQmpAsDNNM_eTT0-qAMByAPLBKoEwwFP0ADelVnRWEkwW117G7soe5t3NskZq-su75bYuN_...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc7ecc2c5ff1425a00000000000000000%22,%222%22:%220xfe2f8ed858dc41bc0000000000000000%22,%223%22:%220x27c103...

0
0

39ms
39ms

Fetch
text/css

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc7ecc2c5ff1425a00000000000000000%22,%222%22:%220xfe2f8ed858dc41bc0000000000000000%22,%223%22:%220x27c1031d0fb8e9dd0000000000000000%22,%224%22:%220xb620446761482d9b0000000000000000%22,%225%22:%220xa3aed5d08903d5550000000000000000%22},%22debug_key%22:%227223774279487833540%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229908059039892216593%22}&andc=true

Requested by

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc7ecc2c5ff1425a00000000000000000","2":"0xfe2f8ed858dc41bc0000000000000000","3":"0x27c1031d0fb8e9dd0000000000000000","4":"0xb620446761482d9b0000000000000000","5":"0xa3aed5d08903d5550000000000000000"},"debug_key":"7223774279487833540","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"9908059039892216593"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 16:21:40 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc7ecc2c5ff1425a00000000000000000","2":"0xfe2f8ed858dc41bc0000000000000000","3":"0x27c1031d0fb8e9dd0000000000000000","4":"0xb620446761482d9b0000000000000000","5":"0xa3aed5d08903d5550000000000000000"},"debug_key":"7223774279487833540","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"9908059039892216593"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQhG9e9ow8E4I-osIE8NsEVeo3rWravXvUBMvcoClyFaDK6_qn...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6678b511bec121d3&is_secure=true&networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQhG9e9...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TNCkh2ZQMqi3osAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuE...

170 B
188 B

41ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TNCkh2ZQMqi3osAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_push=AXcoOmQhG9e9ow8E4I-osIE8NsEVeo3rWravXvUBMvcoClyFaDK6_qnNTnVXy1js2JSJdnBrJk1UhJ2mZz6hkojxo9EabTYnIADOQDk1

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:41 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMG8TNCkh2ZQMqi3osAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_push=AXcoOmQhG9e9ow8E4I-osIE8NsEVeo3rWravXvUBMvcoClyFaDK6_qnNTnVXy1js2JSJdnBrJk1UhJ2mZz6hkojxo9EabTYnIADOQDk1
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEDKgeG2EUovfdyEqlNPmFSk&google_cver=1&google_push=AXcoOmRNL6pvcIUTAbxWf63AYKUcdR2Ccoeag2TuvZop-h17O3f9WQEDwFUJYL9mT3T_tO1k2weUwXs...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRNL6pvcIUTAbxWf63AYKUcdR2Ccoeag2TuvZop-h17O3f9WQEDwFUJYL9mT3T_tO1k2weUwXsBYa2koemfgCPYONVGo4HWIvM&google_hm=I1JAi4tvT7W-cL...

170 B
188 B

41ms
41ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRNL6pvcIUTAbxWf63AYKUcdR2Ccoeag2TuvZop-h17O3f9WQEDwFUJYL9mT3T_tO1k2weUwXsBYa2koemfgCPYONVGo4HWIvM&google_hm=I1JAi4tvT7W-cLyoPXC1kas

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRNL6pvcIUTAbxWf63AYKUcdR2Ccoeag2TuvZop-h17O3f9WQEDwFUJYL9mT3T_tO1k2weUwXsBYa2koemfgCPYONVGo4HWIvM&google_hm=I1JAi4tvT7W-cLyoPXC1kas
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_gid=CAESEOSWVqA0t2tZDS4F6eXlYhw&go...
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_gid=CAESEOSWVqA0t2tZDS4F6e...
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_hm=ASOB6dDBw6STks8AED...

170 B
188 B

43ms
43ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_hm=ASOB6dDBw6STks8AEDt7Nj-opcA

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
via: 1.1 6c975066fe15346e8f90e573dcb2c32c.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRzll2JTmtEXTvnos0inZgBQZEOiecSAbGNo5uJhIC7ZZapchl6bIthJzXzTp9G-MOD9W3BYBCsYvW4YVDJZiQmoqBAKJf0vWuQ&google_hm=ASOB6dDBw6STks8AEDt7Nj-opcA
cache-control: no-cache
content-length: 0
x-amz-cf-id: Is5a_KZpUQQXJQ4S5beg6j2uVVBdeRKI4XaBrXIF9k4tboo-DqmJbA==
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEE7O4fayurUeZ571fei0csk&c_param1=AXcoOmTWFwOceUQuRaUwcVGByIC4wjE11_tkyqPhC3JMPNQztwblw7qbOCd_us0H7ZighUqQ4ZcuA-sVNDyAIPGRMe0PgnVYILKy1vPu&gdpr=%%GDP...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTWFwOceUQuRaUwcVGByIC4wjE11_tkyqPhC3JMPNQztwblw7qbOCd_us0H7ZighUqQ4ZcuA-sVNDyAIPGRMe0PgnVYILKy1vPu

170 B
188 B

41ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTWFwOceUQuRaUwcVGByIC4wjE11_tkyqPhC3JMPNQztwblw7qbOCd_us0H7ZighUqQ4ZcuA-sVNDyAIPGRMe0PgnVYILKy1vPu

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTWFwOceUQuRaUwcVGByIC4wjE11_tkyqPhC3JMPNQztwblw7qbOCd_us0H7ZighUqQ4ZcuA-sVNDyAIPGRMe0PgnVYILKy1vPu
date: Mon, 04 Dec 2023 16:21:40 GMT
server: nginx/1.23.2
content-length: 0

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 28E1 0
161 B 117ms
38ms Image
application/xml 133.186.161.88
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEK6LDOnue48z_-tJrdXabiI&google_cver=1&google_push=AXcoOmT-uYzVE7AINY9_ZKNeiLDapKeHTAgJcqWfYuu3_aQpY_orWit5iEXLlF2Oo4eDzL8m_cItlVvSyf5BYnyuYT-6t1QImVGW1Kuh
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3347988295&pi=t.aa~a.2682791915~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280&nras=2&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=218
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEIlAFf5Cg9VNXnlaG8XAQ7k&google_cver=1&google_push=AXcoOmTMN_taNdAkh76xZFXzJwn4fJmsYE7hp1bJgdAKi-lQR7wG3Ur4YTJGL80UMFuRRHPITy5-UtIsYtjGDVLR5...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTMN_taNdAkh76xZFXzJwn4fJmsYE7hp1bJgdAKi-lQR7wG3Ur4YTJGL80UMFuRRHPITy5-UtIsYtjGDVLR5akc5Hom7CYj6nI&google_hm=AS1Ta_CTtUc2sYOYL...

170 B
188 B

38ms
38ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTMN_taNdAkh76xZFXzJwn4fJmsYE7hp1bJgdAKi-lQR7wG3Ur4YTJGL80UMFuRRHPITy5-UtIsYtjGDVLR5akc5Hom7CYj6nI&google_hm=AS1Ta_CTtUc2sYOYLcy_JAE

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTMN_taNdAkh76xZFXzJwn4fJmsYE7hp1bJgdAKi-lQR7wG3Ur4YTJGL80UMFuRRHPITy5-UtIsYtjGDVLR5akc5Hom7CYj6nI&google_hm=AS1Ta_CTtUc2sYOYLcy_JAE
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: Apache
Connection: keep-alive
Content-Length: 234
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEBuQF75_jYiDVN9rLOnFw_A&google_cver=1&google_push=AXcoOmQ7geM1AEPEuAxqnntoyJwKjBszrGRx1UUcw8aTDpoRaPFMmBIPgsog8IMAqTGURaLGUlZZDnuX8SIcMPUexIqf4Aa_1...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ7geM1AEPEuAxqnntoyJwKjBszrGRx1UUcw8aTDpoRaPFMmBIPgsog8IMAqTGURaLGUlZZDnuX8SIcMPUexIqf4Aa_1_SA4v4blQ&google_hm=9d9fcb00...

170 B
188 B

43ms
43ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ7geM1AEPEuAxqnntoyJwKjBszrGRx1UUcw8aTDpoRaPFMmBIPgsog8IMAqTGURaLGUlZZDnuX8SIcMPUexIqf4Aa_1_SA4v4blQ&google_hm=9d9fcb009ca4a7471bive500lpr4cnz8

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQ7geM1AEPEuAxqnntoyJwKjBszrGRx1UUcw8aTDpoRaPFMmBIPgsog8IMAqTGURaLGUlZZDnuX8SIcMPUexIqf4Aa_1_SA4v4blQ&google_hm=9d9fcb009ca4a7471bive500lpr4cnz8
date: Mon, 04 Dec 2023 16:21:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 28E1 0
12 B 40ms
40ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImHq4pL5fiEQxlgI0h8TMihULktu0JZjseMGjaH8hlGC9WO9lSESRaOmPHdPsV5dyKJjqQug

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6AAA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAfZQJwLUYoiSmhch8eVPeY&google_cver=1&google_push=AXcoOmSfjbDBZHMbDTCMuh8zv74ts7ktkGuVdW6AtHKtHes6l2HQwDWB0MC-AZtluF4zUjtBqTyDCVlEb4LjOr4DarcfP4kQPlXAyQw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI0NzU2NTgzNTc1MjUyNDE3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAfZQJwLUYoiSmhch8eVPeY&google_cver=1

43 B
398 B

326ms
57ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAfZQJwLUYoiSmhch8eVPeY&google_cver=1
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAfZQJwLUYoiSmhch8eVPeY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AAA
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQVQbsSwNhmIEU3YhaiVe3Ns0pxPcs1KJ8AsHrbwBKWqMNCgCD...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6d2d983a7ce922ad&is_secure=true&networkId=14000&version=1&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_cver=1&google_push=AXcoOmQVQbsS...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAK-M0vTSMFoAMOcmQzAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuE...

170 B
188 B

40ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAK-M0vTSMFoAMOcmQzAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_push=AXcoOmQVQbsSwNhmIEU3YhaiVe3Ns0pxPcs1KJ8AsHrbwBKWqMNCgCDBkSLP4iP0oEaDdXlzjYcoVmuQGEiLHfq6pCEfheDuKRPJ4ho

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:41 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAK-M0vTSMFoAMOcmQzAAAAAAA&expiration=1701793301&google_cver=1&is_secure=true&google_gid=CAESEBfHGGXG34Pb8o-sejyuEZc&google_push=AXcoOmQVQbsSwNhmIEU3YhaiVe3Ns0pxPcs1KJ8AsHrbwBKWqMNCgCDBkSLP4iP0oEaDdXlzjYcoVmuQGEiLHfq6pCEfheDuKRPJ4ho
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AAA
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjM4Yjg4NmUtM2VlNi00MGM1LWE3YWQtOThlZmZmYzJjYzA2&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQ0...

170 B
188 B

45ms
45ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjM4Yjg4NmUtM2VlNi00MGM1LWE3YWQtOThlZmZmYzJjYzA2&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQ0wZyGWDYPyvIfMauPzpJSjGOe8kZj4OGO_SFZxmz91ZQWE_tJf9ytg8l9VNJYV2WjNV8MjSAaUeCWaN4A_P9c3zlKOPaLhws

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjM4Yjg4NmUtM2VlNi00MGM1LWE3YWQtOThlZmZmYzJjYzA2&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQ0wZyGWDYPyvIfMauPzpJSjGOe8kZj4OGO_SFZxmz91ZQWE_tJf9ytg8l9VNJYV2WjNV8MjSAaUeCWaN4A_P9c3zlKOPaLhws
date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AAA
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBVfrL1kqkESFQQaSrhrKlw&google_cver=1&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8i...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBVfrL1kqkESFQQaSrhrKlw&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8i...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8iIUdaDPPKPQnMgc23Ks&google_hm=WV93QUoxb0s2eFp5O...

