www.mediafire.com Open in urlscan Pro
104.16.113.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/4737zMM
Effective URL:
https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Submission: On December 13 via manual (December 13th 2023, 5:56:28 pm UTC) from JP — Scanned from JP

Summary HTTP 281 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 77 IPs in 10 countries across 67 domains to perform 281 HTTP transactions. The main IP is 104.16.113.74, located in and belongs to CLOUDFLARENET, US. The main domain is www.mediafire.com. The Cisco Umbrella rank of the primary domain is 42789.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 18th 2023. Valid for: a year.

This is the only time www.mediafire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 16	104.16.113.74 104.16.113.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:1c30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:81e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:aa90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2404:6800:400... 2404:6800:4004:827::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:903e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.50.103 99.84.50.103	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:d625	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.42.198 142.251.42.198	15169 (GOOGLE) (GOOGLE)
1	52.11.164.10 52.11.164.10	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2406:da18:9d0... 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:e0:... 2606:4700:e0::ac40:6a06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
7	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
1	52.76.98.54 52.76.98.54	16509 (AMAZON-02) (AMAZON-02)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	54.255.18.102 54.255.18.102	16509 (AMAZON-02) (AMAZON-02)
1	207.65.34.76 207.65.34.76	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c15::9d	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	182.161.74.1 182.161.74.1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2600:9000:21e... 2600:9000:21ee:e000:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	65.9.42.118 65.9.42.118	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	18.139.4.93 18.139.4.93	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:822::2001	15169 (GOOGLE) (GOOGLE)
1 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7 7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	211.120.53.200 211.120.53.200	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
3 3	99.84.133.64 99.84.133.64	16509 (AMAZON-02) (AMAZON-02)
13 23	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
19	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:80c::2002	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4004:820::2006	15169 (GOOGLE) (GOOGLE)
23	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
3 3	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
5 11	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:140b:1a0... 2600:140b:1a00:19::17dc:4491	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.26.226 172.217.26.226	15169 (GOOGLE) (GOOGLE)
10	2600:9000:234... 2600:9000:234d:8000:5:c6ab:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
10	23.40.148.27 23.40.148.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2 9	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
2	23.39.216.189 23.39.216.189	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
5	46.137.237.145 46.137.237.145	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:116:800e... 2620:116:800e:21:46d:7e81:55ff:4c12	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
2	207.65.34.81 207.65.34.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
12	207.65.34.80 207.65.34.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 7	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	209.58.171.197 209.58.171.197	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 1	18.179.121.248 18.179.121.248	16509 (AMAZON-02) (AMAZON-02)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.140.225.254 18.140.225.254	16509 (AMAZON-02) (AMAZON-02)
1 2	119.9.108.191 119.9.108.191	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
1	34.142.175.23 34.142.175.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2406:da18:929... 2406:da18:929:5a01:604e:e541:626d:d69e	16509 (AMAZON-02) (AMAZON-02)
2 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
3	207.65.34.74 207.65.34.74	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
2 3	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3 4	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	198.8.71.130 198.8.71.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	72.34.250.75 72.34.250.75	27630 (AS-XFERNET) (AS-XFERNET)
2	23.219.68.21 23.219.68.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	13.251.160.207 13.251.160.207	16509 (AMAZON-02) (AMAZON-02)
1 1	23.108.103.8 23.108.103.8	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	3.121.129.13 3.121.129.13	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	35.72.102.184 35.72.102.184	() ()
1 2	35.186.193.173 35.186.193.173	() ()
2 2	185.84.60.20 185.84.60.20	() ()
3	142.250.207.34 142.250.207.34	() ()
281	77

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.16.113.74 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:1c30 (United States)

ASN13335 (CLOUDFLARENET, US)

the.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81e::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aa90 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ezojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:827::200e (Australia)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:903e (United States)

ASN13335 (CLOUDFLARENET, US)

privacy.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.50.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-50-103.nrt20.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d625 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.42.198 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.11.164.10 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-164-10.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:e0::ac40:6a06 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.98.54 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-98-54.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.255.18.102 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-18-102.ap-southeast-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.34.76 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c15::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80f::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ee:e000:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.42.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-118.nrt12.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.139.4.93 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-4-93.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)

e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.120.53.200 (Japan) 2 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.133.64 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-64.nrt57.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-p10.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.207.2 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:820::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.233.84.8 (Japan) 3 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.36.155 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:1a00:19::17dc:4491 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:234d:8000:5:c6ab:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.zuuvi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.40.148.27 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-148-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.223.2.229 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.39.216.189 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-216-189.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.137.237.145 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800e:21:46d:7e81:55ff:4c12 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.255 (United States) 4 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.34.81 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 207.65.34.80 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.213.12.39 (Tokyo, Japan) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.171.197 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.121.248 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-121-248.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.225.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.191 (Hong Kong) 1 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.142.175.23 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a01:604e:e541:626d:d69e (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.65.34.74 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.74.16 (Singapore) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.179 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.34.250.75 (Hemet, United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.219.68.21 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-68-21.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.160.207 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-160-207.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.103.8 (Jurong Town, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.129.13 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-129-13.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.72.102.184 (None, )

ASN- ()

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (None, ) 1 redirects

ASN- ()

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.20 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.207.34 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com	308 KB
38	doubleclick.net 13 redirects ad.doubleclick.net — Cisco Umbrella Rank: 139 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	318 KB
20	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793 simage2.pubmatic.com — Cisco Umbrella Rank: 723 image2.pubmatic.com — Cisco Umbrella Rank: 859 image4.pubmatic.com — Cisco Umbrella Rank: 1224 simage4.pubmatic.com — Cisco Umbrella Rank: 1304	30 KB
19	google.com translate.google.com — Cisco Umbrella Rank: 1298 analytics.google.com — Cisco Umbrella Rank: 152 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	105 KB
16	mediafire.com 1 redirects www.mediafire.com — Cisco Umbrella Rank: 42789 static.mediafire.com — Cisco Umbrella Rank: 73082	252 KB
13	media.net prebid.media.net — Cisco Umbrella Rank: 1498 contextual.media.net — Cisco Umbrella Rank: 665 cs.media.net — Cisco Umbrella Rank: 1381	18 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	6 KB
11	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 9368	20 KB
10	zuuvi.com cdn.zuuvi.com — Cisco Umbrella Rank: 114499	76 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	369 KB
10	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1054 match.sharethrough.com — Cisco Umbrella Rank: 495	5 KB
10	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 592 eb2.3lift.com — Cisco Umbrella Rank: 372	5 KB
8	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491 jp-u.openx.net — Cisco Umbrella Rank: 15595	2 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	4 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	3 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	103 KB
6	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 947 fonts.googleapis.com — Cisco Umbrella Rank: 29	91 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
5	ezoic.net g.ezoic.net — Cisco Umbrella Rank: 15372	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	criteo.com 2 redirects dis.criteo.com — Cisco Umbrella Rank: 550 gum.criteo.com — Cisco Umbrella Rank: 424	2 KB
4	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	2 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 931 api.btloader.com — Cisco Umbrella Rank: 1000	18 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
3	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	960 B
3	microad.jp 3 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	ladsp.com 3 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 25818 cr-p10.ladsp.com	2 KB
3	creativecdn.com 2 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133 creativecdn.com — Cisco Umbrella Rank: 564	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850 sync.crwdcntrl.net — Cisco Umbrella Rank: 799	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	227 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	ctnsnet.com 1 redirects ipac.ctnsnet.com	666 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2269	972 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234	1 KB
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	1023 B
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	125 KB
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26283	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953	138 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1018	1 KB
2	otnolatrnup.com cdn.otnolatrnup.com — Cisco Umbrella Rank: 74839 otnolatrnup.com — Cisco Umbrella Rank: 68659	56 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2546 api.amplitude.com — Cisco Umbrella Rank: 1839	22 KB
2	gatekeeperconsent.com the.gatekeeperconsent.com — Cisco Umbrella Rank: 33272 privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 40907	2 KB
1	cinarra.com dps.jp.cinarra.com	38 B
1	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2137	585 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 951	752 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	676 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	870 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 780	611 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 28404	455 B
1	aralego.com 1 redirects sync.aralego.com — Cisco Umbrella Rank: 2837	473 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	1004 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	902 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	16 KB
1	ezojs.com www.ezojs.com — Cisco Umbrella Rank: 30115	42 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5695	346 B
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	ad-m.asia Failed sync-dsp.ad-m.asia Failed
281	67

	Domain	Requested by
28	pagead2.googlesyndication.com	e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com www.mediafire.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net
19	tpc.googlesyndication.com	e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com www.mediafire.com tpc.googlesyndication.com securepubads.g.doubleclick.net
18	cm.g.doubleclick.net	13 redirects google-bidout-d.openx.net googleads.g.doubleclick.net eb2.3lift.com
14	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.mediafire.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
11	go.ezodn.com	www.mediafire.com
10	contextual.media.net	www.mediafire.com contextual.media.net
10	cdn.zuuvi.com	s0.2mdn.net cdn.zuuvi.com
10	s0.2mdn.net	www.mediafire.com s0.2mdn.net e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
9	simage2.pubmatic.com	ads.pubmatic.com
9	eb2.3lift.com	2 redirects www.mediafire.com eb2.3lift.com
9	static.mediafire.com	www.mediafire.com
7	x.bidswitch.net	7 redirects
7	match.adsrvr.org	7 redirects
7	securepubads.g.doubleclick.net	www.mediafire.com securepubads.g.doubleclick.net
7	www.mediafire.com	1 redirects www.mediafire.com
5	match.sharethrough.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	btlr.sharethrough.com	www.mediafire.com
5	g.ezoic.net	www.ezojs.com go.ezodn.com
5	ad.doubleclick.net	www.mediafire.com
4	ib.adnxs.com	3 redirects eb2.3lift.com
4	b1sync.zemanta.com	4 redirects
4	googleads.g.doubleclick.net	e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	www.mediafire.com fonts.googleapis.com
3	ade.googlesyndication.com
3	dis.criteo.com	2 redirects eb2.3lift.com
3	image2.pubmatic.com	ads.pubmatic.com
3	pixel.tapad.com	2 redirects
3	sync-tm.everesttech.net	2 redirects ads.pubmatic.com
3	s-cs.send.microad.jp	3 redirects
3	fonts.googleapis.com	securepubads.g.doubleclick.net cdn.zuuvi.com
3	www.googletagservices.com	e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
3	us-u.openx.net	1 redirects google-bidout-d.openx.net
3	translate.googleapis.com
3	www.gstatic.com	www.mediafire.com www.gstatic.com
3	api.btloader.com	btloader.com
3	www.googletagmanager.com	www.mediafire.com www.googletagmanager.com
2	c1.adform.net	2 redirects
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	creativecdn.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	pm.w55c.net	2 redirects
2	cs.media.net	contextual.media.net
2	a.sportradarserving.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects
2	uipglob.semasio.net	1 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	cms.quantserve.com	2 redirects
2	ads.pubmatic.com	www.mediafire.com
2	googleads4.g.doubleclick.net	www.mediafire.com
2	code.createjs.com	s0.2mdn.net
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	tg.socdm.com	2 redirects
2	oajs.openx.net	1 redirects www.mediafire.com
2	www.google.com	www.mediafire.com tpc.googlesyndication.com
2	www.google.co.jp	www.mediafire.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.xx.fbcdn.net	www.facebook.com
2	ad-delivery.net	www.mediafire.com
1	dps.jp.cinarra.com	ads.pubmatic.com
1	inv-nets.admixer.net	1 redirects
1	sync.go.sonobi.com	1 redirects
1	p.rfihub.com	1 redirects
1	gum.criteo.com	contextual.media.net
1	px.ads.linkedin.com	eb2.3lift.com
1	image4.pubmatic.com
1	um.simpli.fi
1	sync.crwdcntrl.net
1	ds.uncn.jp	1 redirects
1	sync.aralego.com	1 redirects
1	cr-p10.ladsp.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	www.mediafire.com
1	prebid.media.net	www.mediafire.com
1	tlx.3lift.com	www.mediafire.com
1	otnolatrnup.com	cdn.otnolatrnup.com
1	www.facebook.com	www.mediafire.com
1	api.amplitude.com	cdn.amplitude.com
1	cdn.otnolatrnup.com	www.mediafire.com
1	cdn.amplitude.com	www.mediafire.com
1	privacy.gatekeeperconsent.com	the.gatekeeperconsent.com
1	translate.google.com	www.mediafire.com
1	www.ezojs.com	www.mediafire.com
1	btloader.com	www.mediafire.com
1	the.gatekeeperconsent.com	www.mediafire.com
1	bit.ly	1 redirects
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	sync-dsp.ad-m.asia Failed	ads.pubmatic.com
281	105

This site contains links to these domains. Also see Links.

Domain
download2432.mediafire.com
blog.mediafire.com
fast.io
mediafire.zendesk.com
translate.google.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.mediafire.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-18` - `2024-08-28`	a year	crt.sh
gatekeeperconsent.com GTS CA 1P5	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
www.ezojs.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-05`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-22` - `2023-12-21`	3 months	crt.sh
ezoic.net R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
ezodn.com E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-09-23` - `2024-10-20`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.google.co.jp GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.zuuvi.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-01` - `2024-03-06`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-17` - `2024-06-16`	a year	crt.sh
*.ctnsnet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-11-10`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Frame ID: 3B449C56FFB9A85749B897D56B302DBF
Requests: 109 HTTP requests in this frame

Frame: https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: A72A7469BEE764613B21A70EA9928C1E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
Frame ID: 2C672BBC588182867C17B265E59BA14C
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7AC082D0FE02D5959EF007BED2D3C649
Requests: 1 HTTP requests in this frame

Frame: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E41E2F2A88EFE7C2270D0FBAA4AB49C1
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5289AA4F23281B01729D15B55D5D609F
Requests: 6 HTTP requests in this frame

Frame: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78106AC2B91B529A1E8D91737CC4C0B0
Requests: 19 HTTP requests in this frame

Frame: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2597428EB1FCDD2A11CEA7D5A3E2B8C6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COSyFxCEqpkBGPaziP8BMAE&v=APEucNXDE0E4VixaUA2ZlHT6v5Ue5XK8qJeXCU1lopLz-inhACEo_Ar2mEX60oIQ19_yORAPFPoML9C9rerNC-ljEjCSZL6YYS6unYQkX4gt8qj__mMy-h0
Frame ID: DBF6FC42AEB232BC963A8CD9C6F1FEAC
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: EA33EB8874A77C9E6B9DCAFE5D5B6404
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYjJjW-gEwAQ&v=APEucNXmfqHrHAn6QrPOR9h_7VwyQU77RBUw1EFo1aZvTXvcEITS6Ga6tC07m1avUalGH9SxuHtuvgFIteujuSWYuQAU4EyMocyWElxb1Kb5Vys1lRBNPPg
Frame ID: 88AD62494EC25DBEB4EDA4EA384D7A97
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A1125BB8F2ACAC2CB059889374117B2E
Requests: 3 HTTP requests in this frame

Frame: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 99A9968A3E10CEDC8A226E78C353CCA4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYpZjW-gEwAQ&v=APEucNXWRHYcFXo1RBMd-dY7UrIuFeYZUcEHn-lT-yoDINnqpogk4IgDZuLIvsR-4JZXjcc_KyBwdCjFgVdDzwZCMfmgg4xm3xmm25L05nDMrwjlwx09ANk
Frame ID: 31D7390E71674FBAC155C40D4FAA9137
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/Ad7-336-280.html?ev=01_250
Frame ID: E07DE2392BAD8FFDAD7CDE220E0CEA7E
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/Ad2-728-90.html?ev=01_250
Frame ID: 5E7BAA4F9E49D3C5E0BB1CA573C0CFAA
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 82B8A0A33B8129FBBEBC108B65FD447D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14617803841495835230/index.html?ev=01_250
Frame ID: 3C0122A17F530503024A1C0C195E450E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EA24F0B2576D87E6D11C373AAC606726
Requests: 3 HTTP requests in this frame

Frame: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Frame ID: 92146989EDFD5112253CB721E05F7E87
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 168A3DD82F80B584F07F055CABFC2579
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF14706F87FDCC04FC8BD12072EF4FE7
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: CF940912B23124C4E8FD4C437B4D66C8
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D6526B9397BB29AB68FD4AF6261102B7
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Frame ID: C2022C286498D831541C7A07297329FE
Requests: 17 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYK6bhCkPiqRks8AED1M4RSt788AAAGMZFJ7Ag
Frame ID: 7E18570FAFFF627B33C72A070805984E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: FD7482BCC7AD11442F9B0E9F94357171
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_a24fe3e7-81ac-4794-ae95-af5e9925575f
Frame ID: 5F724DB57ABD43F92D3AEEADE9E29F3F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=rkt&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=1992631729708346253
Frame ID: FA09C2979268A3E6BD588876F0994FA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7011992553673582262&gdpr=0&gdpr_consent=
Frame ID: 19982E78BF5B21B47D3836C646AB95E3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e6tjdSuuYHxgqmJ0Lql5Liz7YH9g-mIpdKrzZjk6
Frame ID: 793FEB0419DD76794777D1D53B8BA1F6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7D068F20C12F4AB8DAB61C4B1734703F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 6CB1AADEF8840C84F86BAB921A8C6FBB
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 1A4B045508624D858948FA9DE28164F7
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=07D0740F-5EBF-4607-AADE-A7BBBAC424A4
Frame ID: 15010575EABC7DB3A8A0FAE8A833B796
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 6FADBB6D142ABFA3207C37494D9802CB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=634d0b55b1c6435bb33395f477fb16f4
Frame ID: 832F3A74893C2F5182E309D9B43821F7
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0C96865C2A6B11CB8E60C98227D6C1F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TIDAL v2.93.1 [Mod] (xC3FFF0E)

Page URL History Show full URLs

https://bit.ly/4737zMM HTTP 301
https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.... Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

281
Requests

83 %
HTTPS

40 %
IPv6

67
Domains

105
Subdomains

77
IPs

10
Countries

2755 kB
Transfer

10292 kB
Size

139
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://download2432.mediafire.com/i4wd7inpry8gYn9Rt7n1yx9Dcg3WRCtwdCIVM6CP3Z1cj1v3tSHO-DOuNe4xtUskzdGydr-YpQSerC5r9aFcieNVtiOApyJ2kBIdDu2islfZLavdnB1WGDLg9UIUjPVqRjwn5Uq4m0Gkc7xNxERd4YkQyDhIO2Dp97pYDcY3VyXdSag/pzoxj6yxz7oejit/TIDAL+v2.93.1+%5BMod%5D+%28xC3FFF0E%29.apk
Title: Download (86.97MB)

Search URL Search Domain Scan URL

URL: http://blog.mediafire.com/
Title: Company Blog

Search URL Search Domain Scan URL

URL: https://fast.io/
Title: Team File Sharing

Search URL Search Domain Scan URL

URL: https://mediafire.zendesk.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: 翻訳

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/mediafire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediafire

Search URL Search Domain Scan URL

URL: https://twitter.com/mediafire
Title: Twitter Page

Search URL Search Domain Scan URL

URL: https://blog.mediafire.com/
Title: MediaFire Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/4737zMM HTTP 301
https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 81

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&rid=esp&cc=1

Request Chain 91

https://match.adsrvr.org/track/cmf/openx?oxid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0&gdpr_consent=

Request Chain 92

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXnwPcCo5ssAAIo9gk0AAAAA

Request Chain 93

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af2agjxQfRoyks8AED1M4RSt788AAAGMZFJvKA

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDkQ3VkVcThMPIlse_pVAm0&google_cver=1

Request Chain 141

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0

Request Chain 143

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXnwPcD4ZmNDXAoGAqOCGwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1

Request Chain 144

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0

Request Chain 146

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXnwPcD4ZmNDXAoGAqOCGwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1

Request Chain 152

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzAyYmY5N2RkZTRjYjdlYTYwZTJiYmJjMDA3NjU2NGI=

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXnwPcD4ZmNDXAoGAqOCGwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1

Request Chain 221

https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&gpp=&gpp_sid= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&gpp=&gpp_sid=&_test=ZXnwPwAGrhPtoQBH HTTP 302
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZXnwPwAGrhPtoQBH

Request Chain 222

https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=brckcT6yJ3h1tiVwO7U-KjnnJ3t15iUtYbax1EHr

Request Chain 223

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ42OZHS-1X-AJXT&gdpr=0

Request Chain 224

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=

Request Chain 225

https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=2 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=AqFm5w5-Z4x2ge4zSl28&gdpr=0

Request Chain 228

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYK6bhCkPiqRks8AED1M4RSt788AAAGMZFJ7Ag

Request Chain 229

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=445&user_id=03fc132f-64d7-374b-8b14-b56919c44c2c&ssp=pubmatic&bsw_param=0d3c33d1-8f60-4d5e-a106-47adcb238c54 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 230

https://ds.uncn.jp/pm/0/sync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_a24fe3e7-81ac-4794-ae95-af5e9925575f

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B9B0D16_Rgeq3qe7usQkpA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 232

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=07D0740F-5EBF-4607-AADE-A7BBBAC424A4 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=07D0740F-5EBF-4607-AADE-A7BBBAC424A4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fb90964c-e76b-4c5c-8b98-3d0631c57015%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=fb90964c-e76b-4c5c-8b98-3d0631c57015%2C%2C

Request Chain 234

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDdEMDc0MEYtNUVCRi00NjA3LUFBREUtQTdCQkJBQzQyNEE0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED3r-z5mdtjteyOistAg9RQ&google_cver=1

Request Chain 238

https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXnwQMCo5ssAAIo9hSMAAAAA

Request Chain 239

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=

Request Chain 241

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jDBEYytE2uVONlD6fNLBAYnjPSQmeG4-~A&gdpr=0

Request Chain 243

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 244

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4NjgyMzk0ODM5MzU0MTA4NjM2Ng%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENT8xwpo6IQ4oNLSabhd4kE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 246

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4NjgyMzk0ODM5MzU0MTA4NjM2Ng%3D%3D

Request Chain 248

https://pr-bh.ybp.yahoo.com/sync/triplelift/3386823948393541086366?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1RF8EnlE2oTPl4L0NhAJyPClvtLz9H6y0VzYy6tRjA--~A&dongle=0883

Request Chain 249

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3386823948393541086366&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2b2d1e74-9883-4738-b3b5-a98d5b04b505&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 251

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=7011992553673582262&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 254

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3454917760032855000V10%26type%3Drkt%26refUrl%3D%26vid%3D24901764063454917760032855000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=rkt&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=1992631729708346253

Request Chain 255

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=son&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=[UID] HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=son&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=4a9b1231-5b83-4f57-a7ea-0c4aa1a2a126

Request Chain 256

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3454917760032855000V10%26type%3Dopx%26refUrl%3D%26vid%3D24901764063454917760032855000V10%26axid_e%3D%26ovsid%3D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=opx&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=6a848e96-40af-47be-bd1d-45e72dbd6e1f

Request Chain 257

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ1NDkxNzc2MDAzMjg1NTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbeaWajRzcO5Bhkv_FmyV4&google_cver=1

Request Chain 258

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3454917760032855000V10%26type%3Ddxu%26refUrl%3D%26vid%3D24901764063454917760032855000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3454917760032855000V10%26type%3Ddxu%26refUrl%3D%26vid%3D24901764063454917760032855000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=dxu&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=AasOCB5q1RdtsY5

Request Chain 259

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b4190e8-b2de-4780-b544-4a3c5ac076d9&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 260

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3D0d3c33d1-8f60-4d5e-a106-47adcb238c54%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=f4d302d2a7904a238f0c683307b93579&ssp=medianet&bsw_param=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&gdpr_consent=&gdpr_pd=1

Request Chain 261

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=uTxCKyIlQvj1_0ZYzqCp

Request Chain 262

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3454917760032855000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3454917760032855000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=6993f77d-2907-42c1-ae33-0b0da9a38b6a&cs=1

Request Chain 263

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf

Request Chain 264

https://creativecdn.com/cm-notify?pi=medianet HTTP 302
https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=ybPefktBJ3FpNVmYKqTNKQlvPGh6EpZopUmXyYxz8Ss&pi=medianet&tc=1

Request Chain 268

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7011992553673582262&gdpr=0&gdpr_consent=

Request Chain 269

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e6tjdSuuYHxgqmJ0Lql5Liz7YH9g-mIpdKrzZjk6

Request Chain 270

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 275

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=634d0b55b1c6435bb33395f477fb16f4

Request Chain 277

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7605676404892933526

281 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request file Show response
www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/
Redirect Chain

https://bit.ly/4737zMM
https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

300 KB
80 KB

331ms
309ms

Document
text/html

104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96779e801dd86db7530338cd1aa7ded6659ce7b9a2650aabef976b8bde5f1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 83501513aa79b012-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 17:56:11 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 197
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 17:56:11 GMT
location: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 cmp.min.js Show response
the.gatekeeperconsent.com/ 1 KB
1 KB 26ms
10ms Script
application/javascript 2606:4700:3033::6815:1c30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp.min.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1c30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f8ecd359ccf9d79ae9c4ad10312de1a65db446344b2667e54d604f25d3165b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:52:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 90
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhwXOJ%2BwZz8vq9wdgV%2FlgPYCJ210JnbFOn4B9Kikwnd7ho2c51ODJ7O8xszW4Nq7JXXhNGUdHuVaVr9%2BEng8KV9IWP6VK7Lkz2JRN%2FokwY%2FUgJxPRFyfQnMX3Rry8wZLvS4gx3cNXVz%2BFNRH1tAxs3X7b%2BWUbZC1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 83501515de6a34bd-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 95ms
46ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85082b71a080badee0aeea5566af984e092108bd87e46aa9435f94bf59b6162e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64919
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 17:56:11 GMT

GET
H2 200 tag Show response
btloader.com/ 52 KB
18 KB 23ms
9ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9e86523b065c3ee7ef59bed0824750bb0d653cba311c8274639f897bee0d0b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:12:07 GMT
server: cloudflare
age: 2580
etag: "847466997b0caf5658869bb1976de9fc"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 835015162e9eafa0-NRT
content-length: 18024

GET
H2 200 sa.min.js Show response
www.ezojs.com/ezoic/ 121 KB
42 KB 41ms
22ms Script
application/javascript 2606:4700:3032::ac43:aa90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/ezoic/sa.min.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4962dc9bd22a522eb6ee1e8251bd4725fd23de345ee11d67d3e7eb6c33a92bbe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 23:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65645
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v%2FZA0tX4nzCzSTumFCNQm6p9cc2Q17syYq8bQAW%2BWEAWGMNz%2FPrJVpXFlhcGFPgT38sav8IQWGD5gEoZJvc%2B845%2B6Xui1oxPz0qIuE%2B26IN1o%2BWdaMEeIjOynEPzL2hms3ibZ6aASiN%2B8J6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=86400
x-robots-tag: noindex
cf-ray: 8350151638108a96-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 91 KB
31 KB 94ms
53ms Script
text/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googFooterTranslate

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38ce2cefdf0094ba37eb84b49ce37698f071c3bf2bd7929e8cdf71a255feb4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 consent_modules.json Show response
privacy.gatekeeperconsent.com/ 2 B
482 B 28ms
11ms XHR
application/json 2606:4700:3033::ac43:903e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.gatekeeperconsent.com/consent_modules.json
Requested by: Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/cmp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:903e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dKQmkmomK9qeOvu11giqSOiEVYu6iGBErU3KBG3fkBiCwVV8I9E4rKcsbXFIE8j58U%2FwqzHX6lDKP0OJOjKgtXiOiZXk2qM4rKS6f2%2B%2FmYA6kHe6gmqrQkX%2FyIsrpTVQAOwrPbusHUMQz9QaoMu5u5pzKBIf6PhFfJmDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=15780000, public
cf-ray: 835015162c372620-NRT
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2 200 amplitude-8.5.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
22 KB 18ms
3ms Script
application/javascript 99.84.50.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.50.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-50-103.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer: https://www.mediafire.com/
Origin: https://www.mediafire.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:12:35 GMT
content-encoding: gzip
via: 1.1 cf2960ce52c75f72f0d9c2ce5a90ba10.cloudfront.net (CloudFront)
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
x-amz-cf-pop: NRT20-C3
age: 2418217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22154
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
server: AmazonS3
etag: "660c3b546f2a131de50b69b91f26c636"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: rhY0Xw9MTieBHkXznmjyHoXO2A4jEa9jNCUo7P3Kc3kGlxRHxwOG4A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 260 KB
82 KB 44ms
44ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