170 B
188 B

41ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8iIUdaDPPKPQnMgc23Ks&google_hm=WV93QUoxb0s2eFp5OTdGM1EzV2M=

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQe5YOdH0O6ZzBzWnDo4FC6wOPFFUWIYsHwsueKTOLajOP23a-vDRbPGMplfxkoXoEcCLEAhZ94Olq8iIUdaDPPKPQnMgc23Ks&google_hm=WV93QUoxb0s2eFp5OTdGM1EzV2M=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AAA
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJlWphZIl0PLR-9D_dp2gbk&google_cver=1&google_push=AXcoOmQLIXwV8pusQK5YtRqad1kQxja2UHo_8zPkvJ0m1NwONIfGmZfHXzWhfXjbsjXtUtUTZaTXO5XvajzW30R...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S57Hyw0_VkNWFqS1G53Sux_Mkas&google_push=AXcoOmQLIXwV8pusQK5YtRqad1kQxja2UHo_8zPkvJ0m1NwONIfGmZfHXzWhfXjbsjXtUtUTZaTXO5XvajzW30...

170 B
188 B

40ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S57Hyw0_VkNWFqS1G53Sux_Mkas&google_push=AXcoOmQLIXwV8pusQK5YtRqad1kQxja2UHo_8zPkvJ0m1NwONIfGmZfHXzWhfXjbsjXtUtUTZaTXO5XvajzW30RPS1fP4fxyFgSqu18

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S57Hyw0_VkNWFqS1G53Sux_Mkas&google_push=AXcoOmQLIXwV8pusQK5YtRqad1kQxja2UHo_8zPkvJ0m1NwONIfGmZfHXzWhfXjbsjXtUtUTZaTXO5XvajzW30RPS1fP4fxyFgSqu18
Date: Mon, 04 Dec 2023 16:21:40 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 6AAA 35 B
623 B 43ms
14ms Image
image/gif 182.22.16.251
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEHnX5mxjEHMGy5sUPemUzNg&google_cver=1&google_push=AXcoOmRZOy3nSKl1lVT3HrptHhXpG7ZX5i7vHT_Jq_eNbXYHNvSuY6r_Oxxv07jS1pNDSLQnTRt70WKIK91qVBC-aP_33ReCv_zkHZz_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.16.251 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 6AAA
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEOBwLEAnGfun7y22QblHt6U?ext-param=AXcoOmTQMsNj8Y4OtNDodLWlYDqy0YYZPNxiOSPQXQyb5xiwodXJU83nS8a5JTizbD6ppH3hzaw0YSL9OuNuRB1pQoT6vuxI3ugF1xMV&partner-tag=yandex_...
https://an.yandex.ru/mapuid/google/CAESEOBwLEAnGfun7y22QblHt6U?redir-setuniq=1&ext-param=AXcoOmTQMsNj8Y4OtNDodLWlYDqy0YYZPNxiOSPQXQyb5xiwodXJU83nS8a5JTizbD6ppH3hzaw0YSL9OuNuRB1pQoT6vuxI3ugF1xMV&par...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOBwLEAnGfun7y22QblHt6U&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

281ms
280ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 18 Nov 2024 16:21:42 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6AAA 0
12 B 41ms
41ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKU6r3cntvlLceSLPsKJzkmUAVn6J50syUYT5XsOkjV4N0FFK68Fx4_WNKVuSR7S2v_Ak-_yQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=3554650830&adf=1181327067&pi=t.aa~a.2125560309~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50%2C336x50%2C336x100%2C336x50%2C336x280&nras=7&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6691
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTZiNDNhOGYtNjA4Mi00OGIwLWJlZjktOWRiMDI1YzU3MzRi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQF...

170 B
188 B

45ms
45ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTZiNDNhOGYtNjA4Mi00OGIwLWJlZjktOWRiMDI1YzU3MzRi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQFvmyPW1ndK2yzQ1kUYw4hAyUMF_mPCb7pVLQ-DuSkaKIiOfgNZ1JuEe7bhjThVM0Zyuznda6Z_G71BZDLCKG3vVm_oU0HRfA

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTZiNDNhOGYtNjA4Mi00OGIwLWJlZjktOWRiMDI1YzU3MzRi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmQFvmyPW1ndK2yzQ1kUYw4hAyUMF_mPCb7pVLQ-DuSkaKIiOfgNZ1JuEe7bhjThVM0Zyuznda6Z_G71BZDLCKG3vVm_oU0HRfA
date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6691
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEOBNBGDigEvKoCgfSLt4hsM&google_cver=1&google_push=AXcoOmS-BgraXJVr4lMn0qYzgktVxMdsOeUpnnyXwdZHAfOTmQLAc7Zk-hMGSDFlvE7LovKASubbDW1K66hxgympyrTMzzc_0c98mVg
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mkw2N1lUOFBEdDJremt2S2xQeHRaUQ%3D%3D&google_push=AXcoOmS-BgraXJVr4lMn0qYzgktVxMdsOeUpnnyXwdZHAfOTmQLAc7Zk-hMGSDFlvE7LovKASubbDW1K66hxg...

170 B
188 B

44ms
44ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mkw2N1lUOFBEdDJremt2S2xQeHRaUQ%3D%3D&google_push=AXcoOmS-BgraXJVr4lMn0qYzgktVxMdsOeUpnnyXwdZHAfOTmQLAc7Zk-hMGSDFlvE7LovKASubbDW1K66hxgympyrTMzzc_0c98mVg

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 16:21:40 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mkw2N1lUOFBEdDJremt2S2xQeHRaUQ%3D%3D&google_push=AXcoOmS-BgraXJVr4lMn0qYzgktVxMdsOeUpnnyXwdZHAfOTmQLAc7Zk-hMGSDFlvE7LovKASubbDW1K66hxgympyrTMzzc_0c98mVg
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6691
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECFBRrBdC-kl3zzRxB7SIu0&google_cver=1&google_push=AXcoOmSFFpT4Or8B0jmEqMzYhmCnBe_4D9gpBc-Hgf40pCIgVewLflZfIv2ccM468kANwkkTNShVaF1SYM2cNvPE9zYy_Fo6Bp8l3M0
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmSFFpT4Or8B0jmEqMzYhmCnBe_4D9gpBc-Hgf40pCIgVewLflZfIv2ccM468kANwkkTNShVaF1SYM2cNvPE9zYy_Fo6Bp8l3M0&google_hm=NTdmR0xlMDA4QkRBSzAw...

170 B
188 B

45ms
44ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmSFFpT4Or8B0jmEqMzYhmCnBe_4D9gpBc-Hgf40pCIgVewLflZfIv2ccM468kANwkkTNShVaF1SYM2cNvPE9zYy_Fo6Bp8l3M0&google_hm=NTdmR0xlMDA4QkRBSzAwN3dSeVU

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmSFFpT4Or8B0jmEqMzYhmCnBe_4D9gpBc-Hgf40pCIgVewLflZfIv2ccM468kANwkkTNShVaF1SYM2cNvPE9zYy_Fo6Bp8l3M0&google_hm=NTdmR0xlMDA4QkRBSzAwN3dSeVU
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6691
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED4OCXIYL9abK1ssNLr3SUI&google_cver=1&google_push=AXcoOmSFK8GZgwj-iT12yKL_QT41r1I-ufCSSZlJgaqdvp_IvqXHPl8a6O_-stLr4DUQCeu5UTJFrG7XEKuQyezy5n_8zab...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSFK8GZgwj-iT12yKL_QT41r1I-ufCSSZlJgaqdvp_IvqXHPl8a6O_-stLr4DUQCeu5UTJFrG7XEKuQyezy5n_8zabLR-b3ACc&google_hm=eS1ZVkplUkNkRTJwSGF...

170 B
188 B

43ms
43ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSFK8GZgwj-iT12yKL_QT41r1I-ufCSSZlJgaqdvp_IvqXHPl8a6O_-stLr4DUQCeu5UTJFrG7XEKuQyezy5n_8zabLR-b3ACc&google_hm=eS1ZVkplUkNkRTJwSGFDSk0yV2c4aHI3VHUySS5ONzcua35B

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSFK8GZgwj-iT12yKL_QT41r1I-ufCSSZlJgaqdvp_IvqXHPl8a6O_-stLr4DUQCeu5UTJFrG7XEKuQyezy5n_8zabLR-b3ACc&google_hm=eS1ZVkplUkNkRTJwSGFDSk0yV2c4aHI3VHUySS5ONzcua35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6691
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESELFpDSLRNIVuVZhbC_tBnS8&google_cver=1&google_push=AXcoOmRRfsz1l6qXDS5dVAgDf7bVPD_I0-xQK0ZH9W-R9fOonoznw6X6sRYcre_G-bI2xobPyf2ScB89waNhKJT...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjU&google_push=AXcoOmRRfsz1l6qXDS5dVAgDf7bVPD_I0-xQK0ZH9W-R9fOonoznw6X6sRYcre_G-bI2xobPyf2ScB89waNhKJTLN7fMJ...

170 B
188 B

41ms
41ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjU&google_push=AXcoOmRRfsz1l6qXDS5dVAgDf7bVPD_I0-xQK0ZH9W-R9fOonoznw6X6sRYcre_G-bI2xobPyf2ScB89waNhKJTLN7fMJWbgSImckg

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc2MjA3ODkzMjU&google_push=AXcoOmRRfsz1l6qXDS5dVAgDf7bVPD_I0-xQK0ZH9W-R9fOonoznw6X6sRYcre_G-bI2xobPyf2ScB89waNhKJTLN7fMJWbgSImckg
Date: Mon, 04 Dec 2023 16:21:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6691 43 B
362 B 214ms
79ms Image
image/gif 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSdRbzTIRudDzPZTwF7C0cex79Meu64Ui8XLmSJKqXb65CtrwQcKyfIGyHt7A8Qjk5bW_15XQ-UUkZH5nxDBuinKTK4OmXO1yw&google_gid=CAESEACKXL3qGXTNkZ_Zpv-VQ8g&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:39 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 242173
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6691
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfsow5Av...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEK0n90kkL7n8ILZV39ADu54&google_cver=1&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfs...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAzMDkwODk2ODA2MTI3NDE0OQ&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfsow5...

170 B
188 B

44ms
43ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAzMDkwODk2ODA2MTI3NDE0OQ&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfsow5AvV3bfh3JVjidI-onATxJPajU

Requested by

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAzMDkwODk2ODA2MTI3NDE0OQ&google_push=AXcoOmSOx66sQ1at-Pcys2GeItyEjSyKk82iiSTBvka2SnAnzJNMVRBQ9QHNrVbU_ylDkEZtZfsow5AvV3bfh3JVjidI-onATxJPajU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6691 0
12 B 36ms
36ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSuel99hOUwvUVgyV0Ofgc1_FzqEmr0RNL4crz0bWBarGd9ay4Gq7VP3UKtEvwulB9_eOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 16:21:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D980 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec77403a4f2642c68db26788b752b153853ca37d19b531bf4dfe4c424240a453

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C5BC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b301620b857d3b029742558a294070f4015c00d1d5132c5ba5808cf71f8f0a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 27CC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d64e4b1472aa838c6ea3e0e70d999bbb85699b5d4557e7d771bb19891ab7d017

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FC46 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b00efa290fc2fa7a24dfef3d9ecc2be894e90655f2c8cd71fc5987844a6ad83

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc7ecc2c5ff1425a00000000000000000%22,%222%22:%220xfe2f8ed858dc41bc0000000000000000%22,%223%22:%220x27c1031d0fb8e9dd0000000000000000%22,%224%22:%220xb620446761482d9b0000000000000000%22,%225%22:%220xa3aed5d08903d5550000000000000000%22},%22debug_key%22:%227223774279487833540%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229908059039892216593%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 16:21:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B102 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 94830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 14:01:10 GMT
expires: Mon, 02 Dec 2024 14:01:10 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame ED12
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHLoGluJqvpQLbPCXXxMGmI&google_cver=1&google_push=AXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLF...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHLoGluJqvpQLbPCXXxMGmI&google_cver=1&google_push=AXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXT...

43 B
416 B

123ms
120ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHLoGluJqvpQLbPCXXxMGmI&google_cver=1&google_push=AXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8305623eda44684f-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 54
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHLoGluJqvpQLbPCXXxMGmI&google_cver=1&google_push=AXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFz8YDoAD3GxsqYTbqEQ93xfQzyYOS62Fm3iDepD-XMyf6cD41WbGBROUCplwxrzbaYCLjV8mZ2pVpfe-KHCMvc0vzGXTLFQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8305623e199e684f-NRT
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED12
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI2exj1PA_eHjQ2WfCjAn68&google_push=AXcoOmThg4oeMx7JRQU1Ea-6MHlocIxOHTkFXe-YF1MYZGfTww-gJdQwgW...

170 B
188 B

40ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI2exj1PA_eHjQ2WfCjAn68&google_push=AXcoOmThg4oeMx7JRQU1Ea-6MHlocIxOHTkFXe-YF1MYZGfTww-gJdQwgWWUF4MbD60jugEbM_3m9vhP-S3vNH0AomWqTJk90--8_w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-nrt-rjtf7700062-NRT
pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701706900.176657,VS0,VE158
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI2exj1PA_eHjQ2WfCjAn68&google_push=AXcoOmThg4oeMx7JRQU1Ea-6MHlocIxOHTkFXe-YF1MYZGfTww-gJdQwgWWUF4MbD60jugEbM_3m9vhP-S3vNH0AomWqTJk90--8_w
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED12
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEE3V38oV6FkvImnSLCVfqqI&google_cver=1&google_push=AXcoOmQwuAxh9QO0D7znIb9CxLfUMWD1_FhUlCFwsPM6GN89y5HpwTI1POEIj0AY4vyh6875WBIFb4Y1FO...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQwuAxh9QO0D7znIb9CxLfUMWD1_FhUlCFwsPM6GN89y5HpwTI1POEIj0AY4vyh6875WBIFb4Y1FOwWqeafwuT4UqqkxKl9Kw&google_hm=aHZVeU1PRjlGeDl6M...

170 B
188 B

44ms
43ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQwuAxh9QO0D7znIb9CxLfUMWD1_FhUlCFwsPM6GN89y5HpwTI1POEIj0AY4vyh6875WBIFb4Y1FOwWqeafwuT4UqqkxKl9Kw&google_hm=aHZVeU1PRjlGeDl6MWdFT2NHYjdYVVBJOWJz&from_google=pc1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 16:21:40 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQwuAxh9QO0D7znIb9CxLfUMWD1_FhUlCFwsPM6GN89y5HpwTI1POEIj0AY4vyh6875WBIFb4Y1FOwWqeafwuT4UqqkxKl9Kw&google_hm=aHZVeU1PRjlGeDl6MWdFT2NHYjdYVVBJOWJz&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED12
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjhjODU0ODYtYzRmNC00MDZlLWIxNGYtMGQ4NGQ2NWVjMjNi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmTc...

170 B
188 B

40ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjhjODU0ODYtYzRmNC00MDZlLWIxNGYtMGQ4NGQ2NWVjMjNi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmTcLsNai9Uz2yawrkr8T1C3B91WtoPLcUgh_h7VqNYyojjthV2zb84rwheageIm_AhOWKZUl-9As5ZWE3fiaYoyyaK1p1o8DA

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjhjODU0ODYtYzRmNC00MDZlLWIxNGYtMGQ4NGQ2NWVjMjNi&google_gid=CAESEN7SVY4j9Tsyv_VzN6e8jJE&google_cver=1&google_push=AXcoOmTcLsNai9Uz2yawrkr8T1C3B91WtoPLcUgh_h7VqNYyojjthV2zb84rwheageIm_AhOWKZUl-9As5ZWE3fiaYoyyaK1p1o8DA
date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED12
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTZm71R...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTZm71R...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQxNjIxNDAwMDA4ODgxNjUwNjc2OQ%3D%3D&google_push=AXcoOmTZm71ReMy15UyUHZHH5ZriVqfNsJfT9KLbcWgNOtN71PPkXnAIpgC8zYU_kRmhML...

170 B
188 B

43ms
43ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQxNjIxNDAwMDA4ODgxNjUwNjc2OQ%3D%3D&google_push=AXcoOmTZm71ReMy15UyUHZHH5ZriVqfNsJfT9KLbcWgNOtN71PPkXnAIpgC8zYU_kRmhMLtFDY2r2qlLECNOQXvhJ3mOGmQD4C8l

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDQxNjIxNDAwMDA4ODgxNjUwNjc2OQ%3D%3D&google_push=AXcoOmTZm71ReMy15UyUHZHH5ZriVqfNsJfT9KLbcWgNOtN71PPkXnAIpgC8zYU_kRmhMLtFDY2r2qlLECNOQXvhJ3mOGmQD4C8l
pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 04 Dec 2023 16:21:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED12
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED4OCXIYL9abK1ssNLr3SUI&google_cver=1&google_push=AXcoOmTH_afZ5TPnOslBNCMSe1qbanN_nPjLL6vl49eLgWetsCyXrZWusiYxARcIsUX6NW5aNF7Su4kKSIfxNivPO_qdJR1...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTH_afZ5TPnOslBNCMSe1qbanN_nPjLL6vl49eLgWetsCyXrZWusiYxARcIsUX6NW5aNF7Su4kKSIfxNivPO_qdJR1pJQN6YA&google_hm=eS1WcTRwakV0RTJwSHJh...

170 B
188 B

41ms
41ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTH_afZ5TPnOslBNCMSe1qbanN_nPjLL6vl49eLgWetsCyXrZWusiYxARcIsUX6NW5aNF7Su4kKSIfxNivPO_qdJR1pJQN6YA&google_hm=eS1WcTRwakV0RTJwSHJhUUVRckluOTRmTWczd0Y5RGdzaX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 16:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTH_afZ5TPnOslBNCMSe1qbanN_nPjLL6vl49eLgWetsCyXrZWusiYxARcIsUX6NW5aNF7Su4kKSIfxNivPO_qdJR1pJQN6YA&google_hm=eS1WcTRwakV0RTJwSHJhUUVRckluOTRmTWczd0Y5RGdzaX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED12
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESECNERnE1MCO0o8yNrBq-peg&google_cver=1&google_push=AXcoOmRm720-XijlRN32pBVl-R-iLw6uS-XqST6-GdF9-dEvl8NDtS1nmx3IChm1J5P...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRm720-XijlRN32pBVl-R-iLw6uS-XqST6-GdF9-dEvl8NDtS1nmx3IChm1J5P7-xixCJk-gI3y-cK03XYtJbDRqUSA1NixYg

170 B
188 B

41ms
40ms

Image
image/png

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRm720-XijlRN32pBVl-R-iLw6uS-XqST6-GdF9-dEvl8NDtS1nmx3IChm1J5P7-xixCJk-gI3y-cK03XYtJbDRqUSA1NixYg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 29ee1456.39c70635
date: Mon, 04 Dec 2023 16:21:40 GMT
x-bytefaas-request-id: 20231204162140EB5FE8080705A47F3357
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-27-184-21.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 196,184.27.184.21
server-timing: cdn-cache; desc=MISS, edge; dur=163, origin; dur=33, inner; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231204162140EB5FE8080705A47F3357
x-cache-remote: TCP_MISS from a23-213-246-229.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRm720-XijlRN32pBVl-R-iLw6uS-XqST6-GdF9-dEvl8NDtS1nmx3IChm1J5P7-xixCJk-gI3y-cK03XYtJbDRqUSA1NixYg
x-bytefaas-execution-duration: 27.70
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 013009938b169d480cf433a6ba676e893877acfe8909ac14071233238117253ef504d915a8c7e83536f9ac8008bcf5af02e2456e786f605e3acb67f81604cd7c20b7e390be88eb7d5cc68a5f5bae4a3a97004557885cf9d582461344a01e4c7364041860a73bb11446a980cfe487ced549
x-origin-response-time: 33,23.213.246.229
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 04 Dec 2023 16:21:40 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ED12 0
12 B 37ms
36ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IT-zp1-XlgpnJ-WewYvIUSBWQzkfoeWeCVzhXyknZMgX4OGdZkbJGEE3igh4yWADgx4tOTig

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 38BB 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 94830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 14:01:10 GMT
expires: Mon, 02 Dec 2024 14:01:10 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F35 51 KB
19 KB 3ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 01:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 398898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 01:33:22 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7602 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 94830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 14:01:10 GMT
expires: Mon, 02 Dec 2024 14:01:10 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 font
fonts.gstatic.com/l/ Frame 5B9B 27 KB
27 KB 3ms
2ms Font
text/html 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrL03dVttj3nEuDTh0RVz7cOU904C6FxDauoc7z3f-tfO_DRlaPjieFP_WIi3CL1Dkgz-RLL01ROgAkmKpx_s7Abf9Av88Yw0Cs0wAEwLMex0atg7FpnsNk-s0JY3IzMJofpbou59WRPhdAnRggb0cHgqRine8rM56qoIUNeOP_Ybl3q-UJsxUPEyZAK2P5pRkmk6Mmg8KP5wHhwMiPISW5NjIrbDH48kBJeJTtBhrWWfaLBgDX7SimkuRljSxXJQhEhxA&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%9B%AE%E3%83%94%E5%AE%85%E9%85%8D%E9%96%8B0%E5%8F%AF%E6%99%822%E5%88%86%E4%BA%95%E3%81%AF%E5%8F%96%E3%82%8A%EF%BC%93%E3%82%B7%E3%82%8B%E3%82%AF%E5%B7%9D%E5%8F%97%E3%81%97%EF%BC%91%EF%BC%96%E3%83%83%E5%93%81%E3%83%A71%EF%BD%9E%E3%83%A8%E7%94%BA%E3%81%91%E3%82%AB%E2%88%92%E3%81%8A%E4%B8%81%E3%83%BC%E3%81%93%E3%83%B3%E3%82%A4%E3%83%88%E3%83%89%E3%81%A8%E3%82%8C%E5%BA%97%E3%82%B0%E5%A4%A7%E3%81%8F%E3%81%86%E3%81%AA%20%E5%8C%BA%E8%88%97%E5%86%85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