731dc606af8811bf5191e780c6cfd7a6cb9e469d00359d2ac7d99e6478e3fe24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83506
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 17:56:11 GMT

GET
H2 200 mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 24ms
18ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
server: cloudflare
age: 5627
etag: W/"5813cfb2-d1d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015162c52b012-NRT

GET
H2 200 file-zip-v3.png
static.mediafire.com/images/filetype/ 2 KB
2 KB 26ms
21ms Image
image/png 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 13438
etag: "62deda56-750"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835015162c4db012-NRT
content-length: 1872
expires: Fri, 12 Jan 2024 11:33:52 GMT

GET
H2 200 icons_sprite.svg
www.mediafire.com/images/icons/svg_light/ 36 KB
8 KB 24ms
24ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/icons/svg_light/icons_sprite.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 4204
etag: W/"62deda56-90ab"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015161c46b012-NRT

GET
H2 200 arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 315 B
339 B 27ms
27ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 12739
etag: W/"62deda56-13b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015161c49b012-NRT

GET
H2 200 check_circle_green.svg
static.mediafire.com/images/icons/svg_dark/ 444 B
416 B 21ms
16ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/check_circle_green.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 3545
etag: W/"62deda56-1bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015162c4fb012-NRT

GET
H2 200 fb_16x16.png
static.mediafire.com/images/backgrounds/download/social/ 181 B
307 B 23ms
19ms Image
image/png 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 2308
etag: "62deda56-b5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835015162c50b012-NRT
content-length: 181
expires: Fri, 12 Jan 2024 16:06:48 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.otnolatrnup.com/Scripts/ 177 KB
54 KB 22ms
9ms Script
application/x-javascript 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73fd5713e95bc75adc7783d8ca581259b0a2b029dd1236cc028cfa6f8bd4c06d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 17:46:30 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
age: 134
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, no-transform, max-age=900
cf-ray: 835015164d27afee-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 583 B
685 B 20ms
19ms Image
image/png 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 8532
etag: "62deda56-247"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 835015163c63b012-NRT
content-length: 583
expires: Fri, 12 Jan 2024 11:34:26 GMT

GET
H2

200

main.js Show response
www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame A72A
Redirect Chain

https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

11ms
10ms

Script
application/javascript

104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Server

104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

116adebfb659e20f7f9eb7791fd5fd1e2da62459c2af8d79f6e68a9f48728e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 835015168cceb012-NRT

Redirect headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 835015166c9ab012-NRT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 158ms
148ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Dec 2023 17:56:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
925 B 22ms
9ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416771
x-guploader-uploadid: ABPtcPrzB3cm18FCLszXosLrnpUSDC39pD8bZNtxq4Gk0yAz5UWX77-qWGETZ4KN5wCpB9W0x1k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg5MCKjjTHWle1%2BFgKPguAXvOB%2FNS%2FkYWv9T%2BEs0HzbSfMBQKDJVUqggzdV31%2BtIQdJO1u2jV%2FI%2BF678HvipkV8wzuIzhqB4QhtxAymD%2F1C9ADOcv7tGvqg46Dr2kGXAq9ACe9LUAxyDsPD%2Bcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 835015168d9a2629-NRT
expires: Fri, 08 Dec 2023 22:46:21 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 47ms
2ms Image
image/x-icon 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 06:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 06:51:14 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 22ms
10ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.277103373800325
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416771
x-guploader-uploadid: ABPtcPrzB3cm18FCLszXosLrnpUSDC39pD8bZNtxq4Gk0yAz5UWX77-qWGETZ4KN5wCpB9W0x1k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McxJl4GOwjZozet%2Bh7o1xQs3L%2B%2BlJ4LB8A6jJawXZt51uJtOWv4Df937jNvRwNLAdhN61rx4HrLK1rRED9WFfxuXRcfBF7hZxZgg6steylCijFBjuHQHjfxWSp2BeYw8L9I8CTIM8EQr4IloZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 835015167d992629-NRT
expires: Fri, 08 Dec 2023 22:46:21 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
228 B 391ms
131ms XHR
text/html 52.11.164.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.164.10 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-164-10.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-6579f03c-533d376667f19f3a5d6fc5d0
content-length: 7

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 2C67 58 KB
16 KB 210ms
200ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c60547c6172c3ec9bf9bca996c91a0831816c507d1e981a08fc6e89d76525714

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:12 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: xItyYQGa1DQR9pWr2idjKNovTlbZFhF5wBCYcnAx3gOg4iQEtWoAbwQpUrANQE/Srcf2K1SeVbkNwGxLa0Fg/A==
x-xss-protection: 0

GET
H2 200 world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
53 KB 24ms
23ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 8952
etag: W/"62deda56-23ce2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015168ccfb012-NRT

GET
H2 200 continent-as.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 43 KB
16 KB 18ms
17ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/continent-as.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 2753
etag: W/"62deda56-aae3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015168cd0b012-NRT

GET
H2 200 phl.svg
static.mediafire.com/images/flags_svg/ 2 KB
975 B 15ms
14ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/flags_svg/phl.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17ebd17218aad87cf1437bcd1543b71765f762de0829ecf5bfba5f879d6bb9de

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 10411
etag: W/"62deda56-6fb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015168cd2b012-NRT

GET
H2 200 flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 234 B
277 B 22ms
22ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 2746
etag: W/"62deda56-ea"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 835015168cd3b012-NRT

POST
H2 200 saa.go Show response
g.ezoic.net/ 11 KB
4 KB 285ms
78ms XHR
text/javascript 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/saa.go
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 462653493b223ae333e0837637305d16508f206ffff7b52433c756fa23309897

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag: noindex
access-control-allow-headers: Content-Type
expires: Tue, 12 Dec 2023 17:56:12 GMT

GET
H2 200 boise.js Show response
go.ezodn.com/detroitchicago/ 876 B
772 B 47ms
19ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/boise.js?gcb=195-3&cb=4
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50540eb32f28a5476d4c0ecff3886cc310ff6c575cb490124325e48b4fae6f0c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 21:23:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 73949
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2h38OZxezdvu0kfvuKe1NizJ1CUJNuM321ToGHD6lynUFbXjlECjs3si%2ByCeiDtLGaY3IixuLDQx%2FeaWSqAG1yTCe58ahUODrxafkmyR%2Bv9XWehW9hG01x7daQhTYgPBxKNXTljzuYXv5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501518984380c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 abilene.js Show response
go.ezodn.com/parsonsmaize/ 6 KB
3 KB 38ms
11ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=31
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40b7af4ee5b08a119d82a20918bba0605ef1187e7ee8ef0055dc2caae448ed1c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Dec 2023 22:22:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 588826
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SRTymCujt8OUPUzs7O%2FvSp8mdI3oqf9hd7Kg7Mvhy%2B8cAB6DoJnJQjap6sOzTCklqUH0z81Jv5dvfU1QIGwBOzkR5%2BtCYN5g%2FOn6RJ%2BYA25rx89JzmLnS7tVfzkzdfc%2FKN4LP0I5zWBoj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501518984680c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 et.js Show response
go.ezodn.com/porpoiseant/ 1 KB
1 KB 36ms
10ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/porpoiseant/et.js?gcb=195-3&cb=2
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 00:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1117377
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkmiTnrbPlAean5msB7%2BrMEhG1W2tmknZBn0SqYUHF0WKUXmbe%2BWoqzGgNKLSgGMrqaYFI7T7SIj%2FIc9h6gG3nKsdahTtHp6gviy7H%2F19otJJPvdWw1JETQ6hV2psagwOOkTU622YMay6oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501518984580c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 2C67 299 B
1 KB 14ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 13 Dec 2023 17:56:12 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: a2MC2FtokK4VLGyQ8wBKZRGzUtJiQg+b6Flz6mKo2YjZ/wImA2Mo07KDU5YrKCMQ+f4ek0voCkDg1YATRJnXHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:05:15 GMT

GET
H2 200 prebid8.10.0.js Show response
www.mediafire.com/js/ 258 KB
85 KB 30ms
29ms Script
application/x-javascript 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafire.com/js/prebid8.10.0.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864909edb64a3e6dd9d7fde79f064c6a23727f1a0cf6a10eee863a97bd3689c6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 14:59:05 GMT
cf-bgj: minify
server: cloudflare
age: 2015
etag: W/"64ecb639-40a99"
cf-polished: origSize=264857
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 83501518ce7db012-NRT
expires: Fri, 12 Jan 2024 16:22:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 116ms
64ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51ed4cda7a47bfb4444c59c1de4e6fda4d1993d09a0727ec3269fbd35f221de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29420
x-xss-protection: 0
server: cafe
etag: 163 / 19704 / m202312060101 / config-hash: 14700740341806945974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:56:12 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 148ms
147ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d71ed1538f597a4655df09138716e9a04e51ac38e47fcc1063f5af2cd1704647

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 200 Tag.engine Show response
otnolatrnup.com/ 2 KB
2 KB 151ms
145ms Script
application/json 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.engine?time=-540&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=73075&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=540&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc548557b4ca95043db9c67c2de15836d9bcaba2328efed71202448ac7dff52

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: private, no-transform
cf-ray: 83501518eec9afee-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 JMGtqhKTC1K.js Show response
static.xx.fbcdn.net/rsrc.php/v3iI4w4/yH/l/ru_RU/ Frame 2C67 530 KB
137 KB 8ms
4ms XHR
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iI4w4/yH/l/ru_RU/JMGtqhKTC1K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d96bcc4ad289924295ab141fce1142c63721b0d57bf65d26905b0160b8ce42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U1HcpVnILDkzTcrb0f4gJQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139735
reporting-endpoints
x-fb-debug: wrAeLI2trhf76eTTY0/yqbiXWFrv/BDN04v2OsD4Q/aO/X1JbEmJG1Be4FX+k0dk/2WRtVEhKUQHEuRK8xio9g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1,i
expires: Wed, 11 Dec 2024 22:14:37 GMT

GET
H3 204 pv Show response
api.btloader.com/ 0
12 B 149ms
149ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=Ry2lvF1kC&w=5115845767331840&o=5678961798414336&cv=2.1.26&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&sid=QFw8DsIj&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Dec 2023 17:56:12 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 55ms
2ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 16:51:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3873
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 13 Dec 2023 18:51:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 41ms
40ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5d51f834897bf5cf2c476ab8331ef15f8b10e22439de535dd15078f9449b858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 17:56:12 GMT

POST
H2 200 83501513aa79b012 Show response
www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A72A 0
262 B 25ms
25ms XHR
text/plain 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/83501513aa79b012
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 83501519bf47b012-NRT
content-type: text/plain; charset=UTF-8

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 22 KB
5 KB 45ms
2ms Stylesheet
text/css 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ja.mzpd0LwwNf8.O/am=AAM/d=1/rs=AN8SPfr5XdV9pKn7iMiDweycteZXW3393Q/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 10:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 10:33:58 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ja.mzpd0LwwNf8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfppeho2TcFQcoUCoEd1i-2P25EVgA/ 255 KB
88 KB 46ms
3ms Script
text/javascript 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ja.mzpd0LwwNf8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfppeho2TcFQcoUCoEd1i-2P25EVgA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ja.mzpd0LwwNf8.O/am=AAM/d=1/rs=AN8SPfr5XdV9pKn7iMiDweycteZXW3393Q/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8abe56f67c72b6b5ba0f7e27e49d42791f1b687f45b7e370f2f78bf50ec9ae55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89471
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:12:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 10:54:21 GMT

GET
H2 200 mulvane.js Show response
go.ezodn.com/parsonsmaize/ 1 KB
933 B 11ms
10ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-3&cb=6
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671c9364f35b1a7ef0f50cb98b0cc36cbd6acb045e51c304daa97f6732c4ad33

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Dec 2023 21:12:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 420183
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FdO4%2BUaoVADIyS%2BjpzEpih0C417IVCz3Ha%2F9c3GgUF93cnx41nHCbyOKvTUdAua9TvMoWk%2FsqZTotoEe0ArmWug40pLEx9RemlGGlqeGFddyDPsnMHEfYd14C970%2Boes4h0x%2B%2F6%2F5dqG0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501519d93380c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 wichita.js Show response
go.ezodn.com/detroitchicago/ 3 KB
1 KB 11ms
10ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/wichita.js?gcb=195-3&cb=11
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57fb5c3143dc7de46119d0eff3a92a5a04b5e9da836143f33a5ab34cd2bdba72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Dec 2023 23:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 410698
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYXjA%2F8d0gVgWhLrCIKo0T7Jck1ZqqNNRphkNmZP5PsUktTPXQS5bqNJtOPB3XvTpBm6dzfCESwXCvhMKoL3UREXioNc3jDngcZZjSSQ97qFDrob0WT17ZmTd3uIvxRfkXo3vNpsQxHxGK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501519d93480c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 raleigh.js Show response
go.ezodn.com/detroitchicago/ 2 KB
1 KB 26ms
25ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/raleigh.js?gcb=195-3&cb=6
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Sep 2023 08:19:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2926301
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fi5qe6l87Cfgm383UuCcvDjwnodAi0ZyNuEDkTc%2FB49F1vKZV5GG5erP%2FMmtAT8JXwtK8v1bvLreqENNnZkcbdZJ9WVxjMgBVs8QSzyeGkbX4a2tyzRfA0u0ZCp3nTi%2FNNmJGZW5gOrr2%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501519d93580c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 vista.js Show response
go.ezodn.com/detroitchicago/ 1 KB
823 B 10ms
9ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/vista.js?gcb=195-3&cb=5
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 079f59405da9aed3725440b658577d5b8f974dc7cc3a87f9cbe0dc82d235c13d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Sep 2023 02:10:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2926301
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e259%2FTu09hRDjS1F7a5mIL2BI27eTZ2cHJxlyns%2BnTFV%2Fkf0KmUog2baWQP4BAl0RwfSu3%2BKMkX1%2Fx%2BijnsHXS8A2oDCuu3tcuangrri9%2Fr7D9sSMeMA9qMD9%2FseqhCLCwRZRqNTwGgzqO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501519d93680c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 tampa.js Show response
go.ezodn.com/detroitchicago/ 723 B
717 B 12ms
12ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/tampa.js?gcb=195-3&cb=5
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 01:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3704731
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BgBl4O3y0PH%2B5xrvIQlpcd%2F1EFrWiO5foTHEWnHtfvaRSiSaANq2vda8KNjGXcsIul8sct5zxhwelYqBvSxqfEWT6UQKBGUv%2BSsKkPkHqorp1KCaiTWO4HNsgMKf5lI5jlTYQZfbdG28ks%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 83501519d93780c3-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 4ms
2ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22621
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 12 Dec 2024 11:39:11 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
744 B 312ms
167ms Fetch
application/json 52.76.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&tmax=1000

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.76.98.54 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-98-54.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
accept-ch: sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 184ms
174ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO2689O
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 75fdc031ed533329068b4deca6591889b5ced2f24c00ae7135fcca95e55f1e3c

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:11 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mediafire.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 99
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 17:56:12 GMT

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 614 B
741 B 218ms
73ms Fetch
application/json 54.255.18.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.18.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-18-102.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: c0083040475984302a491d8c506d596d004b4090490d1b366513c114915220a6

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 371

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 652 B
708 B 243ms
98ms Fetch
application/json 54.255.18.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.18.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-18-102.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: d2173d3b60cf4b9fa8877d6676d67d83162173aa7196bf6733b7930cb9bb9831

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 339

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 511 B
655 B 242ms
96ms Fetch
application/json 54.255.18.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.18.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-18-102.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: f411fce954a269a1d2603889751b6fcd80e15a9312da2db1af26e9be764e0b59

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 286

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 745 B
795 B 221ms
76ms Fetch
application/json 54.255.18.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.18.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-18-102.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 4b800de57b737c1225bdd8d946fa586d0c1607a0aceb3a4988f968550fb37e3e

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 426

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 744 B
775 B 284ms
139ms Fetch
application/json 54.255.18.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.18.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-18-102.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: b83bb00e4062d3c9f480f744f32e2753309593140b7a9f9af6fd2e28c841611a

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 407

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 22ms
5ms Fetch 207.65.34.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.mediafire.com
date: Wed, 13 Dec 2023 17:56:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 42ms
41ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=218028563&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&ul=en-us&de=UTF-8&dt=TIDAL%20v2.93.1%20%5BMod%5D%20(xC3FFF0E)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=641276841&gjid=128516443&cid=1973736332.1702490172&tid=UA-829541-1&_gid=1881301551.1702490172&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&cd1=unregistered&cd7=legacy&cd3=archive&cd4=51&cd5=apk&cd8=%2F100%2F&jsscut=1&z=860941238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 85ms
42ms Ping
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693z86304663&_p=1702490171852&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1973736332.1702490172&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702490172&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk%2Ffile&dt=TIDAL%20v2.93.1%20%5BMod%5D%20(xC3FFF0E)&en=page_view&_fv=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&tfd=1255
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 143ms
46ms Ping
text/plain 2404:6800:4008:c15::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K68XP6D85D&cid=1973736332.1702490172&gtm=45je3bt0v887485693z86304663&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c15::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 87ms
43ms Image
image/gif 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=1973736332.1702490172&gtm=45je3bt0v887485693z86304663&aip=1&dma=0&gcd=11l1l1l1l1&z=2044660953

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 olathe.js Show response
go.ezodn.com/parsonsmaize/ 2 KB
1 KB 12ms
12ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/parsonsmaize/olathe.js?gcb=195-3&cb=23
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 21:13:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1276092
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8zeYuehZFdfAQ6Dmn6NbplkRzpPoO%2B5ArHoa3cDG9hzVeFNSKncPrs5m6Da2Wc7Ixc%2FZZgYMcO46rBOPeN%2Fc%2BpASx1ClWspRuWDNDKOcooFqcpE28fOVpgJ6LnNmVIcRpVAvzg4jMnyj1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8350151a4c578a6c-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 chanute.js Show response
go.ezodn.com/parsonsmaize/ 21 KB
6 KB 12ms
11ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=8&dcb=195-3&shcb=34
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bfd4efdc0e50c7ddf838d314861e51615398c1240fe5059d6f742b07763190

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 19:58:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78932
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dn3btOC5tiZjekmCaeMQMLPoni8tzlephFM0MFzixBDupOs50KIp9OglaI2ARVEzsk83vt629KYp7xxiHwsWpgMtRIoy5Aw%2BINYUStc9XRBPJo%2BGNP1WmGUEngMos7eIIfr3L4xvFi39Kw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8350151a5c588a6c-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 vitals.js Show response
go.ezodn.com/tardisrocinante/ 8 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700:e0::ac40:6a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/tardisrocinante/vitals.js?gcb=195-3&cb=3
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549bd3e9e2cfe91e355ba68c1fe15c0af27e0391123630b9ccfbbbd559cdba47

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 22:07:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1022542
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcWcYjk2PH8dr89LRmLrnbGNarK0l7UkCZK6Fdrq7hHe5M5ZrgsMvPpWlO029cRvWc5%2FvIIEf3NndPohueuA0S%2BIKiyFdd093Ttvc2OsQo955KNGsdGvLwJj%2F8lGWklsGyzsf2Xus3p%2ByD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8350151a5c598a6c-NRT
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated Show response
/ Frame 7AC0 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 46ms
3ms Image
image/svg+xml 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 06:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 06:41:26 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 2ms
2ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:08:18 GMT
x-content-type-options: nosniff
age: 380874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Dec 2024 08:08:18 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 2ms
2ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:45:35 GMT
x-content-type-options: nosniff
age: 227437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 10 Dec 2024 02:45:35 GMT

GET
H2 200 183096492 Show response
fundingchoicesmessages.google.com/i/ 181 KB
60 KB 86ms
82ms Script
application/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/183096492?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0a30e7b8435b6e19e45928ac521826c341acceabb3b3ea326a3215067e256eb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-k5ihC7mSu6Uge0XxuSzjRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-k5ihC7mSu6Uge0XxuSzjRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
353 B 87ms
45ms XHR
text/plain 2404:6800:4008:c15::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-829541-1&cid=1973736332.1702490172&jid=641276841&gjid=128516443&_gid=1881301551.1702490172&_u=YEBAAUAAAAAAACAAI~&z=1364302561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c15::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 13 Dec 2023 17:56:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 imp.gif
g.ezoic.net/detroitchicago/ 43 B
196 B 71ms
71ms Ping
image/gif 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/imp.gif?ez_orig=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-encoding: br
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.mediafire.com
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type
content-length: 47
expires: Tue, 12 Dec 2023 17:56:14 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 84ms
40ms Image
image/gif 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-829541-1&cid=1973736332.1702490172&jid=641276841&_u=YEBAAUAAAAAAACAAI~&z=1399140875

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 40ms
39ms Image
image/gif 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-829541-1&cid=1973736332.1702490172&jid=641276841&_u=YEBAAUAAAAAAACAAI~&z=1399140875

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxX3mAXqf36NRNh-U-cCE6_eeAgJRf-eVroiSEwHGZamWXmCKvWHCsyVXerBfDMKDt1poFu0p1CkPstN_7u5LkfcUUbJZ-Afrtj5IGKSZBDM2u9Wf_0PlIBniihR4ipyMEazPu6okA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 109ms
108ms Script
application/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX3mAXqf36NRNh-U-cCE6_eeAgJRf-eVroiSEwHGZamWXmCKvWHCsyVXerBfDMKDt1poFu0p1CkPstN_7u5LkfcUUbJZ-Afrtj5IGKSZBDM2u9Wf_0PlIBniihR4ipyMEazPu6okA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNDkwMTcyLDcwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlX3ByZW1pdW0vcHpveGo2eXh6N29laml0L1RJREFMX3YyLjkzLjFfJTI1NUJNb2QlMjU1RF8lMjUyOHhDM0ZGRjBFJTI1MjkuYXBrL2ZpbGUiLG51bGwsW1s4LCJpSEhERWxtcEQtZyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

170d213089b3f428c4f5a232a9fd27469795bb6423c40ea564cc0ef0be6b2c9a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IFL0B5PhpC6LA1xXOGLvOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IFL0B5PhpC6LA1xXOGLvOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 14ms
2ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 13 Dec 2023 17:56:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 34149
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-nrt-rjtf7700038-NRT
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 23ms
13ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: FZEZREHY2SMDXSRM
age: 2970
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8350151b8d166882-NRT
x-amz-id-2: E/7Lw1qzjDeUPS/T30P4rfZUYPwLTHhQhKWDo4qJ6D3lCs4Y7S04xG4uocOZvsZYfnXI/dqEKgA=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 9ms
2ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:29:45 GMT
content-encoding: gzip
age: 768387
x-guploader-uploadid: ABPtcPov-txRzSmQTRO-Tz408XDiITKVvPNRo9Mu4E3aZKZgOTVSS2nrvbBIooMmUkM8ZWHdCPvkPanRjsnrlPSgAeT94w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:29:45 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 536ms
86ms Script
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 17:56:13 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 76ms
3ms Script
text/javascript 2600:9000:21ee:e000:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:e000:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 12 Dec 2023 22:53:09 GMT
Via: 1.1 a7ba7c0fdfcb62d50e6c6823a005229c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: NRT20-C4
Age: 68584
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: v2CIXFTr3TGNfCQtXZige0rzT9ompD0WLrLYHOxGPqIeXGxrlCBzhg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 18ms
3ms Script
text/javascript 65.9.42.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-118.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:33:31 GMT
content-encoding: gzip
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C5
age: 84162
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ZB5Ex8qkRnDxo87KyWkpF7yY3al9jkKeRfrZdkavk0ZDynS2q0jhng==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 241ms
234ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 956f714020ab13c0fc01eaa7d80f7b38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&rid=esp&cc=1

85 B
194 B

152ms
150ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&rid=esp&cc=1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 3343edbd54eefb1c3665945a3accb84c2ebb230798c32adee3099c25032319d4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:12 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-O8nQq3YWI44ZTuSi7HYQYl4P7Rw"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 13 Dec 2023 17:56:12 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.mediafire.com
location: /esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 1044ms
554ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mediafire.com
date: Wed, 13 Dec 2023 17:56:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
695 B 240ms
85ms XHR
application/json 18.139.4.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.4.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-4-93.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bde63048aeeb84d52424f33e5bf7aa45289cb11420d45f7ec430e2ecfcb1ced0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache
x-server: 10.42.16.161
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 298ms
297ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1560272014423238&correlator=143328824146655&eid=31079956%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=183096492%2CMediaFire-Zone1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&didk=2298854458&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1702490172815&adxs=552&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&vis=1&psz=960x1500&msz=728x-1&fws=0&ohw=0&ga_vid=1973736332.1702490172&ga_sid=1702490173&ga_hid=218028563&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqtrJosYxSABSAghkEhkKCnB1YmNpZC5vcmcY2NrJosYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKrayaLGMUgAUgIIZBIXCghydGJob3VzZRiq2smixjFIAFICCGQSFAoFb3BlbngYqtrJosYxSABSAghkEhkKCnVpZGFwaS5jb20YqtrJosYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiq2smixjFIAFICCGQ.&cbidsp=CrUBCAESHQoKdHJpcGxlbGlmdBC7AiACUgp0cmlwbGVsaWZ0EhkKCG1lZGlhbmV0ELsBIAJSCG1lZGlhbmV0EiEKDHNoYXJldGhyb3VnaBCnAiACUgxzaGFyZXRocm91Z2gSGAoIcHVibWF0aWMQMCACUghwdWJtYXRpYxgCIiQ5NjBlMzI2My05N2EyLTRlZjEtOGYxMC0wNTQzZGZmNjY2NzkqBAgDIAAyB3Y4LjEwLjBA6AdKAA..&dlt=1702490171777&idt=790&prev_scp=dkey_present%3Dfalse%26buildnumber%3D121918%26dladtemplate%3D51%26button_delay%3Ddisabled&adks=630197753&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f6c78a1810ee4d31cc77797b98597fce97e24f695bc7cdff58e58ad0cf73db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10514
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
14 KB 368ms
367ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1560272014423238&correlator=3924284823290240&eid=31079956%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=183096492%2CMediaFire-Zone2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=2&didk=2784911678&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1702490172825&adxs=320&adys=120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&vis=1&psz=960x1500&msz=336x-1&fws=0&ohw=0&ga_vid=1973736332.1702490172&ga_sid=1702490173&ga_hid=218028563&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqtrJosYxSABSAghkEhkKCnB1YmNpZC5vcmcY2NrJosYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKrayaLGMUgAUgIIZBIXCghydGJob3VzZRiq2smixjFIAFICCGQSFAoFb3BlbngYqtrJosYxSABSAghkEhkKCnVpZGFwaS5jb20YqtrJosYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiq2smixjFIAFICCGQ.&cbidsp=CrUBCAESHQoKdHJpcGxlbGlmdBC7AiACUgp0cmlwbGVsaWZ0EhkKCG1lZGlhbmV0ELsBIAJSCG1lZGlhbmV0EiEKDHNoYXJldGhyb3VnaBCnAiACUgxzaGFyZXRocm91Z2gSGAoIcHVibWF0aWMQMCACUghwdWJtYXRpYxgCIiRkMDFiZTAzOC1mNzBlLTRhYTYtYmFiNS1iNWUxZWVkMTI0OTAqBAgDIAAyB3Y4LjEwLjBA6AdKAA..&dlt=1702490171777&idt=790&prev_scp=dkey_present%3Dfalse%26buildnumber%3D121918%26dladtemplate%3D51%26button_delay%3Ddisabled&adks=3841872593&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5448298b4b2215a0d6c3b7825fe092f1fde4df2bf35722e3df64a12dd6740db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14643
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mediafire.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
44 KB 345ms
344ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1560272014423238&correlator=688748975248355&eid=31079956%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=183096492%2CMediaFire-Zone3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=3&didk=3528871077&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1702490172830&adxs=320&adys=420&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&vis=1&psz=960x1500&msz=336x-1&fws=0&ohw=0&ga_vid=1973736332.1702490172&ga_sid=1702490173&ga_hid=218028563&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqtrJosYxSABSAghkEhkKCnB1YmNpZC5vcmcY2NrJosYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKrayaLGMUgAUgIIZBIXCghydGJob3VzZRiq2smixjFIAFICCGQSFAoFb3BlbngYqtrJosYxSABSAghkEhkKCnVpZGFwaS5jb20YqtrJosYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiq2smixjFIAFICCGQ.&cbidsp=CrUBCAESHQoKdHJpcGxlbGlmdBC7AiACUgp0cmlwbGVsaWZ0EhkKCG1lZGlhbmV0ELsBIAJSCG1lZGlhbmV0EiEKDHNoYXJldGhyb3VnaBCnAiACUgxzaGFyZXRocm91Z2gSGAoIcHVibWF0aWMQMCACUghwdWJtYXRpYxgCIiQ0MzcyM2U0NS0yZDk2LTRhMWYtODNmMi0wMmRlMDU5ZTc2ZGUqBAgDIAAyB3Y4LjEwLjBA6AdKAA..&dlt=1702490171777&idt=790&prev_scp=dkey_present%3Dfalse%26buildnumber%3D121918%26dladtemplate%3D51%26button_delay%3Ddisabled&adks=1870779098&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32b2e74c7d9e0baac59a55842c2c72fec70fc5f4cf3a582661f4897cb805c86d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44700
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E41E 6 KB
3 KB 93ms
39ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:12 GMT
expires: Thu, 12 Dec 2024 17:56:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
44 KB 336ms
336ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1560272014423238&correlator=3597456969773216&eid=31079956%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=183096492%2CMediaFire-Zone4&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&didk=2372303816&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1702490172888&adxs=430&adys=1095&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%25255BMod%25255D_%252528xC3FFF0E%252529.apk%2Ffile&vis=1&psz=960x1500&msz=728x90&fws=0&ohw=0&ga_vid=1973736332.1702490172&ga_sid=1702490173&ga_hid=218028563&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqtrJosYxSABSAghkEhkKCnB1YmNpZC5vcmcY2NrJosYxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKrayaLGMUgAUgIIZBIXCghydGJob3VzZRiq2smixjFIAFICCGQSFAoFb3BlbngYqtrJosYxSABSAghkEhkKCnVpZGFwaS5jb20YqtrJosYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiq2smixjFIAFICCGQ.&cbidsp=CrUBCAESHQoKdHJpcGxlbGlmdBC7AiACUgp0cmlwbGVsaWZ0EhkKCG1lZGlhbmV0ELsBIAJSCG1lZGlhbmV0EiEKDHNoYXJldGhyb3VnaBCnAiACUgxzaGFyZXRocm91Z2gSGAoIcHVibWF0aWMQMCACUghwdWJtYXRpYxgCIiRhYzk3NWE1OS03ODhlLTQ1ODItOWM1Yi1iZWI5NjE5ZWJhOGEqBAgDIAAyB3Y4LjEwLjBA6AdKAA..&dlt=1702490171777&idt=790&prev_scp=dkey_present%3Dfalse%26buildnumber%3D121918%26dladtemplate%3D51%26button_delay%3Ddisabled&adks=215913335&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa3858220f26b5b31d0b3815ee84be94bfcc4e82398fbd0bf6cc5e1c3612434b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44599
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 5289 484 B
725 B 58ms
43ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f4b6c2d2b1cd71a3e1836731f97f79e43e85f96bc19efe59751bdf3891ac3d3d

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 308
content-type: text/html
date: Wed, 13 Dec 2023 17:56:13 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7810 6 KB
3 KB 4ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:12 GMT
expires: Thu, 12 Dec 2024 17:56:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5289
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0&gdpr_consent=

43 B
240 B

44ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=a2a8e709-ebaf-7d5e-de52-3b899f52fcc3&gdpr=0&gdpr_consent=
date: Wed, 13 Dec 2023 17:56:13 GMT
server: Kestrel
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 5289
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXnwPcCo5ssAAIo9gk0AAAAA

43 B
171 B

39ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXnwPcCo5ssAAIo9gk0AAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 13 Dec 2023 17:56:13 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.168","key":"ZXnwPcCo5ssAAIo9gk0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad167"}
X-SO-Key: ZXnwPcCo5ssAAIo9gk0AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad167
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXnwPcCo5ssAAIo9gk0AAAAA
Cache-Control: private
X-SO-HostName: m-ad167.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 13
Content-Length: 0
X-SO-LB-Hostname: a-tgng40007.dc2p.scaleout.jp
X-SO-IP: 31.204.145.168

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 5289
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af2agjxQfRoyks8AED1M4RSt788AAAGMZFJvKA

43 B
97 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af2agjxQfRoyks8AED1M4RSt788AAAGMZFJvKA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
via: 1.1 ec7e029564542f4eb6196ab046d31626.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Af2agjxQfRoyks8AED1M4RSt788AAAGMZFJvKA
cache-control: no-cache
content-length: 0
x-amz-cf-id: nzMChE2HZsfdd4AYlA-VJeRemMjT4PKJjde6GDQsqPgg6KY_JcZn7Q==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5289 170 B
243 B 88ms
41ms Image
image/png 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGVjNzM0YzMtMjJkOC0yM2ZhLWNiYjItNjEzMDU1YjAzMmEz

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5289
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDkQ3VkVcThMPIlse_pVAm0&google_cver=1

43 B
97 B

40ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDkQ3VkVcThMPIlse_pVAm0&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDkQ3VkVcThMPIlse_pVAm0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2597 6 KB
3 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:12 GMT
expires: Thu, 12 Dec 2024 17:56:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DBF6 469 B
804 B 124ms
82ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COSyFxCEqpkBGPaziP8BMAE&v=APEucNXDE0E4VixaUA2ZlHT6v5Ue5XK8qJeXCU1lopLz-inhACEo_Ar2mEX60oIQ19_yORAPFPoML9C9rerNC-ljEjCSZL6YYS6unYQkX4gt8qj__mMy-h0

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:13 GMT
expires: Wed, 13 Dec 2023 17:56:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7810 89 KB
31 KB 133ms
90ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:56:13 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7810 42 B
118 B 82ms
40ms Image
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxCPQKxhB7m9JD2mlk6X0ztq3NWV-GrTyaYAM21I3On2SZT_xONjOVN-nc-BfW5Neo9pw7izU6yDI9OMMmcPk9V1KY6xTgTyPe0ymREQzqvPmcDcc

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7810 3 KB
1 KB 55ms
6ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:53:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7810 20 KB
9 KB 51ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:53:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7810 203 KB
65 KB 111ms
70ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:56:13 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame EA33 196 KB
56 KB 52ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:55:11 GMT
age: 525662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:55:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA33 15 KB
5 KB 54ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 23:54:31 GMT
age: 151302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Dec 2024 23:54:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA33 95 KB
29 KB 55ms
6ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 18:34:10 GMT
age: 429723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 18:34:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA33 5 KB
2 KB 56ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 19:42:08 GMT
age: 598445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Dec 2024 19:42:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA33 40 KB
13 KB 56ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:58:35 GMT
age: 525458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:58:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EA33 5 KB
1 KB 84ms
43ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d816458b15e8caa008d5a4d7e5936cd054342983cc03230cb2419f8fe386da78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 17:13:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 17:56:13 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EA33 3 KB
3 KB 29ms
7ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 12:15:25 GMT
x-content-type-options: nosniff
server: cafe
age: 20448
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 14 Dec 2023 12:15:25 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EA33 344 B
474 B 26ms
4ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:42:57 GMT
x-content-type-options: nosniff
server: cafe
age: 79996
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 13 Dec 2023 19:42:57 GMT

GET
H2 200 12674833269022295897
tpc.googlesyndication.com/simgad/ Frame EA33 9 KB
9 KB 28ms
7ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12674833269022295897?w=100&h=100&tw=1&q=75

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

741f7005b31dfe2f65524eecf96bb84736675a392fd5846ed85118ec214149b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:38:57 GMT
x-content-type-options: nosniff
age: 238636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Fri, 08 Feb 2019 00:11:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Dec 2024 23:38:57 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16640623807318347043/ Frame EA33 9 KB
9 KB 27ms
6ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16640623807318347043/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517628f43f729dd8c2aa16f7c073c056a4dd36488e5b2921544011103e8278bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:17:35 GMT
x-content-type-options: nosniff
age: 423518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8929
x-xss-protection: 0
last-modified: Sat, 01 Jul 2023 02:18:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 20:17:35 GMT

GET
DATA 200
OK truncated
/ Frame EA33 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 738cc755a5e941f039a07b37cbb16247a8fa3215f73bc8c29e18fe597820c35c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EA33 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EA33 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5645fbd3430f802b80e89f214e47358aaf1af2e82a8a337ccad6860293e2f604

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 88AD 469 B
482 B 92ms
86ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYjJjW-gEwAQ&v=APEucNXmfqHrHAn6QrPOR9h_7VwyQU77RBUw1EFo1aZvTXvcEITS6Ga6tC07m1avUalGH9SxuHtuvgFIteujuSWYuQAU4EyMocyWElxb1Kb5Vys1lRBNPPg

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:13 GMT
expires: Wed, 13 Dec 2023 17:56:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2597 111 KB
39 KB 52ms
3ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Origin: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 02:25:14 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 2597 7 KB
3 KB 4ms
2ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 19:42:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2597 24 KB
9 KB 3ms
3ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 11:48:35 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2597 41 KB
14 KB 9ms
5ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2597 3 KB
1 KB 10ms
6ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:53:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2597 20 KB
8 KB 7ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:53:51 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2597 42 B
107 B 42ms
39ms Image
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpakFrsB6HkqO2zkVOuY6ik1AmDfl4gnsEHwzpBP6Iamuh_w_LIlVisxsmGhP47BvtZbR3DUC6P3YdJ3vp6mAcrTAiFcYRebtpshzCcFlveDcYE0s

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2597 203 KB
64 KB 106ms
103ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:56:13 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A112 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 51500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 03:37:53 GMT
expires: Thu, 12 Dec 2024 03:37:53 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2597 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f919ddd1456ed6a6ed1f9c9f32a3195c238db8e0ea19b2538d606ac6cdb0ddde

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 99A9 6 KB
3 KB 3ms
3ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:12 GMT
expires: Thu, 12 Dec 2024 17:56:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A112 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 11:48:37 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 31D7 469 B
262 B 86ms
85ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYpZjW-gEwAQ&v=APEucNXWRHYcFXo1RBMd-dY7UrIuFeYZUcEHn-lT-yoDINnqpogk4IgDZuLIvsR-4JZXjcc_KyBwdCjFgVdDzwZCMfmgg4xm3xmm25L05nDMrwjlwx09ANk

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 99A9 111 KB
39 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Origin: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 02:25:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 99A9 7 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 19:42:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 99A9 24 KB
9 KB 5ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 11:48:35 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 99A9 41 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 99A9 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:53:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 99A9 20 KB
8 KB 4ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:53:51 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 99A9 42 B
63 B 41ms
40ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVQDYcYC6WBoExi4evrSnuzFVWNUJqs4XzprHZoBZ3fB8UuizN2hlUapGCCxkaBWoZdRqp5b4CNfjPra06XPoExOoyfRRdw6fMnhD3StgyxUgP5gs

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99A9 203 KB
64 KB 118ms
117ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:56:13 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame EA33 47 KB
47 KB 43ms
3ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mediafire.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:42:53 GMT
x-content-type-options: nosniff
age: 80000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 19:42:53 GMT

GET
H3 200 Ad7-336-280.html Show response
s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/ Frame E07D 6 KB
2 KB 41ms
3ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/Ad7-336-280.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23b362d821b7c886e3147b2834f63bcd353bb1e0371a87af49e3408d9e3977c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 422095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2317
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 20:41:18 GMT
expires: Sat, 07 Dec 2024 20:41:18 GMT
last-modified: Mon, 09 Oct 2023 15:48:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 2597 0
0 50ms
49ms Fetch
image/gif 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuRTbADqqOUL2onZvGgMdXvQgbgCiRYSOZew83kMdF5nNz5PsxS9bl-6g7mdsVwOxTeDExtYCSCAROiKjvirGHEHKDau2pEnYxP_9UTw6ltLO4ECHHOR9hR3UYexY1EIi4TIDpg9N49CcuQ5BzlN7ygzDpXvNH2nAdseK3eN4B2nz4_DH0amMrDcBuTCmiWfTUK9q1nDf57uZpBO-NQoE-P7_7SKTNXkzFLVDNaOMaCFGX-9giVw7y25fSkitWxWbiEJxqcFAKSi8_YZeF5U3RLWbQ49VUBvIC7eP4iulAbSI6fe_UDBPQ0dwIxyF8VsamFMrxg2y4sjMz2U6VyGFeViksxBucSVcFbeb_qjiGHFWUhkhVdOiTuyAMVfWxKYZtT70Ki3_xesba_jBa49sQAkvBGbJN1xntSmz79-d4eGChSpVX1KrDH-v8iU57MJagdYbTUj3AYXE6Zf4vn5x-LMKdTdViNjyoN6YsRcXEkeX87TqMhQnrIYUYkN6SByIXoojkG_TJEPEhYkq7JaeAuhhEmc7d8TwUHSCTvLVg-G5JxqANbotteDwVZW8o3RMHGuyrMtz-mvJtB7k0TMNnhGeStraygwmXMORuI4mBsd3Ob7iKq3e0uCIXsEaR4dR4gp3LYUOHiylZu_G42FvAnmrNhYvZ4xN7xxoU1asry5GVSVV71vMTlsVBfogasf3R0H8-KgiDVKSkHmIeKaSv3LUBsz1vuTm0IWX1gWmPtnk1tlItXCtsFRvDYtj9elQMYHvf5dYL0t-GC6li7EoIxcA23-8i9EZcDn1yzdKULijpIaBceJe3utuP8c4j5X1BT2zfydFP9XxpZuS372g8YhnmG4K-vpgebNHpiwo4Qpmno4fQC9eSfutvowiFzqaupHoUdcH8bVCTkriNyzO94A6pA9WAUJuze5-STQKloUrt2VgMNSYTTKd5aLhSf8iEQIqxbrWLqDcjeQWy9aP_Q-virvCzL5PNLvfwoBEDBmQk5_JmD59cwrSPai5Krs9d8w8pKg7E822DirKlmhsb9aCaHXnjDxl8_-pRCqc-Up3sz5GDp4e79uB59OpIEWQ9wnRunyHHwYUk27PqA4qtwqEfZRLHmuZ9_cE0YaCGJjeWKRF6khYdD9HJUrjUVGXXkIMtG4JYRrzyHLM0BnrmXwGD-0Rjkp6KnBMjJi-s6Vr-BkJpRD5Br0Cj6sYpTQiHUrjM7xv37I625k5eRssGTs7GrkJLNpVNkY-v71QGxEwac_PqFF0LSb0J0D0VlnXvz8sRrolz2Rk7_vGsZlMy0PE6eFjmXt6F677XRpvEWUjz9As-VG3HL2X_KOxFCAApFR4CfNGhoyKH_u6nGSDirudll6Q_8KC-y6VBqAhIluCGjdJS71uxRL8sioRhZEA5nqsgb&sai=AMfl-YRsyWm6wA1K3rMMtGYuFlXwX4a6g6ZMejcDECcJkdITWfHT7yOG2flUgmSZ7zngOmXcA1nIcuahjpilBEbVuFA-MkeaIRRj1-FW2uuwzgQpPPP315lzwTGcWhg7tDESy28Lr_VNsAgkTsubKo6X6-W2JCKeZP0Yrsu9JYSPiAPMSzP2pCZPUEM-wR_1Vc14nCaAUmVfdRhBJYetXTinetOUwaQmVWdU9sAulx93f7PrqaKWn9nXtQVfbRJNAlcIYH7jYg6zoamV7bteRZwGKoqtotDlkXqfDS-jhZcQppc2ZH0WsS5t9y5XYpvf9gCiItfpqt7ooD6G58PvpyKKjwdWtZTUp5I71TvBnnYc6wM2vzIuk3m3__2x0z_sn1t5ndd-s08JOuXC7XxTe0bODnPWFivurj7k_Z_t6qZEpP7d_F1lgxqdw11gUrpWpG6hIZ36mHdEqvtZLT-PUznJJnHUv0JWS_iVeiNQC9XD-Usxj4U1-pZqMd_MNKuBmsWtXe-N&sig=Cg0ArKJSzNDUr3byV2vvEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=123&cbvp=1&cstd=121&cisv=r20231207.59106&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBF6
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
232 B

40ms
40ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COSyFxCEqpkBGPaziP8BMAE&v=APEucNXDE0E4VixaUA2ZlHT6v5Ue5XK8qJeXCU1lopLz-inhACEo_Ar2mEX60oIQ19_yORAPFPoML9C9rerNC-ljEjCSZL6YYS6unYQkX4gt8qj__mMy-h0

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 17:56:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DBF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0

43 B
344 B

17ms
17ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COSyFxCEqpkBGPaziP8BMAE&v=APEucNXDE0E4VixaUA2ZlHT6v5Ue5XK8qJeXCU1lopLz-inhACEo_Ar2mEX60oIQ19_yORAPFPoML9C9rerNC-ljEjCSZL6YYS6unYQkX4gt8qj__mMy-h0
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3R%2BAWb3Dp9lJ2%2FO%2BIe3N%2BfxXCwyZIu2AmbbS0QT6WjrhkKs2BADV1FkNy%2Bq8yeD0FSR3HAMQwrVW9HWkfBYQcU0D7%2FQ3XouEVie0%2B2plQNeTObg9pNv4uiy%2FfvJx7xnfYLPKSfQ54fJhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835015202d78e05e-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DBF6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXnwPcD4ZmNDXAoGAqOCGwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1

43 B
735 B

14ms
14ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COSyFxCEqpkBGPaziP8BMAE&v=APEucNXDE0E4VixaUA2ZlHT6v5Ue5XK8qJeXCU1lopLz-inhACEo_Ar2mEX60oIQ19_yORAPFPoML9C9rerNC-ljEjCSZL6YYS6unYQkX4gt8qj__mMy-h0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajjprFhwokPOQcH68LGdHj%2F7zGaZ%2BGcanZXXjclDb1EQaRsc%2Fpkwsf7nX4J1wIpIZfef27WG7gow8ywmDmJnSiyEHZqAwDUiEjFol2Fx%2Bk8flDLdaib6tiZhbpjwKcwS3xC%2FfOxJTA5Q8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835015208a9a351d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 88AD
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
232 B

42ms
42ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYjJjW-gEwAQ&v=APEucNXmfqHrHAn6QrPOR9h_7VwyQU77RBUw1EFo1aZvTXvcEITS6Ga6tC07m1avUalGH9SxuHtuvgFIteujuSWYuQAU4EyMocyWElxb1Kb5Vys1lRBNPPg

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 17:56:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 88AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0

43 B
329 B

19ms
19ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYjJjW-gEwAQ&v=APEucNXmfqHrHAn6QrPOR9h_7VwyQU77RBUw1EFo1aZvTXvcEITS6Ga6tC07m1avUalGH9SxuHtuvgFIteujuSWYuQAU4EyMocyWElxb1Kb5Vys1lRBNPPg
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjDSYSVip42zkQWUIyo700rjxKuvXuKI9P%2FXOKJ%2B3EK4B%2BjGATMtv5JXWpyBpnZKctdx4i8q50hTuuOuJuM6Pb4d2A8s5JpIx1x1Lgc2yFgY%2FWMSHCi7wu7T%2FeZC5dJVpaGYGKtBHFR7lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835015202d7ae05e-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 88AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXnwPcD4ZmNDXAoGAqOCGwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1

43 B
773 B

16ms
16ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYjJjW-gEwAQ&v=APEucNXmfqHrHAn6QrPOR9h_7VwyQU77RBUw1EFo1aZvTXvcEITS6Ga6tC07m1avUalGH9SxuHtuvgFIteujuSWYuQAU4EyMocyWElxb1Kb5Vys1lRBNPPg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2KmmVZiNfFm6sv8LVjCFYB%2B2ZDNn9tRAFk3sfZoFQ%2F%2FmEQtwN%2BXpoNH6qrDrHBjHVNc1xjoiTPvSlHxtaE6kHwJHrVRqfgCZ5BUdudg7lg5KyzNY%2BYLwGydCFxYbQRxt8JkKvzAOvibrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835015207a95351d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7810 0
20 B 38ms
37ms Ping
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6740059015379&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7810 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6740059015379&version=m202309260101&ct=119&x=1&cor=10892685924483052000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7810 90 KB
38 KB 81ms
81ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQFjQ8txksLJiqOhvGX6jIb9bg2bYwS3vJnUGG4DiR6BYB3GtS7EPdtfcwODhKE6bhlsv8IOrTl0uKFucwbnu20yoQzyM-SN_bq47cCBZ5DAfREs7kttmAL0ufZgx-xFcRBmBGtf4tVivYVk1yrG3f6GcpKrDEBn4oepWq3byU0Iqwp9R988RKql9uSDMKj7pFyy9h&cry=1&dbm_d=AKAmf-AvSJqBR4Pt_h2COambQA-k7DlUpvVcWWGrtPQmtrl-740kKYpBNSpIZYooZTTyFcAHIJ_dqNFwXOwF8K5MWdsiOY48z-EDrlaPnPg950TITLyvlGp9pZyAKI4LcyyxIjGk1OrDbwSW5YF8kXgu8Ldj4ZFH4N5PD-K0RP8ZPsGHshOasdw29JASm5H9wUy4qprIBmxT0YP5wi2UC6ftYCTn-VhzTvKimwHDIi07Pfv7mkYQfP8u78qqpBnCwPSRelz539cb804zSTpk65pXo2_MIU65ldRL3_ROqsnKgh33jQxtVDC5cfWWJWKe6EGldLxsx28r7VkezR3WRRA1_seqphJcwIcMG2bgyEO3f8nsa3tlyhCpefziEclVL0s5rA3AOXaNs2UXBT4THcYEpLZWxyAB6of0ktD3_WQ1p2FW-RIBX0b3F2iruVT1r2-RN2ROUuwoYjloJwLS_j2ZYKPq1IwYEXtR81mQrPAgDuFVwfup-tze7JWJr108CkV93U703HM_qTMRVe_OAu_mcA5PEa5CEj5kELXwHxl6CI6fE1fNVHwQ6rhJ3r6nb6B7RqNN8woVZqjER2IqSMqu7Fx3pKZid2fAAflTKq6ReRelYToL6nH0RzFaDIzIaL1fE-LpJZLx4n81K7SH4f_GtwYJ3GLUDATTLzYV1yWwUJNEmm5w2JvBHfZRunNwrj4CT85AJM8udyfWUg94yGwxqY1b9SSde7vl7oe2WMBbNLyrEsoHF5aZteGFAMsGBoyjaWCpyXvifbo-gQKy_URIZV5wGesiYHQPmYReekoZN8kcfW88yhKdEHAaJLLv8TuDBAdBNn1BhLxl3ojcsTNEUBikk32jiyVLMXpb5eFIbhkBZs5xkldz6pOTHDXGsHWcqCc5LlRPmyNOMKJUo_lFrVeE9Ae25pjlo96-Mvz8GVpsOVTxk-et3ayUr278yZFKTUo-GYMN1-EUoKKWHBDb75xoS7eYSCy8IRN2TUv6gm83TndV3F7pw4Wmw7ajRQWKCh-YNuEfpn0SvJzXmMtCInoeiHvhJdCUBE5zXuPKG4n2hmU4PxEN1LF6ix-7YeuRQH-4rSCl0QzttYDHULVh1Orw1ndzYWHo0yd7mcafdVUkUgiWVWRgRl3Wm2ZmSiaVSi72U5klSvuhs4-sPWv0wG2pRH1iEo4036I0LXB2VZwAEx2Z4o6zEJkV_VtC4vaLG7zSP207ICEQz1xjaP_dT2XUDFD9wYs98nsI9PrMpd_Oc8A6LuepCrBSHlvcfoV8kO2troTKr1wA3aDn_7jIIY4p8MM7gX_PQXQDyAxYk_DfLJV_W889hJ5Ejx5zIK5jKKxR_k7BKebYpdum-tyd2FBI0-TOz2ubJg2aNgm_SD_vOYbP3xrw5ufWXmcjQCjIZ_BI9LzTXr4IZaALgz_pmtqXMPfPJw7e1dhsEZX26BlObuci-AiL1uIvexONKwQW8T0a4j0PopVY6UT3ZJzDEMYtagn4MynTsrrG1POS3ZVvcNRkOGdcj07eZv-aQyse2sjMpkK4x2moVTkxxodcYgd76Ead_rvDA0uVDTIN_RNqm_jD2ItS5S1fsT_mOoRr4rwtwVgjdj6aRKLNCXTKQJu6K5OfkmGS0lYMT5fE8RpkYbxQix3j-eCAEQzrJyxrfWaJgvdQ4D53Qr0pZJr5UR5aoJd82WYUD1y58sGnt1ApHEBrxtNpfAfb3wMwuZSSkrTdxObL2ObfoOI-9mE1l_zoyqCGL3A2mUmv3QtoR2H3hd0obqyE-a4mpAO1cs-W_PhOUGe4PZupyE4Rp2zq2345LG3bx4wycZbF6lkOGwC_A9Gs9OdpkCzJ7A7A27D-KoyRhaC_6r6lrGoBHnp9YbhkE-NzXfu4ywt1Aah5-wdYbc1tiDXZbjCTNylImGEGebOy9_G9v9eGG3FNGtlOXnxQr8uzPyC7qIFs6AfKloCPpKLkHOvol_1w75STkFDFtl4wh74NIACm0ZxqdXbi9_1pigRzSsamJKTQrFChHzhq8kXCsjwVQOAAqGb5aIJ1p-87jIX9X18hUbtF2hsz4fxMJGTsV6wmLJG635yDw97lCh4cgHsXnTm-awCp1w9wNKqLJRv7vxvnicLJWWs335QJJEgAIZ8NA63TkrLJBO3gg-19Xa_AfXfdQenuwqKPYb_G5O-wlOssPGupeTO8PNmdn6gmCmqLFkspLPuZLU0qfS6GfMIslSh6CL-IezagP07lzMJvOmcEGZNtDKiwlhb-hN9dmLn_Q9-ryewMB4vaf7QQ0AQatMCJg7GeKVOrrAzwxfBgoeSNTS06rHh4U5sk_9NCV41LV--Q-Z4eepj4zKMjJC8nbqCF_LPJR6nWuH17D-ZRnW_LDowpWyAHZThP_jsiubuwtol5Kno-G6onihKynyF1WkubI_KXZygS2kEzXhCN8l3CBlSgMFMeY-XPx2o5ru9ecQ-Dl1GvSk9A8LyEnmwMA7ZO7AriUDWsLNtoAcOaLDRLzcKzLdsmkU9JINTZIckgwoogWo2Q8HY_P3qd9nB7YfKCZ9EjNlWvC5SYge6pTrtWdQFh7wNJJdk_Y38zriTqJnp_iFDUESQV0wjAow6fgca0LMH5BLYlrXDPvw91i7BVqL-DI90-mngrbppaA1OtIqS_NdAL5gSniT2FzNcblKpFFZ2Sgq7TDqZZOT1JR0dBsgk3toxtzK1SwH2Hn_c-BbLPpz6z70eWvT3kJhiS3csWfli4qnKJpOd3PkD_TrsEOqtLcnAGpDsMKfBnVh8v88_CAlHbtfYpkCOInjPE9iDtYavCWE-lJ4Ks9w4TY3_cqPJf_rLGuIMyQuG_pui_YvecvzhH45l-A1NlvULAPKqM9xVa9WofUrT3bOkErV--AF6VK2oH5U98-Sh_ITgdKMatA2oOqnLugaI-JNujjyKIBEhfOon8w8CF4e0lXEs3sTM1qrI65kzd7gH1s0eg24Up-LHdud3UB8YVxFhU9D11GFbrigMQXgMQC0qnxuzBd60O11ziXtFAluvYHqlnF1MPf2oFX9Hk2-oTNn2SOYuaUYnpxL3sD_yn44iyKP-6pcss4C5y-P4odAQbPNUk-zVLaNvnC3bEMFSXD5VY3k9TCvv5WIEEQTK-Cb7-hytP5KB9LBCBcftr_hDwyt64qgnXK7CJUP5DZjcpoPl9C4sVw7Z8XQv0WcXL5GDS0EV7SCZ5Wl5DNuAYYAyYRrTZfJusbwGx9loU9YoF4-SNa5w3m_YR2Cu8fkuZOCvdKZUDkKy_LgKofH9Xn0Bgn7WcqyNS8lUzXqyBsf4j7xi2uHszh-QNulZslUOtX6bUPqA7p_a_9ITBUtc_WdtxxZHtPWlpQ72-kfled5bnZgQJqoy48xx6uQkr-fQTqldoVA6uEkAmu74t_QzWiRwd5ts8Fjn7ywhnzBn9Bjt1u1DTK0h5mlKO1k4xv0TxF102hXpJCOwySQ7C6X_D4jGBifc88BYaNcEMp-N0wmf1Y934Oo_lhYNpczEFMzY1jRDiCv6P_1Tj_4iu3mprroyXMScHAAl0BQsI-ZTRQ0aegJnKHIQZWMjyfn6o2Cy569tjFE5nX1eDynqcFarMoLWvWCO15rASQUUOvcQ7bV6Zc3_ZOmHRES_eBYgaDcpCPlQAPmXtcxNqE5aSs00h-s_K5z1NutfmP7wpFBsOdGAgp60MSGTPUgLCrNruknSRjJF_9YveK_5kprq3B8Ci-K9nFpb8-1OmP0-oTfeGx5cHWscF9T0ehKxHMjAIErwGyUxi3eFXEXvrA0CxFkEVgAphrE-n0QVIaBpGMYOqXppE6zsqjHPnLBQro8qkzPHi9WOR1Ye7hmoCVpAoGw0-nWCyinmtlRyB3Qo7MmEc3euXd_U3joxISJPAXAOGwXWSsi21Qru7oInxiAul_z7QVVrK4btbmdqP4uUIJl-RoEL3-88Bhek4TYx_Dys2ZQJQLaVCQoqdcxuHVOnscivdLqMM_E9AGJn8CuZ9-ONVdtLLwdpPg2azB-OpGIJ_cwgMQWffGvVs7550zc8uz9Uiz-KxFiGK1yvofo98XFOCAh5gNloJpEu0wP7IxewLOM71ovb_kcOiHMMkgWanc-eiRq0QYT4WUB1lythVJ-PIzoJjZ8rH6_uNVq7sdyr4sEohPWHUU0Gs5WMQis8nDK1PeixDK0ZVgkH7vHYH1nmQaLqiOZq89L-7K8oZ-P1GwNCpvZTnUwuy4-ROhRImAGxYqxIBSOTd8t7xXgODWUAQahJ7bpFyCJuUeiZWP6xlBv7BMQcw1yS-D9dB0J35Ac7XNnCpxvdrSOxgAt69O7GoVIMHEq7UhQXOXPRkKxi104aOMdlAYsaiA2prFkQnHhotagCUNUcPhLFg2QOTG2zEZSn0gU7rsMHXBatlJygt7d0tH6y2FN3Ap00WSJHLQ8FN6H52tFdOF_Mp3t-_4_UNwiesI9AtfR0tZ0DrhWKhf_kcJHUN&cid=CAQSTgDICaaN8OD2-zeHohXOYF47z5-T4Tm7h-Rv3VtuwgYPlY-f34r4vtKXzPdlMryEWtVrhbge2JQI_n0DQVATieFAntBhbHFQsRq1uAhthhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mediafire.com%2F&ds=l&xdt=1&iif=1&cor=10892685924483052000&adk=4188270524&idt=138&cac=0&dtd=52