552329529311e42fdecd8a95646d8ea368d3fdc4d66e511d8496b747438f97ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:46:41 GMT
x-content-type-options: nosniff
age: 48899
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27824
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Dec 2023 02:46:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 853A 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9YZI_usWFmLJ7vPOoXzy8R30MxHB6su2AlKXUo0aYFytc3rQTKQmFPe2_fcGCrS0WkpKMwA3bVplgaQMxD3pIR4TNtw8oWY-cpDxkCVRBqTYKzZNtgsgdwwa4VTu_YmSrjWgvVqYo3dDdOWcbkXfVfojrsTUYhqHtNEOegtPaDlzzISmZOFe8uSIoZ_37K2pVEz9diuqgoPmH-y5XxO1eXFf6nbmepP0_hXdmUgxnjuA8M0tgTAYrcJPGD78FIFxuvUNNPyFN-GcGHM6ZVFKUfL6MGjvYYqm5YEnJ5WLZrBpL7dRbLZtyhKJ9Nqw3kscE1V8DVve7eH_qt0Av_1EzEhayIIYlxuSoox8RrTnzMeL4FxancD_k_aXKU2bMrqH5_m9mXFn-8PBPA-GEn98ECqhntwU-PgqRO_z5VJVKJRtf41ZxY-te3iAUJQurvCWPo0Qcb10jBKQ5-jubdwVxegFVzPZ-WEGg8fhzz3c2FeWdLtQXkD61X_jXRrkEbljelJV85llACUKDf6rPLRbfbLXJWkARYrF9KQW8c2RuHoG8EqrI9i5yFINM8DfSxHWq3AXQfLGYYFmDIA2YTqec6-WZ2TZ3FVLeANh128kapfibzvgTciZi63qBZiQZzmiKgGCVxYLSnSFuJxDPc5-SsYx4ES2Ngv71nqu3PIRYbdnweIF9ECtsr3IqI38AmxcUcKtIxOwoHLoKAR7z6c5L6xko97cLjckY8RpMw6ARhYVhhXF1lJtWP8bHEqqe2C1zu0UJWZmQsKJSOdvN8g0IoyrASI_6094SR6hop5jwsz41sp0p_vm5yz-V-Eb-oClvZkT-aRmLskD9JqsRMjowl30I8PvL0b-owxGAs-PSE6vltyA4d6XQlCrrXnmPSmj9kztgxFw7l_bQdWBDlwwjYp9uk3ol4ZuSzFKyoYsc9hBfmRcT2TBiCDcCXTSLdWHdpDSzPRqeKtgO-1l7UVG2njyMtFTEqesyawlquPqHVdnRptOmdJizmOGGJ7YOKftjX9ffo6-XbJ7trO6h2dDWZoErxgentJd4BDc0vUnJyjUWx7UWTnDeu0jxfbcBJRz3iBKcLdapZLAMpLDqItHIgq-JJpv-0jZnZxWwNwsbRC8B5IyhT6GgrF96I4ouWTNMUiPV2gAeSqdZPiH35kwoUkChHrcT_ggL_mGdO6n-KJ1or255u2S00FXtoaMsm1esYh1wdSfquHkWDpeWQGaVphjdKrjCl9szQgdXz3-Uxaoz79Unvv36VJh_DsF9TQLtfGwJfOAgLME&sai=AMfl-YSVQ6FEtWhqzt_f2EHG9Dv1Eds1oxz-24aYPL7VctEqxKqIO4ujCYrJIFqGYyCVv9mMt5MlXbDcyA6EIDXoMw6bhb_2SUDvO5DMYRCps12IORdZT_IEk_uHsjLaisckTWs35arfsmZmarr-n_3kBvRyOfB8yM2E66LtZNqr9ZCXGYUzfKiOZA&sig=Cg0ArKJSzGyJ-fXGvx-fEAE&cid=CAQSTwDICaaNoxFU3rObFvdhgYPs2UZefuwroyY2e0TYzDG0eBBEQ_XQziRF33iLP6FnQ1D8YY3yN47CSebh9zLdTn-t921zWC2VszuokReFQWEYAQ&id=lidar2&mcvt=1075&p=0,0,280,336&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1102396104&rs=2&la=0&cr=0&vs=4&r=v&rst=1701706898099&rpt=1089&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8102 51 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 01:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 398898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 01:33:22 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame FC46 27 KB
27 KB 3ms
2ms Font
text/html 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%93%81%E3%82%AB%E4%B8%81%E3%81%8A%E3%81%93%E3%83%A8%E7%94%BA%E2%88%92%E3%83%88%E3%83%B3%E3%81%91%E3%83%BC%E3%82%A4%E3%82%8C%E5%8C%BA%E3%82%B0%E5%A4%A7%E3%83%89%E5%BA%97%E6%99%82%E3%81%A80%E9%85%8D%E7%9B%AE%E5%AE%85%E3%81%86%E3%81%8F%E3%81%AA%20%E8%88%97%E5%86%85%E3%83%94%E5%8F%AF%E9%96%8B2%E3%81%AF%E5%8F%96%EF%BC%93%E3%82%B7%E3%82%8A%E5%88%86%E4%BA%95%E3%81%97%EF%BC%91%E5%8F%97%E3%82%8B%E3%82%AF%E5%B7%9D%E3%83%A7%EF%BD%9E1%EF%BC%96%E3%83%83

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

552329529311e42fdecd8a95646d8ea368d3fdc4d66e511d8496b747438f97ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 02:46:41 GMT
x-content-type-options: nosniff
age: 48899
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27824
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Dec 2023 02:46:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E724 0
20 B 44ms
44ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BEWb_kvxtZefnBqaNpt8P5qSS8AcAAAAAOAHgBAI&bg=!ERKlEl3NAAY3kmNgF5I7ADQBe5WfODcT3Nn9QyaQvI4K7W8ce_OP-RVs_9PLnpbZg37I3CZ_L6FExlbXuL06dQqFVfTqAgAAAiJSAAAAA2gBB5kC_-pA9y8HY11oWTPqA0iYXShDbEaRG78KOvGJClMbx3LQ6O-Sb2UN8RC09EuPXE_DQfQYqDfKVL9TWDBJXJjMDbFWxkBOOARzb-qEZ-o6AxkHbwVjuVdwa8T8XYmUxL-ReC70IEThhu33mzH_xk4IY67ysXfpyjqYvLqTw_uhapD_sqmF86RqRHg-V7T8nVKxtONXmuZI9WnYustRLbh1akOuF2T2euvexA6q3-yIZ81_of5Sli259IIiHjMwzykfFIWl4imfg-sWJYh1xPEfGsHnKCiaoei4p8nm1-JIzpRFwz4uEp7tmvniZppC947IJPexPev2Xh7OgUJchtWVsilAfyi8gyjusQ0HyCB4gdfx2_IspNLOzf2heI4Q0QVMjmy130xCey_ljaqpoZHIICrekoCDSqXWBwC-SRx144HLJ7n-X-0fUQVitHKoBjuFU_Am0IbPsIhJYsaJnCeBuPTOCC7BXKsU-m48mTQjiKTMdjtb-UrtXSIXymwVzqGcvReOsnm0S9cpzfE_LlANwswUBF4vaMabqpeK1MWdD50HQOYe_vYOVKt4go7C_frB6CsiAhF1Nu5wRAGaFTObH9pvhwYRVeC3374Ktu5_wimV-fHtAkfU4ImIfdpMi-jQHxlApqtOFIcW9j-wTQNDSY6eBcWLEzUA3V8pYXqIOyeVJO6_PoiOgBedEwmrM1TzoU6wFYcYlW8Y5zQxq0petAbOgNCeHb6rNLQSq5U6zw5XuE_t-EJXD7st6En4Z3CaufEUCn5AeNoryIaxahJScgSEZGDHYVy-AJgmNb26lD5P11h81zI3TNdflcmN3ghLPFFDY_F0PoYlVEpOc5kF6eWE97xO4CJhr6hl0Qog1dWidhn088vfX6XfBrNVaxlOlpK4mCAx0CdyrgYnVJt8V8WqsJZRfhQjawTFFUodKVPs8J9FSsToALRO6BQHWxk8_67O5RpCJ4laOpbDDgvyrHBsi2rvhwpmgALJSS8bgDgQ9H5fBAN3EElpXceNirTb

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6754 0
20 B 39ms
38ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiO1KkvxtZejnBqaNpt8P5qSS8AcAAAAAOAHgBAI&bg=!tLelt_jNAAY3kmNgF5I7ADQBe5WfOFfX_Cu1Jzb_tuw6pbnzbeUAlZ8xzTuRdcC4b4sszG-dFVz6xrqotx20hcV5ONCdAgAAAhZSAAAABGgBB5kDBMPh5tXXmNySE4KDQ-ZXSmUuzT4DLF8KzlQTu8UuqV_X8li06B1p96eGR__Ak3r_kmDeDQLZon20F6WtH4VwPHoTA__wYwHeBrod_CNNcH1FT39jdGbeqOWTbqP8UANNortM8ZhP_V_UJ7ZhvqVmaBZ3ZR2IXVfpehHgKQFlBIdUGRvGJRK9VLYaSzEVfduJs0iourxPTeptLwM6RserSnS1VWtfZD_cdOlhqRrYMWwSRHTkJfhFWmRNNqJEHP_BT5ZDcvLG7WQclZk0Y_jSKAFnpXMmTLiT7iY8T2q_Jyba2X6GKKJubft6itIPinwo_1HG2DdTLkKaJIpn5bSVK9phbQNVb6yLt3I3gJnRJOYVPP7d5K3-1bGoZAIQSlsz6AM4lXd64_7bR1GIHdgYcBdrO85bvbEcSV7vXA9EGYxWQ36mjlblw4kOOfrQExXq_vzHje9MYLEMLNZ1iolHXQIDLn4lLIUEBRLcNLVgKId8mfuXa6X3naEMnK6OpkMJArivDtB2bBCEDcDAoUvJn6glIb4KTYgohSJh9rb2GYFp_WhKsz629ZrR9iyVkYbmOk_WxPj7SHk75scfU_WNBD_NwtssFoEoF_8b6URCFSAZqnKx0BSjQLriBV3SWekKuYtLgRI95v8wjJAla12kMimhX4ZM4oPv7nqRtC7_mBh0aGcW9PTU5Em23e1mx2NM92WabX9oERa4jjGbRzNtOvaAuEpTUFir0TaoWI77Wh0AhcsuUxXeiZiJnN688XZZm1jqhdjmYVeqHXaWyS2sMwDj9EdSTVqNlTAUREBHZO-cz4FBAB6ObEB4WrlRtSg0XZ80mOrw3y9FDA4W90xiJ8Q32Ki0AAX5AiHLRT0MFZvZQSP34ZsPd801AjqqV2fl8yAkUmqfeGrncOfETEqo_o-JnfVhmpgbn9RVWh30vXdpi6z3LtAoC5EntLn7TFSkVVYIl6YlRZ1z3QvRgVKsUSgo-fw0IyDrtBb61VMGKaCjAe5x9LizGjPwPjzFwHEc9q5kGa4

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B102 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 02:27:56 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 38BB 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 02:27:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B124 0
20 B 43ms
43ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHSTtkvxtZennBqaNpt8P5qSS8AcAAAAAOAHgBAI&bg=!BAelB0jNAAY3kmNgF5I7ADQBe5WfOLrE9PhZh-7Cous3pB4SF3QnpTj6Q3cY50wqwi1U8fLNrtJmLDmWFvb41q4YarqpAgAAAh5SAAAAA2gBBwoAgfGR0AN-K1WXCbt0aQUoPFG6hpG7pAk8I74KfDlLFCbTOUP3yIV-EV-CazIRnpnnkBU39hNFfGM0L8zNn8dlQwBlFQWZ7IjHjJalRsO6xkZ3tY86mcptyj_zXWXWrFKv7ePk4w7qt3TsZQqBBmKE4Osmuq4vv2s61Ip3xjyezqqZHZkDA9k8Klpg6fLoNDq0a1yGGNCh30HKvHx37xqLj9UNe53gDMuov37ZdAbq2Cf6mBAWoyhvOFB2OXKkxz_GYsf_Hg28ELZbw1C4WcPjULMEpJttOvIfF15UydqjJg9kCI7wyE_sti9a7Lox27QS5kcEWga5zbjQuIQ9C94JiR1BFOhzsoLrpbTBdOgFPPd6kDHf0AgTc24DFKlQQIOdWH1XjZ4rt9NX4GVvGYISy2brhxDYDJ0kTDuYUCcLXrNllvJ1WMq3LdxpJibaly1fn7OwJrhRQhaZcS-nZrXqTa8FG85-m4E4Apbr3A98TNY34QwZi7rb0SsOHznR3MHnj8e_p772zBSqk_ASKE5na9GoYvAjr07zL21lhWdahw5srQlm7DqsCuDwOjPTIEb4BGQ9K90-v0Je8cly7Sz0FbuOG2dwpOdaEYpy8mdgwVB_lIkFIpC54SkAIHG227gf56cuDPKemeZc1nBeBxsJg14IxRItY4d5G0ZwFEo5eSeJtcjRV_S6s_WScXRD41FtToRlcSt-mFIazyujhv_5aE0xgGcrDlv9H4TbOD1EvGcMaPNr3kpRkV8tQCuung8LTRLUWfqmrYSvKUQZ7jlIYDe7gVohQkswvAQHq-0xFW5ovhKAP0TBkKv8rkHer0cwvrM2xN6j7FgK_3Bv7B4PW8A1VLIICrJCgXUR49eLhaiYvX157SdmjinAHS4PJBoVzeNTJSJ2vMFu-hYVPg5KqbG8fJ-NCB8hqOaFLP7tWdppQR1z1xsSWustIPqurYI8cdVTs97j56Y-KSJRX49f630CCL9hOsfwzOw0ljoV8rxoG85tQjCXv9WhkwFPICL_iOWt4gGNiDwPDond64J3yKGbYDHDs238uiEU0Bu_04W-9O-6SnWH-ICTvO83HfF1VZgNWxol2BydPiHNRW9V5TY1YHaHQt2UEF0NPHOKv0HCQCpM1ULCttdKOia5wda4MRW2PmO1vhnePoJBHtC9q9kJ8O7ZMUvkoFWv_1AW2Xlg8xhGhokoQQ

Requested by

Host: ws4696.xyz
URL: http://ws4696.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 923D 51 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3478445572654677&output=html&h=50&adk=286476881&adf=3589865139&pi=t.aa~a.2551709074~rp.4&w=336&fwrn=1&fwrnh=100&lmt=1701706899&rafmt=1&to=qs&pwprc=3690463722&format=336x50&url=http%3A%2F%2Fws4696.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1701706899053&bpp=1&bdt=1620&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dec15132e61f36b9b%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg&gpic=UID%3D00000ca4dfb1c5b9%3AT%3D1701706898%3ART%3D1701706898%3AS%3DALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A&prev_fmts=0x0%2C336x280%2C336x50&nras=3&correlator=3329894081658&frm=20&pv=1&ga_vid=1527332123.1701706898&ga_sid=1701706898&ga_hid=1737927396&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1072&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532605%2C31079866%2C44798934%2C31078297%2C44807763%2C44808148%2C44808285%2C44809071&oid=2&psts=AOrYGska1SisUYxtE6xTyIztFhaY3Rmu3D2AufemPCY6qne3AUIwEXm8t4hsceRc_eXSDVlLJ8Q5u0QZYe80I2AL9Hmuc0wL&pvsid=1168473133448089&tmod=76869266&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 01:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 398898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 01:33:22 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7602 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 02:27:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
53ms XHR
application/json 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

457e92c16f26991d15db36e80d6700527dc10b0afc9c302259362270a2b19b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12261
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 108ms
107ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 16:21:40 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 48ms
47ms Image
image/gif 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.8680299500098285

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-7t5w6_DFaNNuiJFeMqBZdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-7t5w6_DFaNNuiJFeMqBZdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 228ms
227ms Image
image/gif 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.1739022558346655

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G5LlNkuehZW3O_hb2dowQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-G5LlNkuehZW3O_hb2dowQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B102 0
20 B 43ms
42ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BxxcGk_xtZa6JE8GUpt8P3c6koA8AAAAAOAHgBAI&bg=!aGulayTNAAY3kmNgF5I7ADQBe5WfOFIH_slyiekieL-AfSUxTrB97n05wmre5SHipBerRKacohVvw8e-4Thd5ct-Vy1UAgAAAMhSAAAAA2gBB5kC7sT-VODY_YJ7CbmckDam0ysXfEkXQEax4YzAZxYB9_9xRu4BXr281fWQ8AbJHblFmdNzfI4NIo5nBRvy6aGJgPCqsDZ9GZZ42GC8rw50w3cbnbG50u1-s2ycqApHQOlUuuxeQgkRRXMnmHzERqK0GnnP3OOqfNxetzgvbGlcyCe0m2xp-vPtM4Q25LEo2qJX-ZyEPvVbCO1AKkiuZk1soUmphREf72AQFQ4gsAs8S17BH76fB25EMyAVkKkZyjCjKjWwR_9qgWNN9mfID0XUmOms9HTyCIrd0Bd09bc1jWlkOIU2J0_VCvfE-grk642cMePPTCzg984_AEfVRzKWihICYm34vfXUxERkD240UPfMoyztpCbfKMN1Nu0uPm_fGYsGjwjPaHe6vauq3fG24xiyIbeSshA8xd6hHZO5XOkI3ryad9Q5p3LVJLoJi7Yye8fhez9-JISGTFXk7TTSGIe3kcJ6WLHh_N6KvxEq4G5w6Ls7hd__weAqqkdQpKjcMISKQeDjbGcJqqTx8F1BHySCtRNEsI6hdtFjzR2HldfCQ2RVV7wGCr4Fj5h5pXkyzm3LYK75eIyXpxdzn6GJJCGJr8p_pOE_IxcBsM1cUm5vsgYvH1q28UIgkMOs_91Mp05IPrgXgdiQxGsHzgbgqxwv3XlLGZn6XGsVOwtn7yJISpL0AUZN-73JPAR_VIxNzqoiJDKdqyuzFApJTvmA9erKm4qN2JyoLhkoR5pSUGxPf6sVMRBj1etmvVFek1Q3MTpoeaFhYBQSn-Qdg2eXeJDUWYVDW2OBnDwHxcJQJx0d7jl6TIzWmQfPrpPZBN6leOeLAVsjUou91iTS6cSGtdl8_BEWDobkFxOko6gPUrPxw1rft9ddt53rsycnSlIqYuGufxuQMy8XCnxAMczh2U5rXsnkBi53j7E3DTq7mHbh-oMK1X7WCq4ghB_uTbEwQqwsC7KTb3Kofs6YwX00SpaxhKSYA8QVNmHJmi5Dvg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38BB 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bd10vk_xtZYXpE4aOpt8P6pqQiAsAAAAAOAHgBAI&bg=!tLelt_jNAAY3kmNgF5I7ADQBe5WfOPnsuUcJ1t7okQzbw2FxaMgZCBJxZDd7_AJIygsNMXWzpOj5uSYTNAGB1HxldmM-AgAAAL1SAAAAA2gBB5kC8Xo_lTjmXFoaUon_Gamxow7XB0eoDGaSjeM8MIP1A5dmh4cJjq0WyMcgHkBF6MTz8yx20VChF0hpP-gYhBMGTN5uR69ogvNxDMxF8fU155mJQiR5f_0OF-h1SYoScKw8aa499MH4Fg2Ty1PespLpo3RfOANZIH5oPnS0KXXF8dzFss_iWMFAY1JePQJQ6f3rx2GGvH4mdPtyAd9t8Gx_Nr-WiQR2JRxfsOTWeGq-KBJ7tO2Pp97aYYyEuXKT0HBFD_FrRkxdNoNVLlAD8uWQls1QQiHAskLuCW-vBgkC6N7oFd4oSOBIZ1sQQjZqIPXzKKAFDifUOAjebuKG8P_Ucv8V1USlnC6mM2JuOpvbZdTl-YY-1XAyUOL86z4xauiqZRNAm-3hfPGQCGTpLkZl6OUIaExQrW_Aav-us49udEOA89pVG1JRAERDnf8HdL1aCrCI4Dm5QNMfHbmcQNob_jejhIQDTrM00yzdDiySJH42KPg7SLapz5Ri1fmrKRWCx57EpkyehaA1tv3UgfzTEJNZJMFKK1D4-jRDyaCykKu_a1j3xZMkE9calFX1stSRp05gScslMB-04DsTolxq8yFWa3EWBQmUahx21LgffJxnHR-Dp1aOu348iYkHDwPEClVyqORvTBbEFV8OyNWRhs4tuCYJltDXNfC5i6ft5zNUMkGOwKW7jpPnTutmXZWFiCf24JrXvb1YIGmfG37zT-JkGUKVfVc9dd-HplsQy49ZgS4b3IYPg4OxqmoNdJVuWDfVgWP8Q5-sq2xR8LBjSk75ASkFfoeZr_YIpexBKy1h4N4ww55TS63krFhu2Y7Q_EKXEd6NACvmZRNqaCdV1fsAt4T4HdvjQkh7YjNMaMSx3C8llw-xyukYUIq3t2TaJY6Bn7C_w19hnQ10sKNYuX8kvlWJtl3UN4N1w37fLAWFGdU_KtSBtT1cAguK2RpJlQZNqkEqLeie3gq3oXXaJx4SfUz1M360R7mnzM-UsjkonA

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7602 0
20 B 44ms
43ms Image
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBNVEk_xtZdW7E6Wnpt8P_tW0oAwAAAAAOAHgBAI&bg=!SkmlSQbNAAY3kmNgF5I7ADQBe5WfOKsIRFU9ZZ2Jq6HV0elu7R2SI7_3wOzK4ipEtA39Afr_ujph8yNY4JyLOTNO5MVBAgAAAIxSAAAAA2gBB5kC65J81shL4WxWKLrpRze5aDd4IBVe7D6mMM5ZgfZQnJxw-H2IOuvnZPjbedb0i-kYy0UGElGTiYibsfkwllwqpVUOz-wWNFRKIY3scd3El4yEWiRMxtUqzjhJvOzGyTScs0iNBrB5SfaYowpul7cFjTlxU75S0kHHUPWG3J8BNjjl12UgeljZpcihX3oWHEY6LYn_1auYyS9TROhCUzkxQpuqxB1EC6c7VtVc3e78YNUcSLTu6YqncVhgoYjb-YL4BxO5k_R6_eAQK0c929_KrPl9KfRkeiH_pxp05UgFrMyR7JYpaDWhis_eGtX5xT9x7LajUmdLwTHNZbfHOtd-a6dLQbIRwNPva7z_aL8pfMLEElWyX1Qpag8c5GXFMpfz80MyZHCmypOW70fdPHXkg9GhRiWZB2L9Zabq9g3giKA0ZEkekt5QI7KI7XGZq9GgN7SzNtnrd-0Izji5uiRPx8P8eLL7tA8XYLRrtk7RGRpEacVnQufJAMl3hA6FGJ28s29g2G8scImteazqmrax4j4h4KsCnJwMxGxIL-4WjaFH9fgeWW4LsF8CiuPvhTR_uLoLhanp_UUDmI-qZn4LWvx8r8iSVbRMK2eRWpOmNIh5VO7Qpr1ysKfwaaij9DbzHrY1uYGNwYcZMIdku5qb4XwRF_VzF9KU69oKMZzIsV1zl-6-s1nSCm9kGWURJjjk72nJPXqlC3mJ_TGvr6ZvRfqgsnF1cPehbQ7wrNEOKQRLGC8N6hhlhYv6K7l1IZ2QLq_Mj78t9WIuijICSSqHdIGuU4-DdaG6j9MZwI0rAgFeNdrvGVHsvrll9dCMQ7IHyeUCA_B1Fr8o6L5lT8XVEGPAUwKNuZP56K4AomhPN_5sVXLY0S_WwX9YUAv9F4NPLHB0wogW2PXd948JUCm1RhMxa-OQTzXqNpPArxHCLJqMGP0aXeMAE3U_emUunGYbU9ezrFlNAXoyVcJ6HhqgIDkESIWBXb0JMuYxiw