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e966a96d9c59b9133559369fd9924afae7dcb2fd56e2be45fca4bbb7bd0f836e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame E07D 236 KB
63 KB 28ms
13ms Script
text/javascript 2600:140b:1a00:19::17dc:4491
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/Ad7-336-280.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:140b:1a00:19::17dc:4491 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:11:13 GMT

GET
H3 200 Ad7-336-280.js Show response
s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/ Frame E07D 11 KB
3 KB 3ms
2ms Script
application/x-javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/Ad7-336-280.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/Ad7-336-280.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b43731a87b06068de23c2267d9e3a8210ffe5a22d38b79e55916ba70520916bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/Ad7-336-280.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436167
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2822
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 15:48:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 16:46:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31D7
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzAyYmY5N2RkZTRjYjdlYTYwZTJiYmJjMDA3NjU2NGI=

170 B
188 B

39ms
39ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzAyYmY5N2RkZTRjYjdlYTYwZTJiYmJjMDA3NjU2NGI=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYpZjW-gEwAQ&v=APEucNXWRHYcFXo1RBMd-dY7UrIuFeYZUcEHn-lT-yoDINnqpogk4IgDZuLIvsR-4JZXjcc_KyBwdCjFgVdDzwZCMfmgg4xm3xmm25L05nDMrwjlwx09ANk

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 17:56:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=YzAyYmY5N2RkZTRjYjdlYTYwZTJiYmJjMDA3NjU2NGI=
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 31D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0

43 B
732 B

14ms
14ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYpZjW-gEwAQ&v=APEucNXWRHYcFXo1RBMd-dY7UrIuFeYZUcEHn-lT-yoDINnqpogk4IgDZuLIvsR-4JZXjcc_KyBwdCjFgVdDzwZCMfmgg4xm3xmm25L05nDMrwjlwx09ANk
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fusPLX0STcQZrJFfIkLilPfVBvJ%2FCwcA7rKXL4uTQq9WcQiV%2BNgnbB6tdc0wMeUMDfD6dBFHcUiQOhZ1KrNvmCpWEUPIOiS7CSATydi%2BHTnyhmp9wKncYT03OS9m2A9jam0Cte6xPuMNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83501520dab5351d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 31D7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXnwPcD4ZmNDXAoGAqOCGwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1

43 B
737 B

15ms
14ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3AThCB-1gYpZjW-gEwAQ&v=APEucNXWRHYcFXo1RBMd-dY7UrIuFeYZUcEHn-lT-yoDINnqpogk4IgDZuLIvsR-4JZXjcc_KyBwdCjFgVdDzwZCMfmgg4xm3xmm25L05nDMrwjlwx09ANk
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMnY16HFtClQ%2ByISkIexeVPTSq%2FsKhgx7OfP51xaErY4BQvIfcoOIVJKGBJHhp6mjl3OqUi0ASo2ulo74J70FEuYqBCNYMRp7G44%2BYPQSOXDa4BL%2BVL%2ByZXnPnLYYgkpHMJl1PLf9swPTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835015211acd351d-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOeGsO4-ROz3EN9J0unxn9Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ad2-728-90.html Show response
s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/ Frame 5E7B 6 KB
2 KB 3ms
2ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/Ad2-728-90.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

178832ec1b6de00ff7563f653b7ef3aff80a86ac4d73f07833935e1d52bbe133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 514109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2313
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 19:07:44 GMT
expires: Fri, 06 Dec 2024 19:07:44 GMT
last-modified: Mon, 09 Oct 2023 15:04:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 99A9 0
0 49ms
49ms Fetch
image/gif 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv__McjH0yVNporq4d_KkqgGBxTmB9QMZMbyj_9VaiD0fnh_tvIYWwknW4oQmTxcifbhQHTwg6FKe5jkr_uq6gLNARVrQteDC0K56STAFtMeDxZ8qFjF2GRdoIsJWq68wjlzytnFNnZjJiG8xsv7-_yGinqFrjjmpLMIBZq4TylXWkhwti1fPR342t2LJKTzoj0VzOw5isD6Jgds5CidMj8NzIi50FP84m9DGqt-bWUgGcr1SjxGXp5DoM7V7Hwfu6wVdqbvqlNxlHaHkVH3aZTdarbIo-DfUOE8MO3waAq8AZzf-4Wm-063RGay1tn5drk_Em8DwtH3o6piSbwb4e5jaqjd5mapoZhCopvFM7AYhFGgti0LYysGoaLvdVlrGwmGziHw9iyOYjUhFauHncIViDoS_JKW5zh4CTN0Ko5LQQj5syxT_w5J2PA0QrMFOOztmdKMaATHQNuxyXD-GscpMwyg2GLbJDpGeoKt2Pb-kudHtCSAzSUoyZhRo6eZJHNY9NbHRv4GAteMCaUL14YrVL_XkgBqLgBnPhPedgWoyafywrpNJdlHysUkscrEgvgyiIUFuTLccAqRpAWLVCe-3fmHKMoMI_1laeWqdrYQGciOn4IksJPcgtCNJSeXxy2rbuNBzFQROH9xAVUv-dQ52ipQBDhOFyDcogsR4xAikLOcmc8FsB-eDnjt7ziE6bCL2mt-4U7Qg1VzIW6tkKjsqRMbTIx7eXPauDhzibYlBW6QLtaMEaPj0HxA4bh6A9_R6QQfCwFnDzMaF4-u707rKwew6qPEw6WIyHuuUEZu7KnL4pqDdgCx_WML-qEKifd0F_nosXCoAH6wl5b9KmXxQ7RZRcGkgban-l2L8uu9zcbl1clsPb2F9y6_Lht8-MJI5GIS5AzlAVp6sTHDKSfbhlNOZjHUa5A_xIYo1ghfPEFfm_YbjcQcawsZl_z1NqL1Kit5_VUBYDAzR7s2Au_5AX1Uxwo5x7MsOV0q29lmA5RkcIV1iHg37qfUwC0KcSKTe40gIxt88JbPpeJKeZtj3Hb-MywsfNcygBEJfvw0MHPaH0k-AL3n2vk5jAwOYHLUrGBtxB0jHinvJquHPiYsdAL1pjTs5wUTeMUbeUVxecO8to4TDEpoSuy8zP8xQWZ9LBB53q0TQQWvF6LrzxwopGRoMsXlMMkcGMX0oN39wUg_ujNlW33H-SeEgzPdqgqabBfmaJ7WKHgryYzt_ffIF5Qz9j4F_h-wZSTKf_k57FhL1-BmpTvB9BnbWrnyrgXv_hrvjXOLokwOUFdWia6htW1PTSOArC8AoIQqKSoTTA_Wz293ZdXeKYTPNXLyMWElGubH0KR2lqSOvyo9_gFB-fT3hjgiTx7HjTEs2TxVVuX9-4CiCy6gXwGl5uGovYniL_zD_02zQ&sai=AMfl-YR1BssgTC2EystlQieGz0eivoJRw733bRM8iyCEU2ifJLeCPVHLYUQGgsbHt1eosEYrrfNvWinERnxp2BedeR5rT4-NQAqKH5a3sJ7xYBFMkPTU5fWv5uRrdQkRJHlAacfZ3YjsQA1ROb_OJ5J8P8mi-DcxKZ-N_x61Hemf2qJj4w2WdRlFTQgOI8D07bD4t_urb9kGFWBb5-L2rWblYJUsNdvuLUVr-LvHGbc-UkzaYhFxsc8DeW8-nIAg2mDOyEjz_CNrStsaaYnJ7l65V8Gzykw7TqHYkmrXy2aecZNfaMMxEQFUPsGyw9WBWEZexWQfTma19DIGNWGwYKmhtZJOrtc943iULtq5gqEs2iaqdYvb2SiBmwlf37iPEYjThJRZZTYMQe4V6QPD3yBCwyslqX5oYnTaZaIrK0eGHtfG0KwUm8Qd-vTpo3OH3xZuGzrO_81wKkjs9Qcfn2tevaeU7p1Tu1uHptIiFKLjfFyIObdoZv4k8vA3jTl47F3gSAVPWsFayLE&sig=Cg0ArKJSzO5JagkiM83bEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=173&cisv=r20231207.10815&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 82B8 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 51500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 03:37:53 GMT
expires: Thu, 12 Dec 2024 03:37:53 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 99A9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61e11d9482b39d73ce9451b87bf3e12a3c55056c44177695306fb36b60c60ec5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 5E7B 236 KB
63 KB 35ms
34ms Script
text/javascript 2600:140b:1a00:19::17dc:4491
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/Ad2-728-90.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:140b:1a00:19::17dc:4491 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 13 Dec 2023 18:11:13 GMT

GET
H3 200 Ad2-728-90.js Show response
s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/ Frame 5E7B 8 KB
2 KB 3ms
3ms Script
application/x-javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/Ad2-728-90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/Ad2-728-90.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

821e6284f758a7c3f22fea1826ac1bdab521a57f6a61631e50bc84858bd6bcfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/Ad2-728-90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2355
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 15:04:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 15:48:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EA33 0
0 49ms
49ms Image
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CE-7qPPB5ZZ3rNaCU29gPnbij2AbMiOKfc9qK0fm2EtrZHhABIOSC7ShgifPFhPQToAGb3bv_A8gBAeACAKgDAcgDCqoEywJP0IiwTBneiLdmtxMWUA_PIR5E-DPJBVkjvWmNcxfBJh8XccjLZlJvRTnAlWhCykV4-sFiz7pu-EIWg1Vw8f7ObcSv_5j1jt6wywbfbwb-sNJ8PdJxVShK58oCRyyIV2_NiPZ9k07fRrHFv3fM09GghDYucfTCSd4kEyIREq_ODvLnqqPFzZD8GGw5Af5hWWgU889QSlw2kdvYqliET71gUqU_24byve4m3zJUZZZVivS5wsLxH3OWmmMzSMXEX_Ly59L6JcsLVgJzjNM2vvJWF2Yxw-NK6dD-VQISseZnQs6YemNKR3VdIANB9dXkwR9pTPFXtSD9gCnAhVvvjXSSIbSR1DbY56yiiSHwoDyspi49wffqxFFAKs4qPWC5lj5mYqHyFVU1hndkurVlkOoGtaSfMxdp694BWeZOSU28-oK6yRRD2wqsaFvKwATxg9ex4gHgBAGIBefe7l-SBQQIBBgBkgUECAUYBKAGLoAHzaJEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQuugE0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljg0vKP_oyDA5oJQGh0dHBzOi8vd3d3Lm5jaHNvZnR3YXJlLmNvbS96aXAvaW5kZXguaHRtbD9rdz1vcGVuJTIwYXBrJTIwZmlsZXOACgPICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLaDBAKChDQt_GDh7PniQcSAgED4g0TCP2A84_-jIMDFSDKFgUdHdwIa9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi03ODEzODM1Nzc4NTQzMDgxGOy5EQ&sigh=DGx39-zm7-M&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaN07cZJ0dFxIUXIPfbZx9woY-pSlgLBric4AQRLQ09xpknYHeGdMihiApTiDDqN_KA4vGMW-PLHATL6WnRG8vqkD2bn5IhkOlVyRgB&template_id=5021&cbvp=2
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7810 111 KB
39 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Origin: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 02:25:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7810 11 KB
4 KB 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQFjQ8txksLJiqOhvGX6jIb9bg2bYwS3vJnUGG4DiR6BYB3GtS7EPdtfcwODhKE6bhlsv8IOrTl0uKFucwbnu20yoQzyM-SN_bq47cCBZ5DAfREs7kttmAL0ufZgx-xFcRBmBGtf4tVivYVk1yrG3f6GcpKrDEBn4oepWq3byU0Iqwp9R988RKql9uSDMKj7pFyy9h&cry=1&dbm_d=AKAmf-AvSJqBR4Pt_h2COambQA-k7DlUpvVcWWGrtPQmtrl-740kKYpBNSpIZYooZTTyFcAHIJ_dqNFwXOwF8K5MWdsiOY48z-EDrlaPnPg950TITLyvlGp9pZyAKI4LcyyxIjGk1OrDbwSW5YF8kXgu8Ldj4ZFH4N5PD-K0RP8ZPsGHshOasdw29JASm5H9wUy4qprIBmxT0YP5wi2UC6ftYCTn-VhzTvKimwHDIi07Pfv7mkYQfP8u78qqpBnCwPSRelz539cb804zSTpk65pXo2_MIU65ldRL3_ROqsnKgh33jQxtVDC5cfWWJWKe6EGldLxsx28r7VkezR3WRRA1_seqphJcwIcMG2bgyEO3f8nsa3tlyhCpefziEclVL0s5rA3AOXaNs2UXBT4THcYEpLZWxyAB6of0ktD3_WQ1p2FW-RIBX0b3F2iruVT1r2-RN2ROUuwoYjloJwLS_j2ZYKPq1IwYEXtR81mQrPAgDuFVwfup-tze7JWJr108CkV93U703HM_qTMRVe_OAu_mcA5PEa5CEj5kELXwHxl6CI6fE1fNVHwQ6rhJ3r6nb6B7RqNN8woVZqjER2IqSMqu7Fx3pKZid2fAAflTKq6ReRelYToL6nH0RzFaDIzIaL1fE-LpJZLx4n81K7SH4f_GtwYJ3GLUDATTLzYV1yWwUJNEmm5w2JvBHfZRunNwrj4CT85AJM8udyfWUg94yGwxqY1b9SSde7vl7oe2WMBbNLyrEsoHF5aZteGFAMsGBoyjaWCpyXvifbo-gQKy_URIZV5wGesiYHQPmYReekoZN8kcfW88yhKdEHAaJLLv8TuDBAdBNn1BhLxl3ojcsTNEUBikk32jiyVLMXpb5eFIbhkBZs5xkldz6pOTHDXGsHWcqCc5LlRPmyNOMKJUo_lFrVeE9Ae25pjlo96-Mvz8GVpsOVTxk-et3ayUr278yZFKTUo-GYMN1-EUoKKWHBDb75xoS7eYSCy8IRN2TUv6gm83TndV3F7pw4Wmw7ajRQWKCh-YNuEfpn0SvJzXmMtCInoeiHvhJdCUBE5zXuPKG4n2hmU4PxEN1LF6ix-7YeuRQH-4rSCl0QzttYDHULVh1Orw1ndzYWHo0yd7mcafdVUkUgiWVWRgRl3Wm2ZmSiaVSi72U5klSvuhs4-sPWv0wG2pRH1iEo4036I0LXB2VZwAEx2Z4o6zEJkV_VtC4vaLG7zSP207ICEQz1xjaP_dT2XUDFD9wYs98nsI9PrMpd_Oc8A6LuepCrBSHlvcfoV8kO2troTKr1wA3aDn_7jIIY4p8MM7gX_PQXQDyAxYk_DfLJV_W889hJ5Ejx5zIK5jKKxR_k7BKebYpdum-tyd2FBI0-TOz2ubJg2aNgm_SD_vOYbP3xrw5ufWXmcjQCjIZ_BI9LzTXr4IZaALgz_pmtqXMPfPJw7e1dhsEZX26BlObuci-AiL1uIvexONKwQW8T0a4j0PopVY6UT3ZJzDEMYtagn4MynTsrrG1POS3ZVvcNRkOGdcj07eZv-aQyse2sjMpkK4x2moVTkxxodcYgd76Ead_rvDA0uVDTIN_RNqm_jD2ItS5S1fsT_mOoRr4rwtwVgjdj6aRKLNCXTKQJu6K5OfkmGS0lYMT5fE8RpkYbxQix3j-eCAEQzrJyxrfWaJgvdQ4D53Qr0pZJr5UR5aoJd82WYUD1y58sGnt1ApHEBrxtNpfAfb3wMwuZSSkrTdxObL2ObfoOI-9mE1l_zoyqCGL3A2mUmv3QtoR2H3hd0obqyE-a4mpAO1cs-W_PhOUGe4PZupyE4Rp2zq2345LG3bx4wycZbF6lkOGwC_A9Gs9OdpkCzJ7A7A27D-KoyRhaC_6r6lrGoBHnp9YbhkE-NzXfu4ywt1Aah5-wdYbc1tiDXZbjCTNylImGEGebOy9_G9v9eGG3FNGtlOXnxQr8uzPyC7qIFs6AfKloCPpKLkHOvol_1w75STkFDFtl4wh74NIACm0ZxqdXbi9_1pigRzSsamJKTQrFChHzhq8kXCsjwVQOAAqGb5aIJ1p-87jIX9X18hUbtF2hsz4fxMJGTsV6wmLJG635yDw97lCh4cgHsXnTm-awCp1w9wNKqLJRv7vxvnicLJWWs335QJJEgAIZ8NA63TkrLJBO3gg-19Xa_AfXfdQenuwqKPYb_G5O-wlOssPGupeTO8PNmdn6gmCmqLFkspLPuZLU0qfS6GfMIslSh6CL-IezagP07lzMJvOmcEGZNtDKiwlhb-hN9dmLn_Q9-ryewMB4vaf7QQ0AQatMCJg7GeKVOrrAzwxfBgoeSNTS06rHh4U5sk_9NCV41LV--Q-Z4eepj4zKMjJC8nbqCF_LPJR6nWuH17D-ZRnW_LDowpWyAHZThP_jsiubuwtol5Kno-G6onihKynyF1WkubI_KXZygS2kEzXhCN8l3CBlSgMFMeY-XPx2o5ru9ecQ-Dl1GvSk9A8LyEnmwMA7ZO7AriUDWsLNtoAcOaLDRLzcKzLdsmkU9JINTZIckgwoogWo2Q8HY_P3qd9nB7YfKCZ9EjNlWvC5SYge6pTrtWdQFh7wNJJdk_Y38zriTqJnp_iFDUESQV0wjAow6fgca0LMH5BLYlrXDPvw91i7BVqL-DI90-mngrbppaA1OtIqS_NdAL5gSniT2FzNcblKpFFZ2Sgq7TDqZZOT1JR0dBsgk3toxtzK1SwH2Hn_c-BbLPpz6z70eWvT3kJhiS3csWfli4qnKJpOd3PkD_TrsEOqtLcnAGpDsMKfBnVh8v88_CAlHbtfYpkCOInjPE9iDtYavCWE-lJ4Ks9w4TY3_cqPJf_rLGuIMyQuG_pui_YvecvzhH45l-A1NlvULAPKqM9xVa9WofUrT3bOkErV--AF6VK2oH5U98-Sh_ITgdKMatA2oOqnLugaI-JNujjyKIBEhfOon8w8CF4e0lXEs3sTM1qrI65kzd7gH1s0eg24Up-LHdud3UB8YVxFhU9D11GFbrigMQXgMQC0qnxuzBd60O11ziXtFAluvYHqlnF1MPf2oFX9Hk2-oTNn2SOYuaUYnpxL3sD_yn44iyKP-6pcss4C5y-P4odAQbPNUk-zVLaNvnC3bEMFSXD5VY3k9TCvv5WIEEQTK-Cb7-hytP5KB9LBCBcftr_hDwyt64qgnXK7CJUP5DZjcpoPl9C4sVw7Z8XQv0WcXL5GDS0EV7SCZ5Wl5DNuAYYAyYRrTZfJusbwGx9loU9YoF4-SNa5w3m_YR2Cu8fkuZOCvdKZUDkKy_LgKofH9Xn0Bgn7WcqyNS8lUzXqyBsf4j7xi2uHszh-QNulZslUOtX6bUPqA7p_a_9ITBUtc_WdtxxZHtPWlpQ72-kfled5bnZgQJqoy48xx6uQkr-fQTqldoVA6uEkAmu74t_QzWiRwd5ts8Fjn7ywhnzBn9Bjt1u1DTK0h5mlKO1k4xv0TxF102hXpJCOwySQ7C6X_D4jGBifc88BYaNcEMp-N0wmf1Y934Oo_lhYNpczEFMzY1jRDiCv6P_1Tj_4iu3mprroyXMScHAAl0BQsI-ZTRQ0aegJnKHIQZWMjyfn6o2Cy569tjFE5nX1eDynqcFarMoLWvWCO15rASQUUOvcQ7bV6Zc3_ZOmHRES_eBYgaDcpCPlQAPmXtcxNqE5aSs00h-s_K5z1NutfmP7wpFBsOdGAgp60MSGTPUgLCrNruknSRjJF_9YveK_5kprq3B8Ci-K9nFpb8-1OmP0-oTfeGx5cHWscF9T0ehKxHMjAIErwGyUxi3eFXEXvrA0CxFkEVgAphrE-n0QVIaBpGMYOqXppE6zsqjHPnLBQro8qkzPHi9WOR1Ye7hmoCVpAoGw0-nWCyinmtlRyB3Qo7MmEc3euXd_U3joxISJPAXAOGwXWSsi21Qru7oInxiAul_z7QVVrK4btbmdqP4uUIJl-RoEL3-88Bhek4TYx_Dys2ZQJQLaVCQoqdcxuHVOnscivdLqMM_E9AGJn8CuZ9-ONVdtLLwdpPg2azB-OpGIJ_cwgMQWffGvVs7550zc8uz9Uiz-KxFiGK1yvofo98XFOCAh5gNloJpEu0wP7IxewLOM71ovb_kcOiHMMkgWanc-eiRq0QYT4WUB1lythVJ-PIzoJjZ8rH6_uNVq7sdyr4sEohPWHUU0Gs5WMQis8nDK1PeixDK0ZVgkH7vHYH1nmQaLqiOZq89L-7K8oZ-P1GwNCpvZTnUwuy4-ROhRImAGxYqxIBSOTd8t7xXgODWUAQahJ7bpFyCJuUeiZWP6xlBv7BMQcw1yS-D9dB0J35Ac7XNnCpxvdrSOxgAt69O7GoVIMHEq7UhQXOXPRkKxi104aOMdlAYsaiA2prFkQnHhotagCUNUcPhLFg2QOTG2zEZSn0gU7rsMHXBatlJygt7d0tH6y2FN3Ap00WSJHLQ8FN6H52tFdOF_Mp3t-_4_UNwiesI9AtfR0tZ0DrhWKhf_kcJHUN&cid=CAQSTgDICaaN8OD2-zeHohXOYF47z5-T4Tm7h-Rv3VtuwgYPlY-f34r4vtKXzPdlMryEWtVrhbge2JQI_n0DQVATieFAntBhbHFQsRq1uAhthhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mediafire.com%2F&ds=l&xdt=1&iif=1&cor=10892685924483052000&adk=4188270524&idt=138&cac=0&dtd=52

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 19:49:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7810 31 KB
12 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 02:22:06 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7810 41 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 23:48:17 GMT

GET
H3 200 Ad7_336_280_atlas_1.png
s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/images/ Frame E07D 175 KB
175 KB 3ms
3ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/images/Ad7_336_280_atlas_1.png