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C07 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 07:09:23 GMT
expires: Tue, 03 Dec 2024 07:09:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4039 829 B
558 B 44ms
43ms Document
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f1e70c19449c6b6a2cd009afa1eda57e80657c1bec34a59e318872f82d3220d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rL_JtW0DZPL52VF7_px0Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ws4696.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rL_JtW0DZPL52VF7_px0Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:21:40 GMT
expires: Mon, 04 Dec 2023 16:21:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C07 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 02:27:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4039 0
0 38ms
38ms Image
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1168473133448089&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C07 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u-1f2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 90ms
50ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NHx3Zq7l_RZZWzmn74Nryw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 16:21:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NHx3Zq7l_RZZWzmn74Nryw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://ws4696.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1168473133448089&bg=!tLelt_jNAAY3kmNgF5I7ADQBe5WfOH8Tp8B2fyUJGqIyVYIVAIYmThKS4UIP59k3ILyzF1jUyoM_xhJ9ieMlqexELCO_AgAAAEBSAAAACmgBB5kCpL2mvrzjapjj37rQpKP5_k1bRepn73QEQm6pE2vbCIVNjpGslVIpFnflDeK20jhvWflSKU1kBE7nkxpDn-5hyF9Pu00SO7sLuTP35-qZjLPvfTFh-mJSRPPldHsf7O_UmmS-82CCY1WwC_LemI2DNjJdWI45QoAVyL2vFFWhgN3L2HAKEOFGix4Ngz7xTXELfI9ZLVW-H6On-ksxMRPPuLbVdmoy6R2fkjQmlDWPS5tlQ6v_mSTH_xJiSADqfP92i9A4KL4CVOW5pv1Xtz-PItUTgayooU3pCNdkL8YJpgehCu0WoMl8uv_OctUPyQlSvqUDQNEXwXq_TifcHmL94ESsZ2ZrZgHgA1PFmQPmcB8lw4cv0sBLM8KAQs_WW06RWJ6O54L9G54kfrrXnCtn_CXc-Ini6-5h1uAdY9SkzzCUnohoaPduDiwHxVPKEA570_eaahEX_0EPFt0gZErCRob8HHHMURO22Tq_Yp87PABV2bZ3-Sedaug3cVThsETbTq69WMrJ8OHwo8t_5hvgSn34T9sOjWrKmVZOLbzW34G3mNdN2AB981BkqGMoiFHInPodrpxzHB1PyuSYZYATmSTjF8aF9Wl2o8qOP6X0eRXqaUsU1V8jFjbGovNsWiakjH7_xnMVjumOv_WCsRS9TiyymKKfOmatuRstslwbXPesHRERn26N7mb3tobiKLbZHlogZlFmuiulrf90aemrhwh8zTn19raPlQhnF3j3M1cFHEvRqiKV-lBjoW4HtevesLxVmtnFRagyk2m_YqXPrcAXC84rFDHArmzILfRaCsi6K3ZM7lW4UM_QxZ5kmZQRGMj_JEuRkiAuNwLrAkQc9ELdP9a8Z7OtMwly7v5T000ihhb2HEqQEwHNtrdWtiGQzFDxJsg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ECA6 42 B
64 B 44ms
43ms Fetch
image/gif 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBTxYE4gJm9tYH0mJO6OyriYjUCCeLUWPrMm_Vhm4SNGmA26lmDgzzaoieJX6UzLGsfF9V6gFyp2f6PbkTu3VTDAUKSK0vZVOkn3E78OwjOgtvylSmBLLufR1qMeAEKDjM9tncgqjCAQ&sai=AMfl-YSi_-OPPoQtszJzIxSFvw9NPmooQLeahdSyLF4wmSwY9vn4SZ4sS8TnBWYFAjdN5WsPtca_vf9AKsQmUoQx8sf0UtHgbiv0EUh6OWGJolWciQ_afyv7vyIZwBsUC5glRTjxdou3FicGo5voBk_DYfnm4JldL2dGkos&sig=Cg0ArKJSzAPTfd3ylsuaEAE&cid=CAQSTgDICaaN1oV7B3qyeDTG0iHSqb9apQtH4Pgo_3c_2tVaYASMahYini98A6wCVnaJ9W3o-VfI60kaOTx7M1zSpIWedSSPiJ0Hh3JtJ5Q7QBgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1701706899448&rpt=880&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __iframe_ad_ Show response
fundingchoicesmessages.google.com/f/AGSKWxXX0HThTr_KUkAzkaxk_DsuSyXT54bwl609iiFh6FzmH_CAxEDVac-epoe0yKfiA6FnAZTVhXzukI5CEyJfdy6M0_ltHGNynhMpwfpoX6uzIeHthfOzouaSkIIfK53yOSxxSooD08pEQNjdleQaIDk0nUdCG... 54 B
109 B 49ms
47ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXX0HThTr_KUkAzkaxk_DsuSyXT54bwl609iiFh6FzmH_CAxEDVac-epoe0yKfiA6FnAZTVhXzukI5CEyJfdy6M0_ltHGNynhMpwfpoX6uzIeHthfOzouaSkIIfK53yOSxxSooD08pEQNjdleQaIDk0nUdCGhtKfQgyiuYTGV3BQgFWLo0vhfFardTi/__iframe_ad_?adarea=/requestmyspacead./dfp/jquery..hr/ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzufRugCfZ2QricSdnhl71g5NspTQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a823842d7e90948fc3822a9131963606477e2826a80b6b1acae8b115a21490b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2-5utRuJGL15Wj6hR8tI5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-2-5utRuJGL15Wj6hR8tI5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 72ms
71ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6fd4c49e0d0f7be8210e741c7d5ca50136a48dcdd33803129fedd70e5a12663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53177
x-xss-protection: 0
server: cafe
etag: 10542159926537090149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 04 Dec 2023 16:21:41 GMT