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0015ebc3bfccd003bf73b4766e60b05bdb0ce83cb8ab9b513d63ca1cf3c00523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7416611940261402752/Ad7-336-280/Ad7-336-280.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:59:00 GMT
x-content-type-options: nosniff
age: 525433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179634
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 15:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 15:59:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 2597 0
0 40ms
40ms Fetch
image/gif 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuRTbADqqOUL2onZvGgMdXvQgbgCiRYSOZew83kMdF5nNz5PsxS9bl-6g7mdsVwOxTeDExtYCSCAROiKjvirGHEHKDau2pEnYxP_9UTw6ltLO4ECHHOR9hR3UYexY1EIi4TIDpg9N49CcuQ5BzlN7ygzDpXvNH2nAdseK3eN4B2nz4_DH0amMrDcBuTCmiWfTUK9q1nDf57uZpBO-NQoE-P7_7SKTNXkzFLVDNaOMaCFGX-9giVw7y25fSkitWxWbiEJxqcFAKSi8_YZeF5U3RLWbQ49VUBvIC7eP4iulAbSI6fe_UDBPQ0dwIxyF8VsamFMrxg2y4sjMz2U6VyGFeViksxBucSVcFbeb_qjiGHFWUhkhVdOiTuyAMVfWxKYZtT70Ki3_xesba_jBa49sQAkvBGbJN1xntSmz79-d4eGChSpVX1KrDH-v8iU57MJagdYbTUj3AYXE6Zf4vn5x-LMKdTdViNjyoN6YsRcXEkeX87TqMhQnrIYUYkN6SByIXoojkG_TJEPEhYkq7JaeAuhhEmc7d8TwUHSCTvLVg-G5JxqANbotteDwVZW8o3RMHGuyrMtz-mvJtB7k0TMNnhGeStraygwmXMORuI4mBsd3Ob7iKq3e0uCIXsEaR4dR4gp3LYUOHiylZu_G42FvAnmrNhYvZ4xN7xxoU1asry5GVSVV71vMTlsVBfogasf3R0H8-KgiDVKSkHmIeKaSv3LUBsz1vuTm0IWX1gWmPtnk1tlItXCtsFRvDYtj9elQMYHvf5dYL0t-GC6li7EoIxcA23-8i9EZcDn1yzdKULijpIaBceJe3utuP8c4j5X1BT2zfydFP9XxpZuS372g8YhnmG4K-vpgebNHpiwo4Qpmno4fQC9eSfutvowiFzqaupHoUdcH8bVCTkriNyzO94A6pA9WAUJuze5-STQKloUrt2VgMNSYTTKd5aLhSf8iEQIqxbrWLqDcjeQWy9aP_Q-virvCzL5PNLvfwoBEDBmQk5_JmD59cwrSPai5Krs9d8w8pKg7E822DirKlmhsb9aCaHXnjDxl8_-pRCqc-Up3sz5GDp4e79uB59OpIEWQ9wnRunyHHwYUk27PqA4qtwqEfZRLHmuZ9_cE0YaCGJjeWKRF6khYdD9HJUrjUVGXXkIMtG4JYRrzyHLM0BnrmXwGD-0Rjkp6KnBMjJi-s6Vr-BkJpRD5Br0Cj6sYpTQiHUrjM7xv37I625k5eRssGTs7GrkJLNpVNkY-v71QGxEwac_PqFF0LSb0J0D0VlnXvz8sRrolz2Rk7_vGsZlMy0PE6eFjmXt6F677XRpvEWUjz9As-VG3HL2X_KOxFCAApFR4CfNGhoyKH_u6nGSDirudll6Q_8KC-y6VBqAhIluCGjdJS71uxRL8sioRhZEA5nqsgb&sai=AMfl-YRsyWm6wA1K3rMMtGYuFlXwX4a6g6ZMejcDECcJkdITWfHT7yOG2flUgmSZ7zngOmXcA1nIcuahjpilBEbVuFA-MkeaIRRj1-FW2uuwzgQpPPP315lzwTGcWhg7tDESy28Lr_VNsAgkTsubKo6X6-W2JCKeZP0Yrsu9JYSPiAPMSzP2pCZPUEM-wR_1Vc14nCaAUmVfdRhBJYetXTinetOUwaQmVWdU9sAulx93f7PrqaKWn9nXtQVfbRJNAlcIYH7jYg6zoamV7bteRZwGKoqtotDlkXqfDS-jhZcQppc2ZH0WsS5t9y5XYpvf9gCiItfpqt7ooD6G58PvpyKKjwdWtZTUp5I71TvBnnYc6wM2vzIuk3m3__2x0z_sn1t5ndd-s08JOuXC7XxTe0bODnPWFivurj7k_Z_t6qZEpP7d_F1lgxqdw11gUrpWpG6hIZ36mHdEqvtZLT-PUznJJnHUv0JWS_iVeiNQC9XD-Usxj4U1-pZqMd_MNKuBmsWtXe-N&sig=Cg0ArKJSzNDUr3byV2vvEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=392&vt=11&dtpt=269&dett=3&cstd=121&cisv=r20231207.59106&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7810 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d85b21a6a222c0fd3504df6fd41a0b98e20a02604e5647f5f13fd66b6d79afe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 82B8 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 11:48:37 GMT

GET
H3 200 Ad2_728_90_atlas_1.png
s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/images/ Frame 5E7B 65 KB
65 KB 3ms
3ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/images/Ad2_728_90_atlas_1.png

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97b746191f85fbe3eb16014481ca3b3f331660105d53ea6431346f37f101ed28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9144223720796373002/Ad2-728-90/Ad2-728-90.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:29 GMT
x-content-type-options: nosniff
age: 335624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66136
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 15:04:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:29 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 99A9 0
0 172ms
172ms Fetch
image/gif 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv__McjH0yVNporq4d_KkqgGBxTmB9QMZMbyj_9VaiD0fnh_tvIYWwknW4oQmTxcifbhQHTwg6FKe5jkr_uq6gLNARVrQteDC0K56STAFtMeDxZ8qFjF2GRdoIsJWq68wjlzytnFNnZjJiG8xsv7-_yGinqFrjjmpLMIBZq4TylXWkhwti1fPR342t2LJKTzoj0VzOw5isD6Jgds5CidMj8NzIi50FP84m9DGqt-bWUgGcr1SjxGXp5DoM7V7Hwfu6wVdqbvqlNxlHaHkVH3aZTdarbIo-DfUOE8MO3waAq8AZzf-4Wm-063RGay1tn5drk_Em8DwtH3o6piSbwb4e5jaqjd5mapoZhCopvFM7AYhFGgti0LYysGoaLvdVlrGwmGziHw9iyOYjUhFauHncIViDoS_JKW5zh4CTN0Ko5LQQj5syxT_w5J2PA0QrMFOOztmdKMaATHQNuxyXD-GscpMwyg2GLbJDpGeoKt2Pb-kudHtCSAzSUoyZhRo6eZJHNY9NbHRv4GAteMCaUL14YrVL_XkgBqLgBnPhPedgWoyafywrpNJdlHysUkscrEgvgyiIUFuTLccAqRpAWLVCe-3fmHKMoMI_1laeWqdrYQGciOn4IksJPcgtCNJSeXxy2rbuNBzFQROH9xAVUv-dQ52ipQBDhOFyDcogsR4xAikLOcmc8FsB-eDnjt7ziE6bCL2mt-4U7Qg1VzIW6tkKjsqRMbTIx7eXPauDhzibYlBW6QLtaMEaPj0HxA4bh6A9_R6QQfCwFnDzMaF4-u707rKwew6qPEw6WIyHuuUEZu7KnL4pqDdgCx_WML-qEKifd0F_nosXCoAH6wl5b9KmXxQ7RZRcGkgban-l2L8uu9zcbl1clsPb2F9y6_Lht8-MJI5GIS5AzlAVp6sTHDKSfbhlNOZjHUa5A_xIYo1ghfPEFfm_YbjcQcawsZl_z1NqL1Kit5_VUBYDAzR7s2Au_5AX1Uxwo5x7MsOV0q29lmA5RkcIV1iHg37qfUwC0KcSKTe40gIxt88JbPpeJKeZtj3Hb-MywsfNcygBEJfvw0MHPaH0k-AL3n2vk5jAwOYHLUrGBtxB0jHinvJquHPiYsdAL1pjTs5wUTeMUbeUVxecO8to4TDEpoSuy8zP8xQWZ9LBB53q0TQQWvF6LrzxwopGRoMsXlMMkcGMX0oN39wUg_ujNlW33H-SeEgzPdqgqabBfmaJ7WKHgryYzt_ffIF5Qz9j4F_h-wZSTKf_k57FhL1-BmpTvB9BnbWrnyrgXv_hrvjXOLokwOUFdWia6htW1PTSOArC8AoIQqKSoTTA_Wz293ZdXeKYTPNXLyMWElGubH0KR2lqSOvyo9_gFB-fT3hjgiTx7HjTEs2TxVVuX9-4CiCy6gXwGl5uGovYniL_zD_02zQ&sai=AMfl-YR1BssgTC2EystlQieGz0eivoJRw733bRM8iyCEU2ifJLeCPVHLYUQGgsbHt1eosEYrrfNvWinERnxp2BedeR5rT4-NQAqKH5a3sJ7xYBFMkPTU5fWv5uRrdQkRJHlAacfZ3YjsQA1ROb_OJ5J8P8mi-DcxKZ-N_x61Hemf2qJj4w2WdRlFTQgOI8D07bD4t_urb9kGFWBb5-L2rWblYJUsNdvuLUVr-LvHGbc-UkzaYhFxsc8DeW8-nIAg2mDOyEjz_CNrStsaaYnJ7l65V8Gzykw7TqHYkmrXy2aecZNfaMMxEQFUPsGyw9WBWEZexWQfTma19DIGNWGwYKmhtZJOrtc943iULtq5gqEs2iaqdYvb2SiBmwlf37iPEYjThJRZZTYMQe4V6QPD3yBCwyslqX5oYnTaZaIrK0eGHtfG0KwUm8Qd-vTpo3OH3xZuGzrO_81wKkjs9Qcfn2tevaeU7p1Tu1uHptIiFKLjfFyIObdoZv4k8vA3jTl47F3gSAVPWsFayLE&sig=Cg0ArKJSzO5JagkiM83bEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb3N0YXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=331&vt=11&dtpt=157&dett=3&cstd=173&cisv=r20231207.10815&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14617803841495835230/ Frame 3C01 6 KB
2 KB 3ms
2ms Document
text/html 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14617803841495835230/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a18d9d31435047631d39ff6393cff31d0595b491c1bf19c9073c999dc8821ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 79558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2256
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 19:50:15 GMT
expires: Wed, 11 Dec 2024 19:50:15 GMT
last-modified: Tue, 21 Nov 2023 12:18:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7810 0
0 96ms
51ms Fetch
image/gif 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1n8ehT2p7dZeeu9JPiRFFNTIbchAE-ddXOdo3tkQ_kA5Il8eHV2YeInptgEz75D6kDLydK6uOLdrFZHqdrAgWW0Y0t-jdUw6vDpzmvi5bcGzAX6FBfJzXIrFHpcHAGMlU0WCv9Fqz5COOPJuyfsnD8KImSECcHg0sa4dq99u1Eo2a3o1eZR1YSqRtRN4cQoe_w_62M7xE8arzLccTW9igysKeAp0IGoJZb_6C4wQz2-3Un2FHYslPH5ZmBEAgnKU-McZbsK02oZqwxySRfbVcfpSD_Jt2m_FBYSFiiOTWv1QNim4K0I3ZTfWT8Z1Y4ojzO4W8OBcYZkdd8qXQP78aoc4kI9JY6bPFhoBcmzsMOpgc993bSBYAAG8L-CJZ4_7FvoY7EUs5tvbqPEcSaVLQLnx8N8DcnPf9xCdjyQuFvVKoZZ_Gyh9CnxevgmMQ-O5e-nXjWMwmZjkcXQnqq_RJWRNo8YQ9gaCmheUAeLfBD-IUQhtYHf-jDcSBETAPHyG6ly8JjFlYpjVCHFbsb1Zc_LzEr1pdo4inrTdcKGv_6Vdjclvc3GbxkRaBMbpbMYqlxufnu7pgBRRwcaD83kG8C_8OMgKC8uOipQ1zsF4vLsd4zA-EEeliAlpGi1Hed1H95caWWIzEb-eEaycrDSu533B_Wv5NFc5Iwmhpdp7bcpxIYn3x9jd7pOfX90PyCJBJ4OcZlT9O8Ft3UuOjDhluWRjILVg8isI5tQyspudA1kKXSMO0QuIzqykb0UTtXYYIvBbJ7XVvglTaXFXNS6n8neuuGJ-HDLhVBHmZaOG-csIVs_Mtt6E8Gl6i-lUsuj3jaYIlNvF5sdE7ns0uluSVeHA9Q7RJC-GQr0_YFhPASBT8ZCTUZc-rUrHOKNbqgDPwYdobFWG3-r09AQW9QD7-sTlx0DDx1cVQts-HId1B3G-Kr8oAxOT89YVfKf3vIxxALg-g8495Eq1LHD7BC61DR4bIRJa1KBV3qlNuiHsO1MgJAfCSbGncWWpS_SzZ_P-hi3ewJVzncW4WuYRMWxvCWhcHfniUDlAeklIvrWHOW0Exe_ybZL-RbF4ME134GEApaLHYjwkl7qIqhwQgXKqv69k6mAkozNJPHF9JLd7QtOVeysK-DUvAPGtD9125HMWym7k1Xtx7ifjN448BA48SchGhl5MNb_5S_qmT8F8BeOSpZmokPNoIi-mdm65nyIBOQdMf_wPNZTLlzFTuooM5LO5Cg68SbOZvS03vLGM-LThE_6_rcXxYGQymDXQGyzWdmdqGj3kyfcIn5ccnlAt27NXEYPwAcNpFnJfTdrLHao8MRlkj3050EXpazv8Im9DmEBnhDJu5s4bResxp9kna9ijJzTmcKmY2eCcuB66GYgsYmbMBzA&sai=AMfl-YR6NQcZgL-Wr-dNO0kbj2z1fRbxrz43MbPXjHFkWtCFL66rhDMfSAyOAoUP7uG12ETaeoJJ6NjAk6LSqEg0zTFKnhcNYX45FdGHeIn87S5zqq1pTQRFWYU7T35N5ofajUYWHMeInQWs_n-BspdSAuiDINQoOqmuSl-V90ww3EwZoPHpfqwLczAQXTSTjtBdLWWWM-CdxU7GlMS5CgqJdyl30Y_F2pn67NBNjtiqFOXWxY5XPWku9srWTXA552AAVf2i3cd5lxjrcj8Nsneok4KvS3e5mdbCe5oDbA&sig=Cg0ArKJSzB8orJkfo76cEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=84&cbvp=1&cstd=82&cisv=r20231207.33658&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame EA24 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 51500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 03:37:53 GMT
expires: Thu, 12 Dec 2024 03:37:53 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/ Frame 9214 8 KB
3 KB 408ms
131ms Document
text/html 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14617803841495835230/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92234733664d1912bd9e57cecf4be6757fc48de325b69aaac9881f4c3f160f4e

Request headers

Referer: https://s0.2mdn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 765
content-encoding: gzip
content-length: 2770
content-type: text/html
date: Wed, 13 Dec 2023 17:43:49 GMT
etag: "a212094459f9e009037ff06dcb7ae929"
last-modified: Wed, 15 Nov 2023 15:00:42 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
x-amz-cf-id: 1I7s0GhsAnulDyXU0XaC6TKayZKSk09KNKMMqJLRUhrV2U7rrQIftg==
x-amz-cf-pop: SEA73-P1
x-amz-replication-status: FAILED
x-amz-server-side-encryption: AES256
x-amz-version-id: MHWGldOncIOokj5ieUvWljLoPlJLALLO
x-cache: Hit from cloudfront
x-robots-tag: noindex; nofollow

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A112 0
20 B 43ms
43ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BryGUPPB5ZbeFNuvI29gPvLm90AkAAAAAOAHgBAI&bg=!YGOlYyzNAAY3kmNgF5I7ADQBe5WfOJOC6DqwxKppjrkN5LhbzMw7Heeahn0C_452uqJbBaCvBqgR31GzN1zMk4UvGqr_AgAAARFSAAAAAmgBBwoALCc4wXjX0usGYzGwXH8upals5ivLVatLsd3g4K5PPmi60gh-bpDiVtYb8cHGmQNBUbV5i_Mw2eXyc7KdHo5aGjNuBhvKofvBI3JsKBBNT3snDA1Quj9k-2j2hdJgGcCWu0lvsj8KVhqGRe1U4_ddCaeQf3VoCus2jj9R2ucKfITMz_vfx_PEQlvk3jw7JyMQUgTC9-_esxfbrs5XFnMVxta6_7x2S7H8FV7dUlkrptJYnUeIACt1V1eEOD2KoNH0SleWrtLUg6c3U31VAdssS9K22c0EDgvEAJPuZFPMt-KeRxkddekomPF92Ph_eQ1rfFD_2pS5zhqfKJF8lWtTx9MP5hoFGqBOqjJFBvOVPayN7_CTkCUhh9P77ytL7NduiINn9fz6Hra7JJtO7Un4b3v1XTRbFW_g5PRVubMe8QkUgCnRjOf5KIC8-qEstatZRoIF3JcFAgctkMLG1dnrWCAhOhE3MThlSiRRqLr7guiiWpThWWZjOXt8Y98Vp1pN8yeesuju5rVx-RrCYzgE8SVfotE-tUFHjpRgoh7O0KjBJ3uXeA49UlLykVO3oTfWUOktjNh1uG3E7eKa_DWuwVfZcL2W-1u4GSktXSJEWoS0QJI54_4J3KTQ4X6TtPpWw3HHmJ-oXRgAREcW0BcpaYV99OChNIm6gwyz4pTZIzfuYVinnEXJi1lc5hQxbvpnp5Yd1DOCvNzbHHnMpnoJLsJhFSxfyEokxryKbVm1bPKJ9O0Y4jRl0jyYqOLHZ4jHo6Gjv7D7JQsp6toamJ5M7qQPLXbuhfo9sbbC6Qi2ozz-8Rrt_s4NzFKyIE1gCpq4Fivw0d5b1u9PoDrgpEOpDK1vcuraRdGOl1mYeldMgjAz3fw8aaJMTYPDvwONONLo_TU7BqiotFyi841zL2VFUB0GG6VWI7R9jbJKGV9iohzvEStiti9YNiW3v0C9eaX-7hCKf60h7wmOo0kSilHMrggGCnb62XBhT9MvAi4IOETscJKWCEok2dBjjQfAgDWNGX388vO5Jrs8YR-lDqJYpea_IC9tIJVVNwLfveUQXzA2pSW9Ptcu0jIDAdVN9u041uRgE2zRfa5HrFOmJ8s2N-ifuSNJgz_fsmEYZ-gXlLvRHTkBaVJkcjifIBJQFFf77_-LtYK2zxA9tazod73M1AA

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EA24 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 11:48:37 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 51ms
51ms Image
image/gif 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.166303263231585

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Gz_YxLpRI51mWpqwp_-q-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Gz_YxLpRI51mWpqwp_-q-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 53ms
52ms Image
image/gif 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.579721376301999

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_ToAo3jXuIm63A_cNPDFmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-_ToAo3jXuIm63A_cNPDFmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82B8 0
20 B 44ms
43ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2gVlPPB5ZeaxOcbU29gPlduRoA0AAAAAOAHgBAI&bg=!Xl2lXRLNAAY3kmNgF5I7ADQBe5WfOKps8mUgaOziGivOhumJ_kqxxkC23fyemSXYE-mz-fwVtLiAPKYRQvNR7KD1yxsoAgAAAIJSAAAAAWgBB5kDSbhaOwtU0fpMNzWghXHMA7NGB20nIjKAd7eGBJ-XTagqEp1VLSWtE2NBXDjqgOnz3V1YYkb2aBmpsHn-YMPYn5fUioGlSHN_Fyv02qNdrlVMF8VeJzMdX_emTuI2m5ksQO7mHQK8mh31AOpcL8cP_Q0uw0n91ykVFkEdUEYQg97zFZ1E51opqETJhYikXpUnufitTR-dqs3SGjp6dRsMnnriI4-lx3nf3SlMVr-u_SHVSOeo18fLR-aDKwQVtUIMIzAsJpKMfY6wWOu6KxvuFTMWebsVdBgf-DqM9Y4zSSQQ2HPvmsU7-3Kk5IBS4ZK-QzFYHiUkvbBKZeoRLpST729NxCLneO26vpdJDPp3Qh1EXLd5exG2Ik6rfsAW0mT4Zeh98IugGQzWgdNPU1dyY6yquAjxmL3tv4d2ZXsHdE0L0_ZXpKqAhHx8UfXAbEWkUMntn1dK_3QhnnosDgbzgCBRzRcdE8p4kPRcnCbunei7ojERgphNs-A3AkzIf8pIHBkVs-H54wRwgtqFpnAZwLhzcNn44umHMS_ptQTyfLreoNeXsRmAGxO3cKXH5Ic1ZKIs-95yOWQewKzM5BkOLxsHrK7e2pw24R8ZxuyzCBu7UpvcV_4tr_FunazbWzO2CclkR9M9hu1TupcivlQ56hOnI0IvmLXNT9HPhWyoC5X_DeJSYvKNdecY83BMxOl9mMQFmMsTpoZCWgpFE0z84xe9W1u9P7osBfAstZ6j2gSrLd7tLf5ljbeDwoagx1frQHlIECKGtR1GsZ3V03bTIwAkP02Xf6c-VX9aq8E2rNQIvYz0npAOsma7JVxRe9pd5rH_dI8LyxiTZRPE4a4rICjTjF8GRz7_bOUVrbnNMxHqVpBGTfjOL4wus9LBGtXExZi153k8eKlLPFxeRblOt6HSC7d94xefhu7rzLrvn0Komd_0zGkukQpVASNDMpihEIBQxWk6P8NArr5uB_hUkViEIj2rvksu9xAVbuYERBTM4IPlEY4DdZd2S8xoEVAJxExVfjKdTP2uzty0pn2Iwf1m6ZdRANwSsLJD94RLHrXAhlzU7SElILgWsvWtNtz8k1IhVqjIT3B1lT8eS4ztVrvHqxdvGuzCUus

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 89ms
54ms XHR
text/html 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8GzImj9DyAfNiNtpa_hThQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-8GzImj9DyAfNiNtpa_hThQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mediafire.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA24 0
20 B 42ms
42ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdleEPfB5ZeXnHZ2AvcAPrZiQ4AoAAAAAOAHgBAI&bg=!-_il-LfNAAY3kmNgF5I7ADQBe5WfON4BOF2nC80FcWlzQaiRrLjMowgPBYcTvcfaL59fMR89_8XjQRxsAlmduauP4aDuAgAAAFRSAAAAAmgBB5kDS07sKgpQWDGKGP6hYkTcZPM3lMOlbsRCP1B3WNtqOovxiwpGPIXpx0Bh3LLrAnL5tgF4DQazoHdp2yJhAy5VdePtME5v97vHzaIszvDRcBygvye4Zw7iNxMj0U63TTLryW4kpEcAD6U76S5TBMuoaY9YuVootZOUbHPwDkAsdNCl_Pfj3EJALvYo87lhCfa9rDnRBNuxyOorKgXfFCTIhEc95_UXOYAKrNRPltUWfL2lzOHMjpgpbb0mu58vOEMRlNDAx6jCLaiVaiLkONfXh9FEZ2FYvEQXyEQgmBtGG3hlnT5jsQlsCpoZ9gl54jEq8fwS-uZDI18XFKnVrXuB3c0CI48n1DZh8gLSqXpxsNqM21yZrDJN4RQMfnAZWo0c6isw48brXxhPk5Vn1uEbeb8zFw88z52yLVsOGy-eJbVTbqMwMeI56cUHiOTskyaUVYnL2nxoHGmdF_k11Du1ZLlO9XuisUpprqyOlHQgGQUvX_wAu2wRJH1oaL3YW2lZvdMZU1YV-dpqBkFzTSMsl3ZR9lncGeuR0-AW-z1Q7RDKyghRRRScLS27AiX8fD91v3QP60l1ABqpTEMyKVPIr55lFqsDcCIL8EAw8vIdIq5VNnr_SEo2-Jd_YINVhi5TWHXkgaqKAHgQOCIAosNISLzwsiu7NZifS6tug8MKNHixKlygoTWFhwaDkFBRLdUTSyVtVyxRUUBzVzQXgP-gnK5qvjdqSshKQ8gYgKftwmxPyTbPfBBwOrPT86eu2Eh8FD7l5I8QiVMkTr16-ctDQXhP4TkGP6Z6iBR1EqbR7DsqlIR66eInrTDQ3qsr8L4RFW7V0JUSTCsq62yU866o8ulxDgcpmEeG6nEm8qkxZx4vlazHnJ8tofIR4yGJ2BxwemnjJo4YGSmYQF869j57OaV797MH0XlSD7FtRJZWUOZEH4lIDQeSec-fux3Ibc6H5GAMkYnkDRsbyJV9mr9B1iD6I9QFf-BLLhvIg6UnJ7WobllAO5bTB0HvoSqVpdjIvERDkj9W5Z9T18Wox0Srg-w2QNk4LB_GP014MEAT1mALfRQwJfT9FlRnOXBj0zxe7RvKNCK8c15TlLAZ9riVih9a1MzO_hPrk_9LmA

Requested by

Host: e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
URL: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9214 11 KB
695 B 48ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Red%20Hat%20Display:300,regular,500,600,700,800,900,300italic,italic,500italic,600italic,700italic,800italic,900italic&display=swap

Requested by

Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffc1ab156d4f6701973673259900397e7faf3f2af7641c4b92dc516ead15674a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.zuuvi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 17:56:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 17:56:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9214 27 KB
1 KB 84ms
78ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&display=swap

Requested by

Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.zuuvi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 17:35:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 17:56:14 GMT

GET
H2 200 gsap.min.js Show response
cdn.zuuvi.com/zuuviapi/gsap/gsap3/ Frame 9214 60 KB
24 KB 153ms
148ms Script
text/javascript 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/zuuviapi/gsap/gsap3/gsap.min.js
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:21:10 GMT
x-amz-version-id: 86gKStuxMdiW5tQi0fz3GVaMv8KhOQGk
content-encoding: gzip
last-modified: Fri, 21 May 2021 09:52:52 GMT
server: AmazonS3
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
x-amz-cf-pop: SEA73-P1
etag: W/"5b20e1b9b1c3ead05cd6c0c385128526"
age: 77705
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: xB6PkDXFiOwCVybRmr7aJaTMFsMgn4qX1W1yaXJ3IxCYvDetsfjArw==

GET
H2 200 zuuviapi.v1.09.js Show response
cdn.zuuvi.com/zuuviapi/ Frame 9214 7 KB
3 KB 170ms
166ms Script
application/javascript 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/zuuviapi/zuuviapi.v1.09.js
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a122e15e482ebb2e238698161af08e7463013ee8d639b18d209f722ad31e5312

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 06:02:36 GMT
x-amz-version-id: lzXpJktKalKMdaQ71buLspK7gexu_Zum
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 15:31:04 GMT
server: AmazonS3
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
x-amz-cf-pop: SEA73-P1
etag: W/"eb3b5ab04b403c46805223811301e5e7"
age: 42819
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: CWQBJFAT-Tb2YM9C29RXz6_Y6CNaAjITJzs46SD3xY98XVV9ILfi2Q==

GET
H2 200 CustomEase.min.js Show response
cdn.zuuvi.com/zuuviapi/gsap/gsap3/ Frame 9214 7 KB
4 KB 176ms
173ms Script
text/javascript 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/zuuviapi/gsap/gsap3/CustomEase.min.js
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 770a39dccb74ef2233aada292c2fc70e3716c0b50f43253c1caf5dd07c53cbcb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: .RMdMfuMjqHKyfysPhxvCJW9KaDOyJPZ
content-encoding: gzip
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
date: Wed, 13 Dec 2023 13:30:40 GMT
last-modified: Fri, 21 May 2021 09:52:52 GMT
server: AmazonS3
x-amz-cf-pop: SEA73-P1
age: 15935
etag: W/"37e567ab1cb84afc819e00e385e7a379"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: Q-9hKADEGbalejU3lPGteL2UHdNYpUN4RP38xHbrUKixu4AHxJHy-Q==