POST
H3 204 AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 45ms
44ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f7iFEXv0WVIIc4VaG-90zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-f7iFEXv0WVIIc4VaG-90zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://ws4696.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 51ms
51ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WEGpSAoNeva7eGhctVetgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WEGpSAoNeva7eGhctVetgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://ws4696.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 93ms
93ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eH7XRJVzXOEXgfoZ9i9BaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eH7XRJVzXOEXgfoZ9i9BaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://ws4696.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 182ms
181ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dh40e1XjTP1SmdK5lsS2fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-dh40e1XjTP1SmdK5lsS2fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://ws4696.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU2jRA8U9qL_esRi4tyvEv_Clywazd4ne9vXrpV5A855F6adM6XnnPJrhJhJ3dK3tQfMpIAARFkht4IRPQeM-FGfJzWYwBTFstcaQwoPh3nrmy0MLWsQ52vth6gFaDrl7DF9AOwyw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 108ms
107ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU2jRA8U9qL_esRi4tyvEv_Clywazd4ne9vXrpV5A855F6adM6XnnPJrhJhJ3dK3tQfMpIAARFkht4IRPQeM-FGfJzWYwBTFstcaQwoPh3nrmy0MLWsQ52vth6gFaDrl7DF9AOwyw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNzA2OTAxLDYzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL3dzNDY5Ni54eXovIixudWxsLFtbOCwiRmFZUHVSd2VxSUkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fedc7af02494992bd165a7b11c272babb0c66b0bccb455230b7b56ac6acfad6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zqn0Qz1HHdH9Y8WwDXG0CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://ws4696.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zqn0Qz1HHdH9Y8WwDXG0CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVWk-khIPnpP1Fww_Gp8HXBlARSH3z8mjeert2p5XHzAfD0TD6QrJiuImGtA8Tq4BHBr5n0I04gOGcGZNfgsTmA0YzepDqIbVRRD2iaxRQbHeuXfHhLrCAPaQ6HGgSkQWEqOImC-w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 87ms
86ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVWk-khIPnpP1Fww_Gp8HXBlARSH3z8mjeert2p5XHzAfD0TD6QrJiuImGtA8Tq4BHBr5n0I04gOGcGZNfgsTmA0YzepDqIbVRRD2iaxRQbHeuXfHhLrCAPaQ6HGgSkQWEqOImC-w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fkIkZmft_t0oHAQD63OUtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fkIkZmft_t0oHAQD63OUtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://ws4696.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 91ms
90ms XHR
text/html 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvCQrVk2yaIzBE1QWIZkmgb9CcVV6iMy7iys66v6SSw0PBOhojDCgca2K3taEQiXMLJTPmqvwxsfeTI54O_HflEAn1Ne4hitHnJWV7iSobest226C5UIWnfpPxsaGxnjHPdBzyLA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LvEkn2nZYQ9Cl1SNBjmweg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 16:21:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LvEkn2nZYQ9Cl1SNBjmweg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://ws4696.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 41ms
40ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PLM6M7N4VS&gtm=45Pe3bt0v9103729353z89103730306&_p=1701706897451&gcd=11l1l1l1l1&dma=0&tcfd=10000&gdid=dZTNiMT&cid=1527332123.1701706898&ul=en-us&sr=1600x1200&_eu=AEI&sid=1701706897&sct=1&seg=0&dl=http%3A%2F%2Fws4696.xyz%2F&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&_s=3&tfd=8953
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TNFSL5S&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 37ms
37ms Ping
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8W8TP6BEYC&gtm=45je3bt0v9103730306&_p=1701706897451&gcd=11l1l1l1l1&dma=0&tcfd=10000&gdid=dZTNiMT&cid=1527332123.1701706898&ul=en-us&sr=1600x1200&_eu=AEII&sid=1701706898&sct=1&seg=0&dl=http%3A%2F%2Fws4696.xyz%2F&dt=%E3%81%97%E3%82%8D%E3%81%8F%E3%82%8D%E9%80%9F%E5%A0%B1-%E3%83%B4%E3%82%A1%E3%82%A4%E3%82%B9%E3%82%B7%E3%83%A5%E3%83%B4%E3%82%A1%E3%83%AB%E3%83%84%E6%83%85%E5%A0%B1%E3%81%BE%E3%81%A8%E3%82%81(shirokuro%20news)-&_s=3&tfd=8962
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W8TP6BEYC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ws4696.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 16:21:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ws4696.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ws4696.xyz/	1970-01-20 18:51:22	Name: _gcl_au Value: 1.1.758232965.1701706898
.ws4696.xyz/	1970-01-20 16:43:13	Name: _gid Value: GA1.2.1319875169.1701706898
.ws4696.xyz/	1970-01-20 16:41:46	Name: _gat_gtag_UA_104241103_3 Value: 1
.ws4696.xyz/	1970-01-21 02:17:46	Name: _ga Value: GA1.1.1527332123.1701706898
.ws4696.xyz/	1970-01-21 02:03:22	Name: __gads Value: ID=ec15132e61f36b9b:T=1701706898:RT=1701706898:S=ALNI_MbvMPywI5wh2OenuJNmEb1qDueSmg
.ws4696.xyz/	1970-01-21 02:03:22	Name: __gpi Value: UID=00000ca4dfb1c5b9:T=1701706898:RT=1701706898:S=ALNI_MaKO7cdQnjD4ISJ0m7KXUYdt36h4A
.doubleclick.net/	1970-01-20 16:41:50	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:17:46	Name: IDE Value: AHWqTUkdMJ4iH9eOyE-Ln_RDgP1lMGIbx8S1FHCMcoXhzDMwVCz3SkBTe_P4P6zej2U
.googleadservices.com/	1970-01-20 18:51:22	Name: ar_debug Value: 1
.send.microad.jp/	1970-01-20 18:51:22	Name: TR Value: e2ab4dcf80bb12e8398bb5943e848f5dcbdc790f2ae069f9
.casalemedia.com/	1970-01-21 01:27:22	Name: CMID Value: ZW38k1OHEe1-xGTy7W3mxAAA
.casalemedia.com/	1970-01-20 18:51:22	Name: CMPS Value: 5510
.casalemedia.com/	1970-01-20 18:51:22	Name: CMPRO Value: 5510
.teads.tv/	1970-01-21 01:25:56	Name: tt_viewer Value: 2dd2a601-9f35-4073-84af-8208048e85f6
.openx.net/	1970-01-21 01:27:22	Name: i Value: 09b0d38a-6552-4b8f-b1a8-b09a973a8fa6\|1701706899
.adnxs.com/	1970-01-20 18:51:22	Name: uuid2 Value: 2133257666629918138
.adnxs.com/	1970-01-20 18:51:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVSj/-tG!]tbPl1M>e)ZlrFUfJ+tGXxo3F][nA'9B+LE8.Xy/FHF@(Q!]5-jllO4cU3If)y3KL9D3I?+qajgZT
.fout.jp/	1970-01-21 02:17:46	Name: uid Value: hvUyMOF9Fx9z1gEOcGb7XUPI9bs
.uncn.jp/	1970-01-21 01:27:22	Name: t Value: v_2d536bf0-93b5-4736-b183-982dccbf2401
.ladsp.com/	1970-01-20 16:41:50	Name: cr Value: 1
.r-ad.ne.jp/	1970-01-20 21:00:58	Name: r_ad_token Value: 57fGLe008BDAK007wRyU
.c.appier.net/	1970-01-21 01:27:22	Name: _auid Value: 2L67YT8PDt2kzkvKlPxtZQ
.c.appier.net/	1970-01-20 17:24:58	Name: _gu Value: CAESEOBNBGDigEvKoCgfSLt4hsM
.ladsp.com/	1970-01-21 02:17:46	Name: smn_uid Value: xmvLEkLqO3PLCUdr6MMzdxA7ezY_qKU
.ladsp.com/	1970-01-21 02:17:46	Name: lum Value: CNrEiq3DMRIFCAEQqAE
.adtdp.com/	1970-01-21 02:17:46	Name: uid Value: AYw1oqJc2MNuZZ5Euzs
.adtdp.com/	1970-01-21 02:17:46	Name: dynid Value: AYw1oqJc2MNuZZ5Euzs
.ctnsnet.com/	1970-01-21 01:27:22	Name: cid_2352408b8b6f4fb5be70bca83d70b591 Value: 1
.ctnsnet.com/	1970-01-21 01:27:22	Name: gid_CAESEDKgeG2EUovfdyEqlNPmFSk Value: 1
.yahoo.co.jp/	1970-01-21 01:28:49	Name: XA Value: d014dvdimrv4k&sd=A&t=1701706900&u=1701706900&v=1
.yahoo.co.jp/	1970-01-21 02:17:46	Name: XB Value: 92fjp4himrv4k&b=3&s=td
.ads.stickyadstv.com/	1970-01-20 17:24:58	Name: UID Value: acbb9b46e2f48808ef3e3f223d3f5b6
.ads.stickyadstv.com/	1970-01-20 18:08:10	Name: uid-bp-159 Value: CAESEGY49M66n2wW4nDcluS7yLI
.analytics.yahoo.com/	1970-01-21 01:27:22	Name: IDSYNC Value: 18yl~2ff4
.ws4696.xyz/	1970-01-21 02:17:46	Name: _ga_PLM6M7N4VS Value: GS1.1.1701706897.1.0.1701706900.57.0.0
.ws4696.xyz/	1970-01-21 02:17:46	Name: _ga_8W8TP6BEYC Value: GS1.1.1701706898.1.0.1701706900.58.0.0
.yahoo.com/	1970-01-21 01:27:44	Name: A3 Value: d=AQABBJT8bWUCEAlg8btP20_0-aPbvl5ycXAFEgEBAQFOb2V3ZWChyyMA_eMAAA&S=AQAAAqcRPCPafoGoyrrHzGa9Ik0
.e.dlx.addthis.com/	1970-01-21 02:12:01	Name: na_tc Value: Y
.everesttech.net/	1970-01-21 01:27:22	Name: everest_g_v2 Value: g_surferid~ZW38lAAEbFch5gAM
.pangle-ads.com/	1970-01-21 02:03:22	Name: _pangle Value: 2Z5LGrNzoZQ3ZZSSpzutL4gP3Uy
.tribalfusion.com/	1970-01-20 18:51:22	Name: ANON_ID Value: ayntuJRwEfES2QVoq6vnSojVAoGS7q4ZdLVY5QiprYdPqn8xe4M3TKdiqjWwoAupUkYRSVDfsvwTab4d9at3qlCsa
.smartadserver.com/	1970-01-21 02:13:27	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:13:27	Name: pid Value: 8073583127303320938
.smartadserver.com/	1970-01-21 01:28:49	Name: csync Value: 76:CAESEPwYb-UZKopiXJ-XeiKThno
.addthis.com/	1970-01-21 02:12:01	Name: na_id Value: 2023120416214000088816506769
.addthis.com/	1970-01-21 02:12:01	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:12:01	Name: uid Value: 656dfc948f339808
.addthis.com/	1970-01-21 02:12:01	Name: ouid Value: 656dfc9400017445666da338dbb4f135c10643437349195d7308
.dlx.addthis.com/	1970-01-20 17:24:58	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 17:24:58	Name: na_sr Value: 20231204
.dlx.addthis.com/	1970-01-20 16:41:46	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 17:24:58	Name: na_sc_e Value: 0
.adform.net/	1970-01-20 17:26:25	Name: C Value: 1
.adform.net/	1970-01-20 18:08:10	Name: uid Value: 7030908968061274149
.inmobi.com/	1970-01-20 18:51:22	Name: idsp_c Value: b8c85486-c4f4-406e-b14f-0d84d65ec23b
.mediago.io/	1970-01-21 01:27:22	Name: __mguid_ Value: 9d9fcb009ca4a7471bive500lpr4cnz8
.turn.com/	1970-01-20 21:00:58	Name: uid Value: 7247565835752524173
.zemanta.com/	1970-01-21 01:27:22	Name: zuid Value: Y_wAJ1oK6xZy97F3Q3Wc
.uuidksinc.net/	1970-01-21 01:27:22	Name: jcsuuid Value: cgLzht4eL39JOFdAxMg8
.yandex.ru/	1970-01-21 02:17:46	Name: yuidss Value: 7844264921701706900
.yandex.ru/	1970-01-21 02:17:46	Name: yandexuid Value: 7844264921701706900
sync.srv.stackadapt.com/	1970-01-21 01:27:22	Name: sa-user-id Value: s%3A0-4b9ec7cb-0d3f-5643-5616-a4b51b9dd2bb.BXaAj0DOXTgZBe8nPtRwkE1b5eN3wa0NGLddxnCQqGY
.srv.stackadapt.com/	1970-01-21 01:27:22	Name: sa-user-id Value: s%3A0-4b9ec7cb-0d3f-5643-5616-a4b51b9dd2bb.BXaAj0DOXTgZBe8nPtRwkE1b5eN3wa0NGLddxnCQqGY
sync.srv.stackadapt.com/	1970-01-21 01:27:22	Name: sa-user-id-v2 Value: s%3AS57Hyw0_VkNWFqS1G53Sux_Mkas.T1AaLWCc6yJkoyaP5%2FrMYmr5raZVCfdce0Ldv19zf2g
.srv.stackadapt.com/	1970-01-21 01:27:22	Name: sa-user-id-v2 Value: s%3AS57Hyw0_VkNWFqS1G53Sux_Mkas.T1AaLWCc6yJkoyaP5%2FrMYmr5raZVCfdce0Ldv19zf2g
sync.srv.stackadapt.com/	1970-01-21 01:27:22	Name: sa-user-id-v3 Value: s%3AAQAKICLqjmSMOL3Jq6CGpzOvCMjUK7UB-s6DckvwTfPJr5RpEHwYBCCU-berBjABOgSVjvJGQgQhJQZ3.01zHXvE396030Pwdt%2FMbb9LogPWhfQB8lZuI2R7%2FMPs
.srv.stackadapt.com/	1970-01-21 01:27:22	Name: sa-user-id-v3 Value: s%3AAQAKICLqjmSMOL3Jq6CGpzOvCMjUK7UB-s6DckvwTfPJr5RpEHwYBCCU-berBjABOgSVjvJGQgQhJQZ3.01zHXvE396030Pwdt%2FMbb9LogPWhfQB8lZuI2R7%2FMPs
.dotomi.com/	1970-01-20 16:41:46	Name: DotomiTest Value: 6d2d983a7ce922ad