GET
H2 206 v_2eHz_0f87fa49-9af0-4f56-8453-f5e1e9f0f78b.mp4
cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/videos/ Frame 9214 48 KB
0 251ms
250ms Media
video/mp4 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/videos/v_2eHz_0f87fa49-9af0-4f56-8453-f5e1e9f0f78b.mp4
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: _QtL0Qqk5o0Xb_uRQxYicjGUUGhUSI_s
date: Wed, 13 Dec 2023 17:48:07 GMT
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
x-amz-cf-pop: SEA73-P1
age: 697
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-2852754/2852755
x-amz-replication-status: FAILED
Content-Length: 2852755
last-modified: Wed, 15 Nov 2023 15:00:42 GMT
server: AmazonS3
etag: "ed6e68832dcb91971e17c88127ecf62c"
vary: Accept-Encoding
content-type: video/mp4
accept-ranges: bytes
x-amz-cf-id: OGl1tljPM7pmnhM8LJLJft55Y7KVE-KYQzeVZo6h5EopLTjm1jJqjw==

GET
H2 200 i_2eHz_6a86abef-60ff-4cf6-89aa-dcdf15ac7105_caa8c06b-d63d-4cf0-98a6-c701b02b3137.svg
cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/images/ Frame 9214 8 KB
3 KB 746ms
745ms Image
image/svg+xml 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/images/i_2eHz_6a86abef-60ff-4cf6-89aa-dcdf15ac7105_caa8c06b-d63d-4cf0-98a6-c701b02b3137.svg
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4885d2840f01a387b5bef7c1056a206cb8635c1196d0686c39adb354777f7ae2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: TPYNn8MJDIAxhKaPnEK0LorRL.LC3s3O
content-encoding: gzip
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
date: Wed, 13 Dec 2023 16:31:46 GMT
x-amz-cf-pop: SEA73-P1
age: 5144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 2628
last-modified: Wed, 15 Nov 2023 15:00:42 GMT
server: AmazonS3
etag: "67f2c3c2420cec8e4c293a7a57cd693e"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
x-robots-tag: noindex; nofollow
x-amz-cf-id: p3utvpJ2fIVjw0GtOwbpuevk4_lWSfGQkrNNNgtJ7gVfv905hWfsNA==

GET
H2 200 i_2eHz_ff412db4-83b0-4098-8420-add3bc32d8b6_3ebc4aeb-4118-4fa0-bf09-16c7143336d5.png
cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/images/ Frame 9214 1 KB
2 KB 766ms
765ms Image
image/png 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/images/i_2eHz_ff412db4-83b0-4098-8420-add3bc32d8b6_3ebc4aeb-4118-4fa0-bf09-16c7143336d5.png
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dacb16b3a445c83e81a7ff0bcfc24a0eddfd4b69e30e9358fc7a1700bb2f0845

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: oPGJzHoSjD5_qhn3vt5rsHZ.F5l4zn2V
content-encoding: gzip
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
date: Wed, 13 Dec 2023 17:00:10 GMT
x-amz-cf-pop: SEA73-P1
age: 3365
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 1138
last-modified: Wed, 15 Nov 2023 15:00:42 GMT
server: AmazonS3
etag: "26433dfa9dc0b0806c8ded935e9e7839"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-robots-tag: noindex; nofollow
x-amz-cf-id: FtzdC-YBw-ksRYQ8WmF0adRLUEZC_2RjUL4INlOLWZZUTQNfdkW3ZA==

GET
H2 200 7949f9b7-e718-4ab3-867f-0dc7f5e26b58.ttf
cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/fonts/ Frame 9214 6 KB
3 KB 766ms
765ms Font
font/ttf 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/fonts/7949f9b7-e718-4ab3-867f-0dc7f5e26b58.ttf
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2768a075107a0b431547938debfa9065b5032f71638df2d740546087af796de2

Request headers

Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Origin: https://cdn.zuuvi.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:15 GMT
content-encoding: gzip
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
x-amz-version-id: nTgyc52oejnCugXEJ_xFrhTYTGenH2PX
x-amz-cf-pop: SEA73-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 2711
last-modified: Wed, 15 Nov 2023 15:00:42 GMT
server: AmazonS3
etag: "be05303b139d94069828b88d69aedaf2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 1
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers
content-type: font/ttf
accept-ranges: bytes
x-amz-cf-id: U5F8m5ZGc7FCbhFTSyWCwln6BlPkiDPJ5gE5EWmtL5s9govQZLAp_w==

GET
H3 200 8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v19/ Frame 9214 28 KB
28 KB 5ms
5ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red%20Hat%20Display:300,regular,500,600,700,800,900,300italic,italic,500italic,600italic,700italic,800italic,900italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.zuuvi.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:43:31 GMT
x-content-type-options: nosniff
age: 335563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29072
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:14:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 20:43:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9214 15 KB
15 KB 5ms
5ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.zuuvi.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:14:43 GMT
x-content-type-options: nosniff
age: 513691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:14:43 GMT

GET
H2 206 v_2eHz_0f87fa49-9af0-4f56-8453-f5e1e9f0f78b.mp4
cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/videos/ Frame 9214 34 KB
34 KB 468ms
466ms Media
video/mp4 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/videos/v_2eHz_0f87fa49-9af0-4f56-8453-f5e1e9f0f78b.mp4
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5712a6afa9814975d3f685b0fd7026e5941208c99b1a0441c757846242dd8f13

Request headers

Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=2818048-

Response headers

x-amz-version-id: _QtL0Qqk5o0Xb_uRQxYicjGUUGhUSI_s
date: Wed, 13 Dec 2023 17:48:07 GMT
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
x-amz-cf-pop: SEA73-P1
age: 697
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 2818048-2852754/2852755
x-amz-replication-status: FAILED
Content-Length: 34707
last-modified: Wed, 15 Nov 2023 15:00:42 GMT
server: AmazonS3
etag: "ed6e68832dcb91971e17c88127ecf62c"
vary: Accept-Encoding
content-type: video/mp4
accept-ranges: bytes
x-amz-cf-id: F5Kn8sak-xT6yFvC_TV9M2ha6jFGyQ93eIqXl12Zv9r3DYvN59F7tA==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2597 42 B
64 B 87ms
45ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4NlkFDuOwF49ZW7SFUPgB4E_8txLPZ-gxCG8RPBAKArVTFqcvozaqTVBstoC7uy5Tp8EjcbUdWpL8DVpdE7n6B_1k0i1gWtfPswC-4aEuKRgawgIgwXshxLhDhFDV-4jFpGBdIOJUheqqgtEPfkIJWa4L&sai=AMfl-YRT9r50T6qVsxeGgTjxKitm1i1yd3xulGt4zGOpQfAzDQCdLKAjzsVuFZIuLE2sTQu8_63EyCAqpiijxsbjwVbK3aEGfWH49hJ8vVK_5RkphDsqHQGq_SAwGGW4eXQ__Hf_MvtYVSF90Tcg2cRU&sig=Cg0ArKJSzGIMS2ue9I51EAE&cid=CAQSTgDICaaNUm7U8uyIyvuw57G5kmy3RDD5uF0IRQfoAjk1oYKTcyN6iaS805yBZ6nkgm9-ez54b8rAV3rM0eHQYmtFcwyR4xzulF8fy5C8FBgB&id=lidar2&mcvt=1000&p=420,320,700,656&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1870779098&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702490173207&rpt=307&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 serv.ads. Show response
fundingchoicesmessages.google.com/f/AGSKWxVSlzYCK5-IYg4YKFXKq0-dcov063kDBZh03HEbvZ0FQD-Ot9sSAoHT7tKHRYu0U23dCEQuejmJu4uWmXf38OUCakDZmErioJ57SgOhbb4gnFE1LpIOLNIOadlcbyv-WWho8B5FQmFSMIm8MdICMR_sKeJZb... 54 B
108 B 53ms
52ms Script
application/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVSlzYCK5-IYg4YKFXKq0-dcov063kDBZh03HEbvZ0FQD-Ot9sSAoHT7tKHRYu0U23dCEQuejmJu4uWmXf38OUCakDZmErioJ57SgOhbb4gnFE1LpIOLNIOadlcbyv-WWho8B5FQmFSMIm8MdICMR_sKeJZb8U1OQYT5CwvXrt6DGSDHMMDN6ZdJHw6/_/live_ad./images/ad-/ad-callback./imlive5./serv.ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxKmWI5tEmdXDH3NrfDDO7eIZ-ACA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

555e6edf372e8443b42272e0f8646face87e133bca8584bd4ff5fd9689c6c049

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jRazRRqGyC2Y4S4_BHX6Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-jRazRRqGyC2Y4S4_BHX6Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 5ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11389
x-xss-protection: 0
server: cafe
etag: 13573587406519424940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 18:48:25 GMT

POST
H3 204 AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZH0X-jo4i_yUW1UC6FhPyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZH0X-jo4i_yUW1UC6FhPyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mediafire.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 78ms
78ms XHR
text/html 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N-5Agj5ohci7bb1p9aNNXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-N-5Agj5ohci7bb1p9aNNXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EA33 42 B
64 B 45ms
44ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstk0DZqTB14vd85T9gx4aarRGUt73Uf8ZzaCWKP9I2IjYwgcxE9AC4cfI0lMMeglsZtmFdvA9rd3PsIv1iLAjeQpycm0HN4fvnszlfxBBTDiYbZEz6sQe-KHytW4ghaSr0fES9FvX22Ucxbu5L9pk0C1-On&sai=AMfl-YTtJ9jXAXHd9kq1aRZR6uYy041vVZwLcp3IIjD_coJSxOW0vttAzumFjyJO7C8HItyrtGbD8SnQkSpNQ5znfq1pJWw7EFHKIlVVIkYHQqj_nl-uwISZZc86-m9fPuxsBxnzHijveicKnBsu4oKh&sig=Cg0ArKJSzMuLMjSa33TeEAE&cid=CAQSTgDICaaN07cZJ0dFxIUXIPfbZx9woY-pSlgLBric4AQRLQ09xpknYHeGdMihiApTiDDqN_KA4vGMW-PLHATL6WnRG8vqkD2bn5IhkOlVyRgB&id=ampim&o=320,120&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=340&tls=1341&g=100&h=100&tt=1341&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 99A9 42 B
64 B 44ms
44ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXNsLV1cXyWHszVJsMq-YF4GQGvVuTnaAM44NLdg0zBELSmWPd9H2jDk2V7kVh6S0R230oRyBe_Z6WXQ3MrlHxFJEDXga8Gm0A-E_pkGtzAIFCQ_ctHGOAAFMOc_rmNOC0_ejMHr7KdEQ1PSIsyuWwtpAH&sai=AMfl-YSpXnFNJgyKV0ofYoqDeMENOOzeXt50KGMr5SFL87uygd-h8x7nsJ15DVCstyARc9z9J8gaE2w3ECowjsyL6zO2toG9TySuyIwA_2rwUmzUhXmIEqk9D-j7nmi0pM5jY0ugHJ9OIDHLETJtOVN-vQ&sig=Cg0ArKJSzANCIVqNxgkHEAE&cid=CAQSTwDICaaNJdsQAujYdiuOMpOr4H12NmjRwJemcXB5IwzIQ29zCa8xLypcISRCpKSFrNeUvhh0CI_Wyka4xkL0sofsFMcGvznpntmutITBWnQYAQ&id=lidar2&mcvt=1000&p=1095,430,1185,1158&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=215913335&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702490173312&rpt=286&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bI5XCFeX2QBXmPKSdMQKVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bI5XCFeX2QBXmPKSdMQKVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mediafire.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 88ms
87ms XHR
text/html 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOwcpSCHm0ZkODsijZmOjRDSD5GNF92HL-Nz1IZ9rZ1_81LrqIypjw2wF9M3R29TSfAJjIs2oq1iuugPEhXiNUjVt5qQ4TVtCNJE9r_3cOKn_rNZ7wpZw8WNCe2MuC-3dYs-jSZw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QCziOAEh4YAjx4KMKdP_Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QCziOAEh4YAjx4KMKdP_Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.mediafire.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUy4QHehkXiHibmAnjg9DLpp76n_s5KurLkQaMCqDAlzXnUQvhXeKH-YznzF_fIcldTOg92PvAll5XprJqyasWxlM9LLtPvfLk57LzYVkWSFS4LomDCxZrvOXoNmRb86ZpZMWHNtA== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 69ms
69ms Script
application/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUy4QHehkXiHibmAnjg9DLpp76n_s5KurLkQaMCqDAlzXnUQvhXeKH-YznzF_fIcldTOg92PvAll5XprJqyasWxlM9LLtPvfLk57LzYVkWSFS4LomDCxZrvOXoNmRb86ZpZMWHNtA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNDkwMTc0LDYxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZV9wcmVtaXVtL3B6b3hqNnl4ejdvZWppdC9USURBTF92Mi45My4xXyUyNTVCTW9kJTI1NURfJTI1Mjh4QzNGRkYwRSUyNTI5LmFway9maWxlIixudWxsLFtbOCwiaUhIREVsbXBELWciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fad6235676fafef378913f4067637d79a4b31fa88df50ac952ac7064b316066

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9taXs3FTb3MqatSzOfWLeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-9taXs3FTb3MqatSzOfWLeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7810 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7UbudPrl4LgBPA5FgZ13qxCh-X9PNsmfM01brHub29KtZUrP9yogYrfBuOpwsvhOWajdSeiA0JS83c9PcWZb_p0axmlxrHDqcL2sSirHj9jisaQ_ayB3SrWeZrWIURA7yMCIDDONHaqJL4x6QUvzuG6xw&sai=AMfl-YSm7gbgW3UCA1FOJCz_oX2vkyXFaeedvd9BBdKV7wOso-Bx8iW0h7WDkHBfytNID3r_VULlMc86Q_a7d1iS3smTFePBpZ-oG3n35VCYfhi7GszL2iA-iBfxvRQaaEwrkcRNrosvPN2YXXRx7kto&sig=Cg0ArKJSzGOE2Ucg0sbFEAE&cid=CAQSTgDICaaN8OD2-zeHohXOYF47z5-T4Tm7h-Rv3VtuwgYPlY-f34r4vtKXzPdlMryEWtVrhbge2JQI_n0DQVATieFAntBhbHFQsRq1uAhthhgB&id=lidar2&mcvt=1000&p=10,552,100,1280&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=630197753&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702490173171&rpt=496&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW6LBAUBvEjhwIobqcYgyLK8vyabhMaEffNxDksG66rsYk7A7m4LU0coK05X4u_nUbFls_Sa8JTzs8LdRIBfHbzy-aK6Mb3fdpEH6jQlRQLiHx2qXye6A4IW0jWi17R1K5pdMu7uw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
67ms Script
application/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW6LBAUBvEjhwIobqcYgyLK8vyabhMaEffNxDksG66rsYk7A7m4LU0coK05X4u_nUbFls_Sa8JTzs8LdRIBfHbzy-aK6Mb3fdpEH6jQlRQLiHx2qXye6A4IW0jWi17R1K5pdMu7uw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNDkwMTc0LDY5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZV9wcmVtaXVtL3B6b3hqNnl4ejdvZWppdC9USURBTF92Mi45My4xXyUyNTVCTW9kJTI1NURfJTI1Mjh4QzNGRkYwRSUyNTI5LmFway9maWxlIixudWxsLFtbOCwiaUhIREVsbXBELWciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85e2d9bfd3c41845bbee3e47e2b46c7d586e90b8b18ff050c181abdf8900419a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m2Y_2aAjul0WG9toO8Lvbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-m2Y_2aAjul0WG9toO8Lvbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWxlKuDeknw86qaAoHPsh6VN84kfdwfj-EXu9YcU9SqQyXrCMny1T-GIiiUQBqUEHriBZGGyHomu4BR2XHZ8llHX1S3h5WL0yyb1-SJDEO2-mciugpaARMZ4wJu3n0SuHkk_jrqDQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
65ms Script
application/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxlKuDeknw86qaAoHPsh6VN84kfdwfj-EXu9YcU9SqQyXrCMny1T-GIiiUQBqUEHriBZGGyHomu4BR2XHZ8llHX1S3h5WL0yyb1-SJDEO2-mciugpaARMZ4wJu3n0SuHkk_jrqDQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNDkwMTc0LDc4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlX3ByZW1pdW0vcHpveGo2eXh6N29laml0L1RJREFMX3YyLjkzLjFfJTI1NUJNb2QlMjU1RF8lMjUyOHhDM0ZGRjBFJTI1MjkuYXBrL2ZpbGUiLG51bGwsW1s4LCJpSEhERWxtcEQtZyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fad75c822093ab1f4d07c19804e2f1350e6cb53ad8faac322375fd47e9523797

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GeKyXAhvCqOgvIViams_0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-GeKyXAhvCqOgvIViams_0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW8a7_2jteGax7SQRNzhW3uR_FMAmMugCHUXeScVz4qco981nphx48fXQtdeh6WzakgsTz3N6imE8lvQSF8-0HZ8Bj-a0X6PABg_AhF8A0SY8fEsfIZRo7Kri3oFza_wim1dCLcSg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
56ms XHR
text/html 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW8a7_2jteGax7SQRNzhW3uR_FMAmMugCHUXeScVz4qco981nphx48fXQtdeh6WzakgsTz3N6imE8lvQSF8-0HZ8Bj-a0X6PABg_AhF8A0SY8fEsfIZRo7Kri3oFza_wim1dCLcSg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zIhY8z-ZtBgFTjXQo7ua0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 17:56:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zIhY8z-ZtBgFTjXQo7ua0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mediafire.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 206 v_2eHz_0f87fa49-9af0-4f56-8453-f5e1e9f0f78b.mp4
cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/videos/ Frame 9214 3 MB
0 130ms
130ms Media
video/mp4 2600:9000:234d:8000:5:c6ab:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/videos/v_2eHz_0f87fa49-9af0-4f56-8453-f5e1e9f0f78b.mp4
Requested by: Host: cdn.zuuvi.com
URL: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:234d:8000:5:c6ab:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cdn.zuuvi.com/2eHz/auMO/Bdix/Agyc/ZUqV/live/index.html?ev=01_250
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=32768-

Response headers

x-amz-version-id: _QtL0Qqk5o0Xb_uRQxYicjGUUGhUSI_s
date: Wed, 13 Dec 2023 17:48:07 GMT
via: 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront)
x-amz-cf-pop: SEA73-P1
age: 698
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 32768-2852754/2852755
x-amz-replication-status: FAILED
Content-Length: 2819987
last-modified: Wed, 15 Nov 2023 15:00:42 GMT
server: AmazonS3
etag: "ed6e68832dcb91971e17c88127ecf62c"
vary: Accept-Encoding
content-type: video/mp4
accept-ranges: bytes
x-amz-cf-id: OU0OQUeSTJ0y2uY52ZpGiZbg9iQX5GXY9MtxYh4O8yBGwD-__FrzkQ==

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7810 0
0 44ms
43ms Fetch
image/gif 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1n8ehT2p7dZeeu9JPiRFFNTIbchAE-ddXOdo3tkQ_kA5Il8eHV2YeInptgEz75D6kDLydK6uOLdrFZHqdrAgWW0Y0t-jdUw6vDpzmvi5bcGzAX6FBfJzXIrFHpcHAGMlU0WCv9Fqz5COOPJuyfsnD8KImSECcHg0sa4dq99u1Eo2a3o1eZR1YSqRtRN4cQoe_w_62M7xE8arzLccTW9igysKeAp0IGoJZb_6C4wQz2-3Un2FHYslPH5ZmBEAgnKU-McZbsK02oZqwxySRfbVcfpSD_Jt2m_FBYSFiiOTWv1QNim4K0I3ZTfWT8Z1Y4ojzO4W8OBcYZkdd8qXQP78aoc4kI9JY6bPFhoBcmzsMOpgc993bSBYAAG8L-CJZ4_7FvoY7EUs5tvbqPEcSaVLQLnx8N8DcnPf9xCdjyQuFvVKoZZ_Gyh9CnxevgmMQ-O5e-nXjWMwmZjkcXQnqq_RJWRNo8YQ9gaCmheUAeLfBD-IUQhtYHf-jDcSBETAPHyG6ly8JjFlYpjVCHFbsb1Zc_LzEr1pdo4inrTdcKGv_6Vdjclvc3GbxkRaBMbpbMYqlxufnu7pgBRRwcaD83kG8C_8OMgKC8uOipQ1zsF4vLsd4zA-EEeliAlpGi1Hed1H95caWWIzEb-eEaycrDSu533B_Wv5NFc5Iwmhpdp7bcpxIYn3x9jd7pOfX90PyCJBJ4OcZlT9O8Ft3UuOjDhluWRjILVg8isI5tQyspudA1kKXSMO0QuIzqykb0UTtXYYIvBbJ7XVvglTaXFXNS6n8neuuGJ-HDLhVBHmZaOG-csIVs_Mtt6E8Gl6i-lUsuj3jaYIlNvF5sdE7ns0uluSVeHA9Q7RJC-GQr0_YFhPASBT8ZCTUZc-rUrHOKNbqgDPwYdobFWG3-r09AQW9QD7-sTlx0DDx1cVQts-HId1B3G-Kr8oAxOT89YVfKf3vIxxALg-g8495Eq1LHD7BC61DR4bIRJa1KBV3qlNuiHsO1MgJAfCSbGncWWpS_SzZ_P-hi3ewJVzncW4WuYRMWxvCWhcHfniUDlAeklIvrWHOW0Exe_ybZL-RbF4ME134GEApaLHYjwkl7qIqhwQgXKqv69k6mAkozNJPHF9JLd7QtOVeysK-DUvAPGtD9125HMWym7k1Xtx7ifjN448BA48SchGhl5MNb_5S_qmT8F8BeOSpZmokPNoIi-mdm65nyIBOQdMf_wPNZTLlzFTuooM5LO5Cg68SbOZvS03vLGM-LThE_6_rcXxYGQymDXQGyzWdmdqGj3kyfcIn5ccnlAt27NXEYPwAcNpFnJfTdrLHao8MRlkj3050EXpazv8Im9DmEBnhDJu5s4bResxp9kna9ijJzTmcKmY2eCcuB66GYgsYmbMBzA&sai=AMfl-YR6NQcZgL-Wr-dNO0kbj2z1fRbxrz43MbPXjHFkWtCFL66rhDMfSAyOAoUP7uG12ETaeoJJ6NjAk6LSqEg0zTFKnhcNYX45FdGHeIn87S5zqq1pTQRFWYU7T35N5ofajUYWHMeInQWs_n-BspdSAuiDINQoOqmuSl-V90ww3EwZoPHpfqwLczAQXTSTjtBdLWWWM-CdxU7GlMS5CgqJdyl30Y_F2pn67NBNjtiqFOXWxY5XPWku9srWTXA552AAVf2i3cd5lxjrcj8Nsneok4KvS3e5mdbCe5oDbA&sig=Cg0ArKJSzB8orJkfo76cEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1577&vt=11&dtpt=1493&dett=3&cstd=82&cisv=r20231207.33658&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
54ms XHR
application/json 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9e7dc2c6e2b8094f7d206aae6b970e1d98e08b0e6539b26ef009a07383f2bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12302
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 133ms
133ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 17:56:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 168A 13 KB
5 KB 4ms
3ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 151665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 23:48:30 GMT
expires: Tue, 10 Dec 2024 23:48:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF14 829 B
997 B 44ms
41ms Document
text/html 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

430ffac629b6cf1c34704b66602d0a82bb9a1a8fd292c3de121ebefca963edc1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XrqfphimO9mKCv4uDsq1lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XrqfphimO9mKCv4uDsq1lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:15 GMT
expires: Wed, 13 Dec 2023 17:56:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 168A 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 11:48:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF14 0
0 39ms
38ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1560272014423238&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 168A 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v7S2AQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame CF94 35 KB
12 KB 578ms
147ms Document
text/html 23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cd9a3a7e0c4ee09dc6f406631d135c92512c06af1beca63ce9667617ed7ba555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 11900
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 17:56:16 GMT
expires: Fri, 15 Dec 2023 17:56:16 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D652 1 KB
2 KB 519ms
72ms Document
text/html 52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: 5f58755e8bd68119117e4b002dfbb8ddb9484ba64166b9bc5e79cbe0d53f77f8

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1343
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 17:56:16 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C202 16 KB
6 KB 21ms
2ms Document
text/html 23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=86437
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 13 Dec 2023 17:56:15 GMT
expires: Thu, 14 Dec 2023 17:56:52 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&gpp=&gpp_sid=
https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&gpp=&gpp_...
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZXnwPwAGrhPtoQBH

68 B
279 B

140ms
77ms

Image
image/png

46.137.237.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZXnwPwAGrhPtoQBH
Protocol: H2
Server: 46.137.237.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

x-served-by: cache-nrt-rjtf7700020-NRT
pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1702490176.189734,VS0,VE0
x-cache: HIT
location: https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=ZXnwPwAGrhPtoQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=brckcT6yJ3h1tiVwO7U-KjnnJ3t15iUtYbax1EHr

68 B
279 B

72ms
71ms

Image
image/png

46.137.237.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=brckcT6yJ3h1tiVwO7U-KjnnJ3t15iUtYbax1EHr
Protocol: H2
Server: 46.137.237.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=brckcT6yJ3h1tiVwO7U-KjnnJ3t15iUtYbax1EHr
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ42OZHS-1X-AJXT&gdpr=0

68 B
279 B

73ms
70ms

Image
image/png

46.137.237.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ42OZHS-1X-AJXT&gdpr=0
Protocol: H2
Server: 46.137.237.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ42OZHS-1X-AJXT&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=

68 B
280 B

510ms
74ms

Image
image/png

46.137.237.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=
Protocol: H2
Server: 46.137.237.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=
date: Wed, 13 Dec 2023 17:56:15 GMT
server: Kestrel
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&s=2
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=AqFm5w5-Z4x2ge4zSl28&gdpr=0

68 B
279 B

71ms
70ms

Image
image/png

46.137.237.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=AqFm5w5-Z4x2ge4zSl28&gdpr=0
Protocol: H2
Server: 46.137.237.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 17:56:16 GMT
Content-Type: text/html; charset=utf-8
Location: https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=AqFm5w5-Z4x2ge4zSl28&gdpr=0
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 147
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C202 2 KB
3 KB 329ms
3ms Script
text/html 207.65.34.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15548540&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.81 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f3a14a70d1c86cdd5f228e72092d76ea9d8ca6d674e57a24f1118799f63f844e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 13 Dec 2023 17:56:16 GMT
content-length: 2024
content-type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 166ms
165ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1560272014423238&bg=!qaqlquXNAAY3kmNgF5I7ADQBe5WfOC1OjwjtEbaHrcHCKwknmUuAUhC8il6XajxgCakj1vy7WozT-LlSEe3KTJixBM68AgAAAEJSAAAADGgBBwoAesqPQBLR6NtXAHXOi5LxDenjY2hdONR7_N1CrIoBvVIDWdSBiC_AFSJ60nq458XcZ-oQlGEQspZ_JaQxKO54wl4S33tTMqCUowd1KqFICDqUMaRbneFCV-9c7j9l8QeaRK7zFa1pvUlKc0pLYogDB8k1pGDDAeS06vYhmQL-ilitkGpcKU-9Rf2OT2-2RwF1rjowKWEjsOIFSkgAzQm4kSznqN_6K4p3WhfgL3tH83Uta1k0BhSOpMKjisirNnbNWpca8c7tbcWrV9hHDv1DbrWQc-YnxRZln9DK_Vac4N9oaCCmlXPhARtyf9brSmpcItuIY461v0KafP2bR_RMsAC9k-ec9N1UtCBwcnqXGkAxYXwJfHm0JgLdQU-of42ocSndpoSHzuiXvvt6s0lXmNu9Sw45IAmFrR34c50cHJZVyq4cBXNZBRPTV0cIKDef54p-qHiF2VpsV38teJrVTH77JPbGUGEed2q4TAgbd0xkJ6-o3gHzZ2bpR-U1-0rnZ1Crb2kj78Im6X25Mad5nwX6zZG3nAPTrGftBo_EDWSDTWO8OTkfWtXtmDtg0yfeLaq_mjH7GO8NP5GfAz6wBZtAUkOYtYDYpwFslHDZsTabZSYHeTp7KUsmPVnEM_Ai2VEOrzVfPgzsdQdzA7B3Nn9X3hnFuCzAsmS1CSBYFB181QIqaclVlMxGcsFH6FZ7G-woIR-NpIbtl-smU2Uksq3G2xTTVllqJwGRlCCzUt-PK-qi5e8oKIaKEDnle84P0G1Vj633alMwOS6s08v0qA0IhZawWS40SlJzpdWqbdGvkXMXyAbt-tSP2ZeEyiFh9vu-7Su3aH8QmgTWfoLodevW5ujgPJ10v6f1UPWB_jRaIVHUHcbOSqyXcSUB2Cr7_pPbKJ7JqE5BKrRynUQPdM3fTLoT332vsL7oi3qm6dRR6D7iMvPAZvbyut2BrKqV0auyoJmVRB5pf0AciGZQuth-yZPFejHv5fRFrUbZxZ72C_HXnsNcsMVHv5tJI2XGP7dReV5_mnuRehRjUejsUY4V9vnUi4GabRae9zxnPz1CC7s07H5Q_vlC3USLKZ6IvE3uyE3dolCiGxNe8dNQ_u-ET8UXElkTvRhtastMmOq0bG9xXDc_PeA1BHdtCotD_xn6ulVVbm3UBLemsGerHGSUm2RWa2dj2ipHqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7E18
Redirect Chain

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYK6bhCkPiqRks8AED1M4RSt788AAAGMZFJ7Ag

42 B
291 B

3ms
3ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYK6bhCkPiqRks8AED1M4RSt788AAAGMZFJ7Ag
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 13:04:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Wed, 13 Dec 2023 17:56:16 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYK6bhCkPiqRks8AED1M4RSt788AAAGMZFJ7Ag
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 ec7e029564542f4eb6196ab046d31626.cloudfront.net (CloudFront)
x-amz-cf-id: 0j4579lpRSJmedfpSdL5gw3JKjPsbH8de91COjQ7MeMjC0ceqi6sFg==
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FD74
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&gdpr_consent=&gdp...
https://x.bidswitch.net/sync?dsp_id=445&user_id=03fc132f-64d7-374b-8b14-b56919c44c2c&ssp=pubmatic&bsw_param=0d3c33d1-8f60-4d5e-a106-47adcb238c54
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

1 B
184 B

6ms
2ms

Document
text/html

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 13:04:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 13 Dec 2023 17:56:16 GMT
Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5F72
Redirect Chain

https://ds.uncn.jp/pm/0/sync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_a24fe3e7-81ac-4794-ae95-af5e9925575f

42 B
513 B

12ms
3ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_a24fe3e7-81ac-4794-ae95-af5e9925575f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 13:15:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Dec 2023 17:56:16 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_a24fe3e7-81ac-4794-ae95-af5e9925575f
Server: Apache

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C202
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B9B0D16_Rgeq3qe7usQkpA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

3ms
3ms

Image
text/html

23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=86436
accept-ranges: bytes
content-length: 5622
expires: Thu, 14 Dec 2023 17:56:52 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame C202
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=07D0740F-5EBF-4607-AADE-A7BBBAC424A4
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=07D0740F-5EBF-4607-AADE-A7BBBAC424A4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fb90964c-e76b-4c5c-8b98-3d0631c57015%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=fb90964c-e76b-4c5c-8b98-3d0631c57015%2C%2C

95 B
124 B

46ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=fb90964c-e76b-4c5c-8b98-3d0631c57015%2C%2C

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&ttd_puid=fb90964c-e76b-4c5c-8b98-3d0631c57015%2C%2C
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Kestrel
content-length: 359

GET
H2 200 qmap
sync.crwdcntrl.net/ Frame C202 49 B
266 B 313ms
112ms Image
image/gif 18.140.225.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.11.203
content-length: 49
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame C202
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

55ms
55ms

Image
image/gif

119.9.108.191
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:55:35 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:55:35 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C202
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDdEMDc0MEYtNUVCRi00NjA3LUFBREUtQTdCQkJBQzQyNEE0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

15ms
4ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C202
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED3r-z5mdtjteyOistAg9RQ&google_cver=1

42 B
264 B

10ms
2ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED3r-z5mdtjteyOistAg9RQ&google_cver=1
Protocol: H2
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 13:15:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED3r-z5mdtjteyOistAg9RQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C202 43 B
611 B 261ms
73ms Image
image/gif 34.142.175.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.175.142.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 12 Dec 2023 17:56:16 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C202
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXnwQMCo5ssAAIo9hSMAAAAA

42 B
338 B

9ms
3ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXnwQMCo5ssAAIo9hSMAAAAA
Protocol: H2
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 14:31:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 13 Dec 2023 17:56:16 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.168","key":"ZXnwQMCo5ssAAIo9hSMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad441"}
X-SO-Key: ZXnwQMCo5ssAAIo9hSMAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad441
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXnwQMCo5ssAAIo9hSMAAAAA
Cache-Control: private
X-SO-HostName: m-ad441.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: a-tgng40007.dc2p.scaleout.jp
X-SO-IP: 31.204.145.168

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C202
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=

42 B
391 B

24ms
4ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=
Protocol: H2
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&gdpr=0&gdpr_consent=
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Kestrel
content-length: 355

GET
H2 200 07D0740F-5EBF-4607-AADE-A7BBBAC424A4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C202 43 B
602 B 276ms
81ms Image
image/gif 2406:da18:929:5a01:604e:e541:626d:d69e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/07D0740F-5EBF-4607-AADE-A7BBBAC424A4?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a01:604e:e541:626d:d69e Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C202
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=07D0740F-5EBF-4607-AADE-A7BBBAC424A4&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jDBEYytE2uVONlD6fNLBAYnjPSQmeG4-~A&gdpr=0

0
260 B

25ms
4ms

Image
text/plain

207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jDBEYytE2uVONlD6fNLBAYnjPSQmeG4-~A&gdpr=0
Protocol: H2
Server: 207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:09:42 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jDBEYytE2uVONlD6fNLBAYnjPSQmeG4-~A&gdpr=0
date: Wed, 13 Dec 2023 17:56:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7810 0
20 B 41ms
40ms Ping
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6740059015379&version=m202309260101&ct=119&x=1&cor=10892685924483052000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame D652
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
355 B

78ms
78ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&dongle=0cfd&gdpr=0&gdpr_consent=
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame D652
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4NjgyMzk0ODM5MzU0MTA4NjM2Ng%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

74ms
71ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame D652
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENT8xwpo6IQ4oNLSabhd4kE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
355 B

73ms
72ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENT8xwpo6IQ4oNLSabhd4kE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENT8xwpo6IQ4oNLSabhd4kE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D652
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4NjgyMzk0ODM5MzU0MTA4NjM2Ng%3D%3D

170 B
188 B

42ms
40ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4NjgyMzk0ODM5MzU0MTA4NjM2Ng%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzM4NjgyMzk0ODM5MzU0MTA4NjM2Ng%3D%3D
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame D652 0
870 B 197ms
181ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3386823948393541086366&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:15 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 35153ABE7A9847CE85D8026DA3C23AC4 Ref B: TYO01EDGE3421 Ref C: 2023-12-13T17:56:16Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-source-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMZ+Iy50HXz/65gF8eVA==

GET
H2

200

xuid
eb2.3lift.com/ Frame D652
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3386823948393541086366?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1RF8EnlE2oTPl4L0NhAJyPClvtLz9H6y0VzYy6tRjA--~A&dongle=0883

37 B
355 B

72ms
72ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-1RF8EnlE2oTPl4L0NhAJyPClvtLz9H6y0VzYy6tRjA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 13 Dec 2023 17:56:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-1RF8EnlE2oTPl4L0NhAJyPClvtLz9H6y0VzYy6tRjA--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame D652
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3386823948393541086366&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2b2d1e74-9883-4738-b3b5-a98d5b04b505&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
355 B

73ms
73ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 13 Dec 2023 17:56:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame D652 43 B
363 B 819ms
272ms Image
image/gif 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 228238
expires: Wed, 13 Dec 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame D652
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=7011992553673582262&dongle=4d58&gdpr=0&gdpr_consent=

37 B
355 B

73ms
73ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=7011992553673582262&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 13 Dec 2023 17:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
an-x-request-uuid: 422cba06-5b5f-4e6b-b63c-dc47e2721ab8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=7011992553673582262&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 31.204.145.168; 31.204.145.168; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame D652 43 B
960 B 213ms
69ms Image
image/gif 103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3386823948393541086366

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
an-x-request-uuid: c873c290-2e49-4378-aaef-c2e43efc1e2b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.145.168; 31.204.145.168; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame CF94 61 B
301 B 839ms
278ms Script
text/javascript 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:16 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 196890
expires: 60

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame FA09
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3454917760032855000V10%26type%3Drkt%26refUrl%3D%26vid%3D249017640634549177600328550...
https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=rkt&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=1992631729708346253

231 B
654 B

44ms
43ms

Document
text/html

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=rkt&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=1992631729708346253

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 231
content-type: text/html;charset=UTF-8
date: Wed, 13 Dec 2023 17:56:18 GMT
expires: Wed, 13 Dec 2023 17:56:18 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Wed, 13 Dec 2023 17:56:18 GMT
Location: https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=rkt&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=1992631729708346253
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

cksync.php
contextual.media.net/ Frame CF94
Redirect Chain

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=son&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=[UID]
https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=son&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=4a9b1231-5b83-4f57-a7ea-0c4aa1a2a126

57 B
467 B

28ms
27ms

Image
image/gif

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=son&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=4a9b1231-5b83-4f57-a7ea-0c4aa1a2a126

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:17 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 17:56:16 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-41
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=son&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=4a9b1231-5b83-4f57-a7ea-0c4aa1a2a126
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cksync.html
contextual.media.net/ Frame CF94
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3454917760032855...
https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=opx&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=6a848e96-40af-47be-bd1d-45e72dbd6e1f

231 B
231 B

31ms
28ms

Image
text/html

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=opx&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=6a848e96-40af-47be-bd1d-45e72dbd6e1f

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: text/html;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 231
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:16 GMT

Redirect headers

date: Wed, 13 Dec 2023 17:56:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://contextual.media.net/cksync.html?cs=8&vsid=3454917760032855000V10&type=opx&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=6a848e96-40af-47be-bd1d-45e72dbd6e1f
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame CF94
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ1NDkxNzc2MDAzMjg1NTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbeaWajRzcO5Bhkv_FmyV4&google_cver=1

53 B
618 B

332ms
52ms

Image
image/gif

23.219.68.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbeaWajRzcO5Bhkv_FmyV4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 23.219.68.21 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-68-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 17:56:16 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 53
x-mnet-hl2: E
Expires: Wed, 13 Dec 2023 17:56:16 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKbeaWajRzcO5Bhkv_FmyV4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame CF94
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3454917760032855000V10%26type%3Ddxu%26refUrl%3D%26vid%3D24901764063454917760032...
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3454917760032855000V10%26type%3Ddxu%26refUrl%3D%26vid%3D24901764063454917...
https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=dxu&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=AasOCB5q1RdtsY5

57 B
454 B

28ms
28ms

Image
image/gif

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=dxu&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=AasOCB5q1RdtsY5

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:16 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 17:56:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-083f2e64da6706325@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location: https://contextual.media.net/cksync.php?cs=8&vsid=3454917760032855000V10&type=dxu&refUrl=&vid=24901764063454917760032855000V10&axid_e=&ovsid=AasOCB5q1RdtsY5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame CF94
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b4190e8-b2de-4780-b544-4a3c5ac076d9&gdpr=0&gdpr_consent=&us_privacy=

57 B
619 B

29ms
29ms

Image
image/gif

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b4190e8-b2de-4780-b544-4a3c5ac076d9&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:17 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b4190e8-b2de-4780-b544-4a3c5ac076d9&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 829845
content-length: 0
expires: Wed, 13 Dec 2023 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame CF94
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedi...
https://x.bidswitch.net/sync?dsp_id=354&user_id=f4d302d2a7904a238f0c683307b93579&ssp=medianet&bsw_param=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&consent=&gdpr_pd=1&expires=7
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&gdpr_consent=&gdpr_pd=1

57 B
468 B

30ms
29ms

Image
image/gif

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&gdpr_consent=&gdpr_pd=1

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:16 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0d3c33d1-8f60-4d5e-a106-47adcb238c54&gdpr=0&gdpr_consent=&gdpr_pd=1
Date: Wed, 13 Dec 2023 17:56:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync.php
contextual.media.net/ Frame CF94
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=uTxCKyIlQvj1_0ZYzqCp

57 B
459 B

22ms
21ms

Image
image/gif

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=uTxCKyIlQvj1_0ZYzqCp

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:17 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 17:56:17 GMT
Content-Type: text/html; charset=utf-8
Location: https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=uTxCKyIlQvj1_0ZYzqCp
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 111
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame CF94
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3454917760032855000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3454917760032855000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=6993f77d-2907-42c1-ae33-0b0da9a38b6a&cs=1

57 B
468 B

35ms
34ms

Image
image/gif

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=6993f77d-2907-42c1-ae33-0b0da9a38b6a&cs=1

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:18 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:18 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=6993f77d-2907-42c1-ae33-0b0da9a38b6a&cs=1
Date: Wed, 13 Dec 2023 17:56:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame CF94
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf

53 B
629 B

340ms
25ms

Image
image/gif

23.219.68.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 23.219.68.21 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-68-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 17:56:16 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 53
x-mnet-hl2: E
Expires: Wed, 13 Dec 2023 17:56:16 GMT

Redirect headers

location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=f8627ebf-8e87-4ecb-b0e0-fe625dae19cf
date: Wed, 13 Dec 2023 17:56:16 GMT
server: Kestrel
content-length: 199

GET
H2

200

cksync.php
contextual.media.net/ Frame CF94
Redirect Chain

https://creativecdn.com/cm-notify?pi=medianet
https://creativecdn.com/cm-notify?pi=medianet&tc=1
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=ybPefktBJ3FpNVmYKqTNKQlvPGh6EpZopUmXyYxz8Ss&pi=medianet&tc=1

57 B
479 B

35ms
34ms

Image
image/gif

23.40.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=ybPefktBJ3FpNVmYKqTNKQlvPGh6EpZopUmXyYxz8Ss&pi=medianet&tc=1

Requested by

Protocol

Server

23.40.148.27 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-40-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 17:56:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 13 Dec 2023 17:56:17 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=ybPefktBJ3FpNVmYKqTNKQlvPGh6EpZopUmXyYxz8Ss&pi=medianet&tc=1
pragma: no-cache
date: Wed, 13 Dec 2023 17:56:17 GMT, Wed, 13 Dec 2023 17:56:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 38ms
36ms Ping
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693&_p=1702490171852&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1973736332.1702490172&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702490172&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile_premium%2Fpzoxj6yxz7oejit%2FTIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk%2Ffile&dt=TIDAL%20v2.93.1%20%5BMod%5D%20(xC3FFF0E)&_s=2&tfd=6919
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mediafire.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C202 0
128 B 10ms
4ms Script
text/plain 207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:56:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C202 2 KB
2 KB 3ms
3ms Script
text/html 207.65.34.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1059484&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.81 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ea6c8c540aebb25b5282323a3def66f9d5f2e619f49b44a5827e550d84f0f2ce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 13 Dec 2023 17:56:18 GMT
content-length: 1947
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1998
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7011992553673582262&gdpr=0&gdpr_consent=

42 B
297 B

5ms
4ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7011992553673582262&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 17:56:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: b38473fa-7657-4e3f-818d-16fad5fc7cd5
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 17:56:19 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7011992553673582262&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 31.204.145.168; 31.204.145.168; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 793F
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e6tjdSuuYHxgqmJ0Lql5Liz7YH9g-mIpdKrzZjk6

42 B
418 B

3ms
3ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e6tjdSuuYHxgqmJ0Lql5Liz7YH9g-mIpdKrzZjk6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 13:15:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 13 Dec 2023 17:56:18 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=e6tjdSuuYHxgqmJ0Lql5Liz7YH9g-mIpdKrzZjk6
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7D06
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

3ms
3ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 13:04:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:56:18 GMT
expires: Wed, 13 Dec 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 863651
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame 6CB1 85 B
260 B 159ms
159ms Document
image/png 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 13 Dec 2023 17:56:19 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-nrt-rjtf7700020-NRT
x-timer: S1702490179.968043,VS0,VE157

GET send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 1A4B 0
0

GET
H2 200 pxd Show response
dps.jp.cinarra.com/ Frame 1501 0
38 B 16ms
3ms Document
text/plain 35.72.102.184

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=07D0740F-5EBF-4607-AADE-A7BBBAC424A4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.72.102.184 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-length: 0
date: Wed, 13 Dec 2023 17:56:18 GMT

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 6FAD 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 832F
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=634d0b55b1c6435bb33395f477fb16f4

42 B
386 B

3ms
3ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=634d0b55b1c6435bb33395f477fb16f4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 13:04:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Wed, 13 Dec 2023 17:56:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=634d0b55b1c6435bb33395f477fb16f4
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 0C96 43 B
205 B 48ms
41ms Document
image/gif 35.186.193.173

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Wed, 13 Dec 2023 17:56:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C202
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7605676404892933526

42 B
243 B

5ms
4ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7605676404892933526
Protocol: H2
Server: 207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 13 Dec 2023 17:56:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7605676404892933526
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C202 0
128 B 5ms
5ms Script
text/plain 207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:14:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H3 200 log Show response
translate.googleapis.com/element/ 131 B
152 B 41ms
40ms XHR
text/plain 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ja.mzpd0LwwNf8.O/am=AAM/d=1/rs=AN8SPfr5XdV9pKn7iMiDweycteZXW3393Q/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://www.mediafire.com/
X-Goog-AuthUser: 0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/binary

Response headers

date: Wed, 13 Dec 2023 17:56:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mediafire.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 200 log
translate.googleapis.com/element/ Frame 0
0 78ms
39ms Preflight
text/plain 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.mediafire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 13 Dec 2023 17:56:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 dc_oe=ChMIt5P0j_6MgwMVa-QWBR28XA-aEAEYACCo1oZg;dc_eps=AHas8cDKBW4d_egjVwMc01qXWrXcHEumLsHqKjPMdBAssKArLShG3GiOYc15AteY792pzOOwHfTItRi9Hg;met=1;&timestamp=1702490183655;eid1=871060;ecn1=1;etm1=0;eid...
ade.googlesyndication.com/ddm/activity/ Frame 2597 42 B
401 B 93ms
40ms Image
image/gif 142.250.207.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIt5P0j_6MgwMVa-QWBR28XA-aEAEYACCo1oZg;dc_eps=AHas8cDKBW4d_egjVwMc01qXWrXcHEumLsHqKjPMdBAssKArLShG3GiOYc15AteY792pzOOwHfTItRi9Hg;met=1;&timestamp=1702490183655;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI5r_3j_6MgwMVRuoWBR2VbQTUEAEYACD_jqJg;dc_eps=AHas8cDvXtN6jb8lJWTSXDJNY_IZi9iTRLe9ifW4-fN4vavmV4wwKgl-pJ4GO7v9qjtD2t5JDCoj2Ptm6A;met=1;&timestamp=1702490183698;eid1=871060;ecn1=1;etm1=0;eid...
ade.googlesyndication.com/ddm/activity/ Frame 99A9 42 B
107 B 227ms
218ms Image
image/gif 142.250.207.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5r_3j_6MgwMVRuoWBR2VbQTUEAEYACD_jqJg;dc_eps=AHas8cDvXtN6jb8lJWTSXDJNY_IZi9iTRLe9ifW4-fN4vavmV4wwKgl-pJ4GO7v9qjtD2t5JDCoj2Ptm6A;met=1;&timestamp=1702490183698;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIpfqYkP6MgwMVHUAPAh0tDASsEAAYACCMwI9iQhMI9In0j_6MgwMVkNcWBR2dxQyc;dc_eps=AHas8cDIvYd4-KL2Yao7K_i51eT_qRl-x675H4vwlhylH_WUUDvc2qV3EAeCmcRjN8AJs3wpC-4UM_e5Dw;met=1;&timestamp=1702490185216;e...
ade.googlesyndication.com/ddm/activity/ Frame 7810 42 B
107 B 42ms
40ms Image
image/gif 142.250.207.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpfqYkP6MgwMVHUAPAh0tDASsEAAYACCMwI9iQhMI9In0j_6MgwMVkNcWBR2dxQyc;dc_eps=AHas8cDIvYd4-KL2Yao7K_i51eT_qRl-x675H4vwlhylH_WUUDvc2qV3EAeCmcRjN8AJs3wpC-4UM_e5Dw;met=1;&timestamp=1702490185216;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:56:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 greenoaks.gif
g.ezoic.net/detroitchicago/ 0
69 B 71ms
70ms Ping
text/plain 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjYzI2ZTBjNC0wMTgzLTQwZjktNTZhNC1kNjJhYzNjYWZjMjYiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAyNDkwMTcyLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2MyNmUwYzQtMDE4My00MGY5LTU2YTQtZDYyYWMzY2FmYzI2IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMjQ5MDE3MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTItMTQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTU0MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImNjMjZlMGM0LTAxODMtNDBmOS01NmE0LWQ2MmFjM2NhZmMyNiIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MDI0OTAxNzIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImNjMjZlMGM0LTAxODMtNDBmOS01NmE0LWQ2MmFjM2NhZmMyNiIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MDI0OTAxNzIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2MyNmUwYzQtMDE4My00MGY5LTU2YTQtZDYyYWMzY2FmYzI2IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMjQ5MDE3MiwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.mediafire.com
x-middleton-display: ezp_sol
date: Wed, 13 Dec 2023 17:56:29 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 12 Dec 2023 17:56:29 GMT

POST
H2 204 greenoaks.gif
g.ezoic.net/detroitchicago/ 0
16 B 72ms
71ms Ping
text/plain 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjYzI2ZTBjNC0wMTgzLTQwZjktNTZhNC1kNjJhYzNjYWZjMjYiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAyNDkwMTcyLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxOTIifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjUwMiJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiNDUifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNzUifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI4NiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIzMzk3In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2MyNmUwYzQtMDE4My00MGY5LTU2YTQtZDYyYWMzY2FmYzI2IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMjQ5MDE3MiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNjE1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2MyNmUwYzQtMDE4My00MGY5LTU2YTQtZDYyYWMzY2FmYzI2IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMjQ5MDE3MiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI2MTUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjYzI2ZTBjNC0wMTgzLTQwZjktNTZhNC1kNjJhYzNjYWZjMjYiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAyNDkwMTcyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2MyNmUwYzQtMDE4My00MGY5LTU2YTQtZDYyYWMzY2FmYzI2IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMjQ5MDE3MiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.mediafire.com
x-middleton-display: ezp_sol
date: Wed, 13 Dec 2023 17:56:29 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 12 Dec 2023 17:56:29 GMT

POST
H2 204 greenoaks.gif
g.ezoic.net/detroitchicago/ 0
62 B 74ms
74ms Ping
text/plain 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjYzI2ZTBjNC0wMTgzLTQwZjktNTZhNC1kNjJhYzNjYWZjMjYiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAyNDkwMTcyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfV0=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:da18:9d0:143f:29e7:ae24:cfea:e9bb Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.mediafire.com
x-middleton-display: ezp_sol
date: Wed, 13 Dec 2023 17:56:27 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 12 Dec 2023 17:56:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-dsp.ad-m.asia
URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