.ws4696.xyz/	1970-01-21 01:27:22	Name: FCNEC Value: %5B%5B%22AKsRol-88hCnpXR9Q-ZMbwOUy0USXZYNKLW76YuLxrDEttjgc4WRCJtcax8LqYQWSfc0iF3-6QBQeIlvUXDp1507Jd1lEml8FgU_XdwiCazhFdBBUFRI3Q-KJL0wXuNm9NFIA4RPBTl_HWOPRrZR21yJcHzsQ3cfbw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://webfood.info/javascripts/gasetting.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEMhmXy1oQu3Gc70DIs722-A&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEHnX5mxjEHMGy5sUPemUzNg&google_cver=1&google_push=AXcoOmRZOy3nSKl1lVT3HrptHhXpG7ZX5i7vHT_Jq_eNbXYHNvSuY6r_Oxxv07jS1pNDSLQnTRt70WKIK91qVBC-aP_33ReCv_zkHZz_ Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEK6LDOnue48z_-tJrdXabiI&google_cver=1&google_push=AXcoOmT-uYzVE7AINY9_ZKNeiLDapKeHTAgJcqWfYuu3_aQpY_orWit5iEXLlF2Oo4eDzL8m_cItlVvSyf5BYnyuYT-6t1QImVGW1Kuh Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.stickyadstv.com
ajax.googleapis.com
an.yandex.ru
analytics.google.com
analytics.pangle-ads.com
app.cauly.co.kr
b1sync.zemanta.com
blog.with2.net
c1.adform.net
cdnjs.cloudflare.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cr-p1.ladsp.com
cs.r-ad.ne.jp
dclk-match.dotomi.com
dis.criteo.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
ipac.ctnsnet.com
mweb.ck.inmobi.com
odr.mookie1.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel.wp.com
platform.twitter.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb-csync.smartadserver.com
s-cs.send.microad.jp
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.fout.jp
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
trace.mediago.io
uh.nakanohito.jp
ups.analytics.yahoo.com
us-u.openx.net
webfood.info
ws4696.flier.jp
ws4696.xyz
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www11.a8.net
www15.a8.net
www19.a8.net
www25.a8.net
www26.a8.net
sync.search.spotxchange.com
103.43.90.19
104.18.36.155
104.244.42.136
133.186.161.88
139.99.120.190
142.251.222.2
142.251.42.166
150.95.137.87
151.101.194.49
153.120.49.75
163.44.185.207
172.105.199.172
172.217.174.98
174.137.133.49
18.143.106.89
18.177.11.95
18.179.103.207
182.161.74.16
182.22.16.251
184.27.185.21
185.84.60.23
192.0.76.3
192.229.237.25
20.253.86.149
2001:df2:a300:bbbb::135
202.232.238.37
202.233.84.8
203.114.55.135
23.106.127.170
23.36.17.70
23.45.61.118
2404:6800:4004:801::2004
2404:6800:4004:812::2003
2404:6800:4004:813::2003
2404:6800:4004:818::2002
2404:6800:4004:81c::200e
2404:6800:4004:820::2002
2404:6800:4004:821::2002
2404:6800:4004:821::2008
2404:6800:4004:822::200a
2404:6800:4004:822::200e
2404:6800:4004:823::2006
2404:6800:4004:825::2003
2404:6800:4004:825::200a
2404:6800:4004:826::200e
2404:6800:4004:827::2001
2404:6800:4008:c1b::9b
2406:da18:929:5a00:8dd2:a72d:5057:e911
2600:1f18:612b:4264:4b11:4b0e:f335:7576
2606:4700::6811:180e
2606:4700::6812:18ad
2a02:6b8::90
2a02:fa8:c411:11::730
3.112.186.112
31.220.27.134
34.111.79.67
34.98.64.218
35.186.193.173
35.208.249.213
35.79.70.3
54.225.102.15
54.65.227.130
70.42.32.31
99.84.133.60
02f3e23b2da7983545c44b1bca8702f13b3d152d25de7d1956391de36d53d1a3
04ee323b7788157a69f619b237859da5bc59aaaefd35e026ea53f1c4db17b29e
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
09b653fcbfcedf261824edb83a334bfc9d2193af6c999891e9daac65dee47dc2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
112a739fed40464e3e9272f5679eb69fb67536886f4d5ad5fbae3fd03b456c28
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b922e1442d09aaeee4f3a28ac1a29b0108ff694b797dc936f672fa009138da3
1e6d0fc0d2df1dddde03a6c3570e472a623693d6a35785bb79b4a94ed4c94597
2045d43f18fd3c3df5f8535e3bb247e50ad5d31eab54cd6cc8acd092dd0297f2
2204122d7916a897ea8123dcc4f6ba1221ef13b8503e2037d5e773b39a4412a1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b61dbaabc2eb2b0840fca25363537b0bb8f5f4497de2db552e5e502e47929ac
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e60e076336c2f9d80289ca5863018061cb1d3fbee8dcb5a02c0f4d4f93a31ba
2f747e9b9a2a42ccfe24d911d892477df94a026ffc4ffc5ed9cdc9b917c4cdbd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3d4e5c62d464c59ad9cd883d893aa6663e31e507d2c23d7b22a2c7cff1753024
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
429a72f7fe4c9e470b32ab5bd7ae2d64d0d880c13a41ea2e2cc510c338a92780
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457e92c16f26991d15db36e80d6700527dc10b0afc9c302259362270a2b19b67
4842165d46e47aaf19092aa2391cc8abd61a897f2123ad6ac9b35b2a565867b5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48da367cc850d075f7b3f558ef7db76f37b94a418079a1d920e01baf5efaead6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0329d581f58e67913b9244f23212e54cad238530899e744d8e97ea3c1c1a8e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fedc7af02494992bd165a7b11c272babb0c66b0bccb455230b7b56ac6acfad6
521b9ed814238d6143d351f4433aa5c7ca5b02c46bdd7555f3edcb4ca2c103ab
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552329529311e42fdecd8a95646d8ea368d3fdc4d66e511d8496b747438f97ee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a823842d7e90948fc3822a9131963606477e2826a80b6b1acae8b115a21490b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61625ac8f7e000129622f93c4ee659462200195eb1fd3b9a892290d604bb9773
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
69abf8268adc17a969b4283db067d6fb206a104082d1df83e8cfcb1f60d67275
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b00efa290fc2fa7a24dfef3d9ecc2be894e90655f2c8cd71fc5987844a6ad83
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5381f4a95f8a4af8491bf59fe4b1eeb2794666ab5d94fa1d532657af539dd4
6d563f3e7ae8a5d551b0ad59ee5f5461027ffc0d6b89e4726cb36ee0469958bc
6e6d4ca6c4c55bae9c447476d55a6239b04b9586bd4ca7537fa3d1542e4a8fe7
6f3158be047d51629e5b8116242614efeb9a44cef5891b0ab42feaf47c70706a
707d15849ad502f2be299c15e8371fb722a5d57a49e8f6cf0e2012e099846df1
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70ee71d2be01af776e6f7b2c9f0908be77f3d35cbdbee0150c44c1b4c5e8c6da
746fb54568c83214882485ee04777e293fc6fac5a3537bc5dc662fc13f32215f
7537c70888aeaeca66fbfee0fef06d2707c1945efc1e6501aade15c38c1ec66f
82775ff8190d576eedefba3df2ca240bb20bd390bdb7be78d73983f7defe8fe3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b2d0a1fbab062c8468a3c869ae3eb3ad09d01ccc3768210f889a2e76a6e200
896dd0788acc091b9ff093ab63d9e274ab1aed3f26cdf4f35734d2fd6bcda98a
89714ab5e24187c7541202543f19d551b61ac3ab22d4b9136094c8a2b5eb05c1
89d6a758a7f16d3f67d2bfef2a9f9046a18c1056af10a00d4360133af9652b11
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b301620b857d3b029742558a294070f4015c00d1d5132c5ba5808cf71f8f0a6
8cfbf9445e1d2a05f6f562ceffae4fb25e28e791b734b5361b8299625bf73891
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
96c3a07f42b2678f3223c6b64f7c92d0cb17fbca242b0a1161113afe8e337fe1
9746bf0e001904709f9368472672d08b0814d96db9a2f824b7912090d5d9bf5d
978fb2eee40b56e6f6264659428830b693c744c5919c3a178c42f197efae9e25
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca6c7cfe996f4fb4708ec04712cbe84da9fd39b2975a64cc74d118ae7f68a49
9db6a18ced9b1d309b74d5b0fe33245b1d1f3f9db7e3c0e940fe1b7e8d98e8ea
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e3bee1bcc69703971364295b79729e4718304d5a4af83bc106ad61113a5ad54
9f1e70c19449c6b6a2cd009afa1eda57e80657c1bec34a59e318872f82d3220d
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4a8da9b56e61e7c72c2b6f272c33f31b47c2c527e0212a88b191e3508c3520b
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aae948bf1a4f39292abb99912a3262d77ce10916b1003abc96211ae6993da91f
ae0834cb622114db579e4eb85e3436534d3037ae039b0d612d492b3fb3829720
afef63348ef4e06b6da27547978472e008f7d4667f7036d50a6872bfc4da6bab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d18a558d57e2b2ce01630bd32e75a541ed8270682ff8bd13290d934e5114b3
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b292fa2d5aa4af134c5227fa6a3ca8a40267237f70eb23ea863e76a80ca5a729
b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570
b4761b9e9c5ca8e13fe185b78c1e8c01c8a02db9dccb0506ad4ca31b6b6837fa
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b55f773e18defc141d7aef8376ed3a49fa55b24d02b50fb929a090ef17e55a74
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b9bfe2e98b1beb456dbf19a851f46a717a46fe8fc3c394cab8233a89e81a786d
b9cca18615f5f4031f6761c9048b4577046990634d4e7920efa163c19ccb6444
bb80418cb4dd40912b68db0f75d44230e9d6adedf65e878cb888f6b0c2441d89
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
be2dc4752074bd63d4aa1848e862691e2df35c51866d4ee54b4e08919fac72d6
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf01c6e0647793558efa00b51d274ece4be4bac9635632b16d239a56c2c03246
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c2e99415bfcc2d958cb252bf90d283aba9af56cde44fc8212657a5afd738c1a8
c3f5defd5902cccc715d8136ae2f5ac3ae191906d6ebe37339456c350e90b639
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c52ed0e42ce120f0a111011a916ad08a35929eadf41fecb1713d335cfb14ff41
c8f18f6309ee9a9aad410e1f208e8b069c1b338fcacae0913db02fa16d9340f7
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
ce71c50f69e1bcb06e9c1e848aeb59c2ec41148ced8599daf447d908b2d3a198
d234519a12ca79e72a4a19ccd93bfb00df930fc29d10d2da1ba7c60ff926126c
d4bf4ed4cf6c60d8078a39f3464737f95495c4fb9429248bf1fee69826c91933
d64e4b1472aa838c6ea3e0e70d999bbb85699b5d4557e7d771bb19891ab7d017
d79fe617fcee3a024f450a07d651e62ef55764962a60e4bca5be6ffea232810f
d951a07b1a1886ea1f27608785858ecd42b2b9ecc8c8eedf8ccd4529ba2ae385
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d31b766f1ef8699edbd8363da432055bba82482e28543bbb52c25c227df451
e5022fe6f7e042b9e827e987896ea7dfc92eb0d356a6b5cbfa18369d7d843432
e56e3d1d1fd44f78ce89a543820b189581fc1795352d1996fb8d38b275644ad3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec77403a4f2642c68db26788b752b153853ca37d19b531bf4dfe4c424240a453
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef76f153d610c355de8f8aeb1fbe3c17c3f40927d999d2ad4fbf54a7034e43f0
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5184f756de91f453e4bf350fc3439ecb414f8145e31d9bfc820e2a40c890eeb
f6fd4c49e0d0f7be8210e741c7d5ca50136a48dcdd33803129fedd70e5a12663
fc48643d0ba513aedf1c305b8a0f9c72f2a73d935ec52ca53bec89ca67758201
fd09774fccd120bbe9182a37b2c3139635af3d52b9192e11908d299a675b6197
ff31218d890fb6a263543047e51de59e857e37b16fa4123e9e7426dd23484941

ws4696.xyz Open in urlscan Pro 163.44.185.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

313 Requests

80 %HTTPS

36 %IPv6

55 Domains

72 Subdomains

45 IPs

9 Countries

4485 kBTransfer

10588 kBSize

69 Cookies

21 Outgoing links

Redirected requests

313 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ws4696.xyz Open in urlscan Pro
163.44.185.207 Public Scan

Screenshot
Live screenshot

Full Image

313
Requests

80 %
HTTPS

36 %
IPv6

55
Domains

72
Subdomains

45
IPs

9
Countries

4485 kB
Transfer

10588 kB
Size

69
Cookies

313 HTTP transactions
12 data transactions