358 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

139 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk	1970-01-21 01:40:26	Name: ezux_lpl_484470 Value: 1702490175217\|cc26e0c4-0183-40f9-56a4-d62ac3cafc26\|false
.3lift.com/sync	1970-01-20 19:04:26	Name: sync Value: CgoIoQEQo_bJosYxCgoIkQIQo_bJosYxCgoItAIQo_bJosYxCgoI5gEQo_bJosYxCgoIhwIQo_bJosYxCgoItwIQo_bJosYxCgkIOhCj9smixjEKCgiMAhCj9smixjEKCQhfEKP2yaLGMQoJCB8Qo_bJosYx
.bit.ly/	1970-01-20 21:14:02	Name: _bit Value: nbdhUb-589bf0bf15dc5aa76e-00A
.mediafire.com/	1970-01-21 02:30:50	Name: ukey Value: iczik709s9lz8nlyrpkoh9wye6m0fvzm
.mediafire.com/	1970-01-20 16:59:09	Name: pzi4 Value: 1
.mediafire.com/	1970-01-20 17:38:02	Name: conv_tracking_data-2 Value: %7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FChrome%22%2C%22mf_campaign%22%3A%22pzoxj6yxz7oejit%22%2C%22mf_term%22%3A%2200f864b7f3cc8639acee11636f67f1b5%22%7D
.mediafire.com/	1970-01-20 16:54:51	Name: __cf_bm Value: .TLI2slBgqMbiYgYcCyXNJ7_CYGwiL8goK3XjHNtKaA-1702490171-1-ATFGWUr3RT3JkgVwPjj9Nhy7LbkLnalaFTWu/GZohA5HbJkAnT30SKAMN/oWLIyw0J8P7FYph9vC8379WeTJu0c=
.mediafire.com/	1970-01-21 01:40:26	Name: amp_28916b Value: gUQHMmIejGe5Lc_hpdphli...1hhi54qgh.1hhi54qgh.0.1.1
.mediafire.com/	1970-01-20 16:54:51	Name: ezoadgid_484470 Value: -1
.mediafire.com/	1970-01-20 16:54:57	Name: ezoref_484470 Value:
.mediafire.com/	1970-01-21 01:40:26	Name: ezosuibasgeneris-1 Value: 39cbcca9-f10f-4cfc-4165-0f6e094ef4fc
.mediafire.com/	1970-01-20 16:54:57	Name: ezoab_484470 Value: mod13
.mediafire.com/	1970-01-20 16:54:51	Name: lp_484470 Value: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file
.mediafire.com/	1970-01-20 16:57:42	Name: ezovuuidtime_484470 Value: 1702490172
.mediafire.com/	1970-01-20 16:54:51	Name: ezovuuid_484470 Value: 4b566c3d-b6a4-48b3-6b1e-c6773251492b
.mediafire.com/	1970-01-20 16:57:42	Name: active_template::484470 Value: orig_site.1702490172
.mediafire.com/	1970-01-20 16:54:51	Name: ezopvc_484470 Value: 1
www.mediafire.com/	1970-01-20 16:57:42	Name: ezstandaloneuser Value: false
otnolatrnup.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
otnolatrnup.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
otnolatrnup.com/	1970-01-21 02:30:50	Name: IUID Value: 1e9b7b19-35ee-49a5-9cae-e3caa0ca2039
otnolatrnup.com/	1969-12-31 23:59:59	Name: ISSH Value: 6FF014
otnolatrnup.com/	1969-12-31 23:59:59	Name: VMI Value:
otnolatrnup.com/	1970-01-21 02:30:50	Name: CHN Value: #[]
otnolatrnup.com/	1970-01-21 02:30:50	Name: MSSH Value: #{}
otnolatrnup.com/	1970-01-21 02:30:50	Name: MSRH Value: #{}
otnolatrnup.com/	1970-01-21 02:30:50	Name: ILP Value: null
otnolatrnup.com/	1970-01-21 02:30:50	Name: ILPLU Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-21 02:30:50	Name: ILEALC Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-20 16:55:04	Name: ILMPF Value: #False
otnolatrnup.com/	1970-01-21 02:30:50	Name: IPMPLU Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-21 02:30:50	Name: IPMUID Value: #
otnolatrnup.com/	1970-01-21 02:30:50	Name: BSWUID Value: #
otnolatrnup.com/	1970-01-21 02:30:50	Name: IBL Value: #[]
otnolatrnup.com/	1970-01-21 02:30:50	Name: ISH Value: #{"101":[{"SId":"6FF014","D":"23/12/13T9:56:12"}]}
otnolatrnup.com/	1970-01-21 02:30:50	Name: ISH_Q Value: #[101]
.mediafire.com/	1970-01-21 01:40:26	Name: cf_clearance Value: v2xVoA1kjKTwd6I7_6uMD4BO8xPujwgsn9ISwlOJK1o-1702490172-0-1-554a0de4.e2eb54b3.24b5204-0.2.1702490172
.mediafire.com/	1970-01-20 16:56:16	Name: _gid Value: GA1.2.1881301551.1702490172
.mediafire.com/	1970-01-20 16:54:50	Name: _gat_gtag_UA_829541_1 Value: 1
.mediafire.com/	1970-01-21 02:30:50	Name: _ga Value: GA1.1.1973736332.1702490172
.mediafire.com/	1970-01-20 16:54:50	Name: lotame_domain_check Value: mediafire.com
.sharethrough.com/	1970-01-20 17:38:02	Name: stx_user_id Value: 3b39bebc-72ca-4edb-a0c8-649a20ccb163
.3lift.com/	1970-01-20 19:04:26	Name: tluid Value: 3386823948393541086366
.openx.net/	1970-01-21 01:40:26	Name: i Value: 7104d850-4228-42a9-8484-f361fb75cf3e\|1702490172
.crwdcntrl.net/	1970-01-20 23:23:35	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:23:35	Name: _cc_id Value: a90b91aba5bb290272ac94ea1dddb8e9
.mediafire.com/	1970-01-20 23:23:38	Name: _cc_id Value: a90b91aba5bb290272ac94ea1dddb8e9
.mediafire.com/	1970-01-20 17:04:54	Name: panoramaId_expiry Value: 1703094972968
.mediafire.com/	1970-01-20 17:04:54	Name: panoramaId Value: 611a2bcba5fb1936bf25923e2409185ca02c2c9f900ca7d6c59277dada9fd682
.mediafire.com/	1970-01-20 17:04:54	Name: panoramaIdType Value: panoDevice
.openx.net/	1970-01-20 17:16:26	Name: pd Value: v2\|1702490173\|jElYiuvOhI
.adsrvr.org/	1970-01-21 01:41:52	Name: TDID Value: f8627ebf-8e87-4ecb-b0e0-fe625dae19cf
.ladsp.com/	1970-01-20 16:54:53	Name: cr Value: 1
.ladsp.com/	1970-01-21 02:30:50	Name: smn_uid Value: T4g5mq9yMt6DTBanhSl_1xA9TOEUre8
.openx.net/	1970-01-20 17:16:26	Name: univ_id Value: 537072971\|f8627ebf-8e87-4ecb-b0e0-fe625dae19cf\|1702490173235666
.mediafire.com/	1970-01-21 02:16:26	Name: __gads Value: ID=9730dd70aa8a011b:T=1702490172:RT=1702490172:S=ALNI_MbcCK2JkyMdUKXQrsfw6l2EYYre2w
.mediafire.com/	1970-01-21 02:16:26	Name: __gpi Value: UID=00000cac7e56cb7c:T=1702490172:RT=1702490172:S=ALNI_Ma1xzb80B4XYHnl3yccrntBNlOnIQ
.mediafire.com/	1970-01-21 02:30:50	Name: _ga_K68XP6D85D Value: GS1.1.1702490172.1.0.1702490173.59.0.0
.doubleclick.net/	1970-01-21 02:30:50	Name: IDE Value: AHWqTUlX95--uwvXI3lM6TSxtS1tZ7rv1ibrUQaygKpOYzY_sjBsfgpomINFGLJj
.send.microad.jp/	1970-01-20 19:04:26	Name: TR Value: 53119613e80c8650940e1d76174baf651c1cf5f1f76e6ec0
.casalemedia.com/	1970-01-21 01:40:26	Name: CMID Value: ZXnwPcD4ZmNDXAoGAqOCGwAA
.casalemedia.com/	1970-01-20 19:04:26	Name: CMPS Value: 5518
.casalemedia.com/	1970-01-20 19:04:26	Name: CMPRO Value: 5518
.doubleclick.net/	1970-01-20 21:14:02	Name: APC Value: AfxxVi5ECnto5u0FL-cWolKbVFMIU5aC4OC715POEUSzRCVKU1dhYg
.mediafire.com/	1970-01-21 01:40:26	Name: FCNEC Value: %5B%5B%22AKsRol-XPBt1pqhTscbNVHX12cRFLCPCrJDCNTgwFGY5p48UaKRGtKNWfbA33GqY_6ugdSpw-MONCVpR7KTsiKBhDvEexglL_e5rIWXWX1T82NehbMuQsjPll2CuYD96WDpO-Hv49mtFkJgAabokkIyjS34zbx-R3Q%3D%3D%22%5D%5D
.everesttech.net/	1970-01-21 01:40:26	Name: everest_g_v2 Value: g_surferid~ZXnwPwAGrhPtoQBH
.pubmatic.com/	1970-01-21 01:40:26	Name: KADUSERCOOKIE Value: 07D0740F-5EBF-4607-AADE-A7BBBAC424A4
.pubmatic.com/	1970-01-20 19:04:26	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 16:56:16	Name: pi Value: 158936:2
.pubmatic.com/	1970-01-20 19:04:26	Name: DPSync3 Value: 1703635200%3A201_245_226%7C1702512000%3A248
.pubmatic.com/	1970-01-20 19:04:26	Name: SyncRTB3 Value: 1703030400%3A223%7C1703635200%3A217_220_202_76_21_13_54_71%7C1703289600%3A63
.socdm.com/	1970-01-21 02:30:50	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzAyNDkwMTczLCJwdWJtYXRpYyI6MTcwMjQ5MDE3Nn0
.bidswitch.net/	1970-01-21 01:40:26	Name: tuuid Value: 0d3c33d1-8f60-4d5e-a106-47adcb238c54
.bidswitch.net/	1970-01-21 01:40:26	Name: c Value: 1702490176
.bidswitch.net/	1970-01-21 01:40:26	Name: tuuid_lu Value: 1702490176
.uncn.jp/	1970-01-21 01:40:26	Name: t Value: v_a24fe3e7-81ac-4794-ae95-af5e9925575f
.pubmatic.com/	1970-01-20 17:38:02	Name: KRTBCOOKIE_1201 Value: 23170-v_a24fe3e7-81ac-4794-ae95-af5e9925575f&KRTB&23180-v_a24fe3e7-81ac-4794-ae95-af5e9925575f&KRTB&23547-v_a24fe3e7-81ac-4794-ae95-af5e9925575f
.pubmatic.com/	1970-01-20 17:38:02	Name: KRTBCOOKIE_656 Value: 12671-ZXnwQMCo5ssAAIo9hSMAAAAA&KRTB&23509-ZXnwQMCo5ssAAIo9hSMAAAAA&KRTB&23514-ZXnwQMCo5ssAAIo9hSMAAAAA
.pubmatic.com/	1970-01-20 19:04:26	Name: KRTBCOOKIE_377 Value: 6810-f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&KRTB&22918-f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&KRTB&22926-f8627ebf-8e87-4ecb-b0e0-fe625dae19cf&KRTB&23031-f8627ebf-8e87-4ecb-b0e0-fe625dae19cf
.ladsp.com/	1970-01-21 02:30:50	Name: lum Value: CIL2yaLGMRIFCAMQ0AUSBQgKEJAN
.tapad.com/	1970-01-20 18:21:14	Name: TapAd_TS Value: 1702490176244
.tapad.com/	1970-01-20 18:21:14	Name: TapAd_DID Value: fb90964c-e76b-4c5c-8b98-3d0631c57015
.pubmatic.com/	1970-01-20 17:38:02	Name: KRTBCOOKIE_629 Value: 11487-AYK6bhCkPiqRks8AED1M4RSt788AAAGMZFJ7Ag
.pubmatic.com/	1970-01-20 19:04:26	Name: KRTBCOOKIE_80 Value: 22987-CAESED3r-z5mdtjteyOistAg9RQ&KRTB&23025-CAESED3r-z5mdtjteyOistAg9RQ&KRTB&23386-CAESED3r-z5mdtjteyOistAg9RQ
.quantserve.com/	1970-01-20 19:04:26	Name: d Value: EEcBDQHTKsv7kwA
.quantserve.com/	1970-01-21 02:25:04	Name: mc Value: 6579f040-468c7-bae43-d6e94
.tapad.com/	1970-01-20 18:21:14	Name: TapAd_3WAY_SYNCS Value: 1!8345
.media.net/	1970-01-21 01:40:26	Name: visitor-id Value: 3454917760032855000V10
.semasio.net/	1970-01-21 01:40:26	Name: SEUNCY Value: A9E0CCD9BD21EA36
.adsrvr.org/	1970-01-21 01:41:52	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsItLGK2tqDvjwQBRIXCghwdWJtYXRpYxILCIS27d3ag748EAUSFAoFdGFwYWQSCwiOzeTe2oO-PBAFEhYKB3N2eDl0NTASCwi0_ZHf2oO-PBAFGAEgASgCMgsIjo7yjPGDvjwQBTgBWgc4bTMzems0YAI.
.aralego.com/	1970-01-20 23:49:04	Name: sspid Value: 03fc132f-64d7-374b-8b14-b56919c44c2c
.pubmatic.com/	1970-01-20 19:04:26	Name: KRTBCOOKIE_466 Value: 16530-0d3c33d1-8f60-4d5e-a106-47adcb238c54
.pubmatic.com/	1970-01-20 17:38:02	Name: PugT Value: 1702472668
.rubiconproject.com/	1970-01-21 01:40:26	Name: khaos Value: LQ42OZHS-1X-AJXT
.rubiconproject.com/	1970-01-21 01:40:26	Name: audit Value: 1\|T+sK0Lc8BOGLLZEsu8ySoiaZzXHI1wv+xQngA1jmGGENIXVBPorKWoMcGp6l+fzxxTcQepgUn1pCqQ3+tQhlLHMDvubSxZCGuR18xm2L0EeGvoyWa7DhvNES+wzatrvcxGZLyAazrKXMayPfYpUGPWRM4Hfc9hXhgIFgF7IXijuyqVI1k5poNA==
pixel.rubiconproject.com/	1970-01-20 19:04:26	Name: receive-cookie-deprecation Value: 1
.simpli.fi/	1970-01-21 01:41:52	Name: suid Value: EDEBD622E2014A22A45B72CE5DC64BF2
.media.net/	1970-01-21 01:38:59	Name: data-o Value: 6a848e96-40af-47be-bd1d-45e72dbd6e1f~~8
.analytics.yahoo.com/	1970-01-21 01:40:26	Name: IDSYNC Value: 18z8~2fl5
.yahoo.com/	1970-01-21 01:40:47	Name: A3 Value: d=AQABBEDweWUCEF_gJvvlktRHYEKoWaQhckcFEgEBAQFBe2WDZWChyyMA_eMAAA&S=AQAAAkhS6GLftHfzge3i8Rw3U8Q
.linkedin.com/	1970-01-20 19:04:26	Name: li_sugr Value: da0e1c45-30d1-475f-9df0-3b9271c3a534
.linkedin.com/	1970-01-21 01:40:26	Name: bcookie Value: "v=2&4d63b48e-91f5-4a3c-81e6-d092627f72f6"
.linkedin.com/	1970-01-20 16:56:16	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3077:u=1:x=1:i=1702490176:t=1702576576:v=2:sig=AQEXQECSo3BSLwODlj28HJHnGin1gpb5"
.adnxs.com/	1970-01-20 19:04:26	Name: uuid2 Value: 7011992553673582262
.adnxs.com/	1970-01-20 19:04:26	Name: anj Value: dTM7k!M4/YDunaTF']wIg2HaLsKMHQ!@wnf-Te9(SNOfY2^u31Et+=qErt7iFoyPjFq'RsFSK:aGmB$8n8/%<GdD1J%q)3RFm<u1
.adnxs.com/	1970-01-20 19:04:26	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIzMzg2ODIzOTQ4MzkzNTQxMDg2MzY2IiwiZXhwaXJlcyI6IjIwMjQtMDMtMTJUMTc6NTY6MTZaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTItMTNUMTc6NTY6MTZaIn0=
.admixer.net/	1970-01-20 19:04:26	Name: am-uid Value: f4d302d2a7904a238f0c683307b93579
.media.net/	1970-01-21 01:38:59	Name: data-bs Value: 0d3c33d1-8f60-4d5e-a106-47adcb238c54~~1
.sportradarserving.com/	1970-01-21 01:40:26	Name: zuuid Value: 2b2d1e74-9883-4738-b3b5-a98d5b04b505
.sportradarserving.com/	1970-01-21 01:40:26	Name: c Value: 1702490176
.sportradarserving.com/	1970-01-21 01:40:26	Name: zuuid_lu Value: 1702490176
.w55c.net/	1970-01-21 02:26:30	Name: wfivefivec Value: AasOCB5q1RdtsY5
.sportradarserving.com/	1970-01-21 01:40:26	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 01:40:26	Name: zuuid_k_lu Value: 1702490176
.media.net/	1970-01-20 17:14:59	Name: data-ttd Value: f8627ebf-8e87-4ecb-b0e0-fe625dae19cf~~1
.media.net/	1970-01-20 17:14:59	Name: data-g Value: CAESEKbeaWajRzcO5Bhkv_FmyV4~~8
.w55c.net/	1970-01-20 17:38:02	Name: matchmedianet Value: 5
.media.net/	1970-01-21 01:38:59	Name: data-xu Value: AasOCB5q1RdtsY5~~8
.go.sonobi.com/	1970-01-20 17:38:02	Name: __uis Value: 4a9b1231-5b83-4f57-a7ea-0c4aa1a2a126
.media.net/	1970-01-20 17:35:09	Name: data-so Value: 4a9b1231-5b83-4f57-a7ea-0c4aa1a2a126~~8
.creativecdn.com/	1970-01-21 01:40:26	Name: u Value: kkFLtP6GobWx0Q4uFLnr
.creativecdn.com/	1970-01-21 01:40:26	Name: g Value: kkFLtP6GobWx0Q4uFLnr_1702490176967
.creativecdn.com/	1970-01-21 01:40:26	Name: ts Value: 1702490176
.zemanta.com/	1970-01-21 01:40:26	Name: zuid Value: uTxCKyIlQvj1_0ZYzqCp
.media.net/	1970-01-21 01:40:26	Name: data-ze Value: uTxCKyIlQvj1_0ZYzqCp~~1
.criteo.com/	1970-01-21 02:16:26	Name: uid Value: 1b4190e8-b2de-4780-b544-4a3c5ac076d9
.media.net/	1970-01-20 17:38:02	Name: data-c Value: 1b4190e8-b2de-4780-b544-4a3c5ac076d9~~1
.media.net/	1970-01-20 17:38:02	Name: data-c-ts Value: 1702490177
.media.net/	1970-01-21 01:40:26	Name: data-rbh Value: ybPefktBJ3FpNVmYKqTNKQlvPGh6EpZopUmXyYxz8Ss~~1
.mfadsrvr.com/	1970-01-21 02:30:50	Name: tuuid Value: 6993f77d-2907-42c1-ae33-0b0da9a38b6a
.mfadsrvr.com/	1970-01-21 02:30:50	Name: c Value: 1702490177
.mfadsrvr.com/	1970-01-21 02:30:50	Name: tuuid_lu Value: 1702490177
.mfadsrvr.com/	1970-01-21 02:30:50	Name: ssh Value: !medianet,1702490177
.rfihub.com/	1970-01-21 02:16:26	Name: rud Value: H4sIAAAAAAAA_-MSNrS0NDIzNjQ3sjQ3sDA2MTMyNRbiM9QNyU4sMSzyzSzNC_cGAD85qG8lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrS0NDIzNjQ3sjQ3sDA2MTMyNRbiM9QNyU4sMSzyzSzNC_cGAD85qG8lAAAA
.media.net/	1970-01-21 01:40:26	Name: data-mf Value: 6993f77d-2907-42c1-ae33-0b0da9a38b6a~~1
.media.net/	1970-01-21 01:38:59	Name: data-rk Value: 1992631729708346253~~8
.pubmatic.com/	1970-01-20 17:38:02	Name: SPugT Value: 1702490178

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file(Line 1111) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security	error	URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Message: Mixed Content: The page at 'https://www.mediafire.com/file_premium/pzoxj6yxz7oejit/TIDAL_v2.93.1_%255BMod%255D_%2528xC3FFF0E%2529.apk/file' was loaded over HTTPS, but requested an insecure frame 'http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ad-delivery.net
ad.doubleclick.net
ade.googlesyndication.com
ads.pubmatic.com
analytics.google.com
api.amplitude.com
api.btloader.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bit.ly
btloader.com
btlr.sharethrough.com
c1.adform.net
cdn.amplitude.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.otnolatrnup.com
cdn.prod.uidapi.com
cdn.zuuvi.com
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
contextual.media.net
cr-p10.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs.media.net
dis.criteo.com
dps.jp.cinarra.com
ds.uncn.jp
dsum-sec.casalemedia.com
e9180638c16cc7e3756bae5c63d67eb0.safeframe.googlesyndication.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezoic.net
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
match.adsrvr.org
match.sharethrough.com
oa.openxcdn.net
oajs.openx.net
otnolatrnup.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
privacy.gatekeeperconsent.com
px.ads.linkedin.com
rtb.mfadsrvr.com
s-cs.send.microad.jp
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static.criteo.net
static.mediafire.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
tags.crwdcntrl.net
tg.socdm.com
the.gatekeeperconsent.com
tlx.3lift.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.ezojs.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mediafire.com
x.bidswitch.net
cm-supply-web.gammaplatform.com
sync-dsp.ad-m.asia
103.43.90.179
104.16.113.74
104.18.36.155
119.9.108.191
13.228.126.19
13.251.160.207
130.211.23.194
141.95.98.65
142.250.207.2
142.250.207.34
142.251.42.198
151.101.194.49
172.217.26.226
18.139.4.93
18.140.225.254
18.179.121.248
182.161.74.1
182.161.74.16
185.184.8.90
185.84.60.20
198.8.71.130
2001:4860:4802:38::178
202.233.84.8
207.65.34.74
207.65.34.76
207.65.34.80
207.65.34.81
209.58.171.197
211.120.53.200
23.108.103.8
23.219.68.21
23.39.216.189
23.40.148.27
2404:6800:4004:801::2003
2404:6800:4004:80c::2002
2404:6800:4004:80f::2003
2404:6800:4004:81e::2008
2404:6800:4004:81e::200a
2404:6800:4004:820::2006
2404:6800:4004:821::2002
2404:6800:4004:822::2001
2404:6800:4004:822::2002
2404:6800:4004:822::200a
2404:6800:4004:823::2002
2404:6800:4004:824::2003
2404:6800:4004:824::2004
2404:6800:4004:824::200e
2404:6800:4004:825::2001
2404:6800:4004:826::2001
2404:6800:4004:827::200e
2404:6800:4008:c15::9d
2406:2600:4::b
2406:da18:929:5a01:604e:e541:626d:d69e
2406:da18:9d0:143f:29e7:ae24:cfea:e9bb
2600:140b:1a00:19::17dc:4491
2600:9000:21ee:e000:a:e047:753:a221
2600:9000:234d:8000:5:c6ab:f440:93a1
2606:4700:10::ac43:266a
2606:4700:10::ac43:293c
2606:4700:20::ac43:4513
2606:4700:3032::ac43:aa90
2606:4700:3033::6815:1c30
2606:4700:3033::ac43:903e
2606:4700::6813:d625
2606:4700:e0::ac40:6a06
2620:116:800e:21:46d:7e81:55ff:4c12
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42::485
3.121.129.13
34.102.146.192
34.111.113.62
34.120.135.53
34.120.63.153
34.142.175.23
34.96.70.87
34.98.64.218
35.186.193.173
35.213.12.39
35.213.93.179
35.71.131.137
35.72.102.184
46.137.237.145
52.11.164.10
52.223.2.229
52.76.98.54
54.255.18.102
64.202.112.255
65.9.42.118
67.199.248.10
69.173.158.64
72.34.250.75
99.84.133.64
99.84.50.103
0015ebc3bfccd003bf73b4766e60b05bdb0ce83cb8ab9b513d63ca1cf3c00523
02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
079f59405da9aed3725440b658577d5b8f974dc7cc3a87f9cbe0dc82d235c13d
082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df
116adebfb659e20f7f9eb7791fd5fd1e2da62459c2af8d79f6e68a9f48728e37
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
170d213089b3f428c4f5a232a9fd27469795bb6423c40ea564cc0ef0be6b2c9a
178832ec1b6de00ff7563f653b7ef3aff80a86ac4d73f07833935e1d52bbe133
17ebd17218aad87cf1437bcd1543b71765f762de0829ecf5bfba5f879d6bb9de
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
2768a075107a0b431547938debfa9065b5032f71638df2d740546087af796de2
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
32b2e74c7d9e0baac59a55842c2c72fec70fc5f4cf3a582661f4897cb805c86d
3343edbd54eefb1c3665945a3accb84c2ebb230798c32adee3099c25032319d4
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35f6c78a1810ee4d31cc77797b98597fce97e24f695bc7cdff58e58ad0cf73db
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
38ce2cefdf0094ba37eb84b49ce37698f071c3bf2bd7929e8cdf71a255feb4c9
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9e86523b065c3ee7ef59bed0824750bb0d653cba311c8274639f897bee0d0b
3fad6235676fafef378913f4067637d79a4b31fa88df50ac952ac7064b316066
40b7af4ee5b08a119d82a20918bba0605ef1187e7ee8ef0055dc2caae448ed1c
430ffac629b6cf1c34704b66602d0a82bb9a1a8fd292c3de121ebefca963edc1
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bfd4efdc0e50c7ddf838d314861e51615398c1240fe5059d6f742b07763190
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
462653493b223ae333e0837637305d16508f206ffff7b52433c756fa23309897
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4885d2840f01a387b5bef7c1056a206cb8635c1196d0686c39adb354777f7ae2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4962dc9bd22a522eb6ee1e8251bd4725fd23de345ee11d67d3e7eb6c33a92bbe
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b800de57b737c1225bdd8d946fa586d0c1607a0aceb3a4988f968550fb37e3e
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50540eb32f28a5476d4c0ecff3886cc310ff6c575cb490124325e48b4fae6f0c
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
517628f43f729dd8c2aa16f7c073c056a4dd36488e5b2921544011103e8278bd
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
549bd3e9e2cfe91e355ba68c1fe15c0af27e0391123630b9ccfbbbd559cdba47
555e6edf372e8443b42272e0f8646face87e133bca8584bd4ff5fd9689c6c049
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5645fbd3430f802b80e89f214e47358aaf1af2e82a8a337ccad6860293e2f604
5712a6afa9814975d3f685b0fd7026e5941208c99b1a0441c757846242dd8f13
57fb5c3143dc7de46119d0eff3a92a5a04b5e9da836143f33a5ab34cd2bdba72
5f58755e8bd68119117e4b002dfbb8ddb9484ba64166b9bc5e79cbe0d53f77f8
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e11d9482b39d73ce9451b87bf3e12a3c55056c44177695306fb36b60c60ec5
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
66f8ecd359ccf9d79ae9c4ad10312de1a65db446344b2667e54d604f25d3165b
671c9364f35b1a7ef0f50cb98b0cc36cbd6acb045e51c304daa97f6732c4ad33
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
731dc606af8811bf5191e780c6cfd7a6cb9e469d00359d2ac7d99e6478e3fe24
738cc755a5e941f039a07b37cbb16247a8fa3215f73bc8c29e18fe597820c35c
73fd5713e95bc75adc7783d8ca581259b0a2b029dd1236cc028cfa6f8bd4c06d
741f7005b31dfe2f65524eecf96bb84736675a392fd5846ed85118ec214149b9
75fdc031ed533329068b4deca6591889b5ced2f24c00ae7135fcca95e55f1e3c
770a39dccb74ef2233aada292c2fc70e3716c0b50f43253c1caf5dd07c53cbcb
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02
7d96bcc4ad289924295ab141fce1142c63721b0d57bf65d26905b0160b8ce42f
821e6284f758a7c3f22fea1826ac1bdab521a57f6a61631e50bc84858bd6bcfd
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
85082b71a080badee0aeea5566af984e092108bd87e46aa9435f94bf59b6162e
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
85e2d9bfd3c41845bbee3e47e2b46c7d586e90b8b18ff050c181abdf8900419a
864909edb64a3e6dd9d7fde79f064c6a23727f1a0cf6a10eee863a97bd3689c6
8abe56f67c72b6b5ba0f7e27e49d42791f1b687f45b7e370f2f78bf50ec9ae55
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d85b21a6a222c0fd3504df6fd41a0b98e20a02604e5647f5f13fd66b6d79afe
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
92234733664d1912bd9e57cecf4be6757fc48de325b69aaac9881f4c3f160f4e
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
97b746191f85fbe3eb16014481ca3b3f331660105d53ea6431346f37f101ed28
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a122e15e482ebb2e238698161af08e7463013ee8d639b18d209f722ad31e5312
a18d9d31435047631d39ff6393cff31d0595b491c1bf19c9073c999dc8821ac9
a23b362d821b7c886e3147b2834f63bcd353bb1e0371a87af49e3408d9e3977c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5d51f834897bf5cf2c476ab8331ef15f8b10e22439de535dd15078f9449b858
aa3858220f26b5b31d0b3815ee84be94bfcc4e82398fbd0bf6cc5e1c3612434b
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43731a87b06068de23c2267d9e3a8210ffe5a22d38b79e55916ba70520916bd
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b83bb00e4062d3c9f480f744f32e2753309593140b7a9f9af6fd2e28c841611a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bde63048aeeb84d52424f33e5bf7aa45289cb11420d45f7ec430e2ecfcb1ced0
c0083040475984302a491d8c506d596d004b4090490d1b366513c114915220a6
c0a30e7b8435b6e19e45928ac521826c341acceabb3b3ea326a3215067e256eb
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c60547c6172c3ec9bf9bca996c91a0831816c507d1e981a08fc6e89d76525714
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cd9a3a7e0c4ee09dc6f406631d135c92512c06af1beca63ce9667617ed7ba555
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc548557b4ca95043db9c67c2de15836d9bcaba2328efed71202448ac7dff52
d2173d3b60cf4b9fa8877d6676d67d83162173aa7196bf6733b7930cb9bb9831
d51ed4cda7a47bfb4444c59c1de4e6fda4d1993d09a0727ec3269fbd35f221de
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d71ed1538f597a4655df09138716e9a04e51ac38e47fcc1063f5af2cd1704647
d816458b15e8caa008d5a4d7e5936cd054342983cc03230cb2419f8fe386da78
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dacb16b3a445c83e81a7ff0bcfc24a0eddfd4b69e30e9358fc7a1700bb2f0845
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5448298b4b2215a0d6c3b7825fe092f1fde4df2bf35722e3df64a12dd6740db
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e966a96d9c59b9133559369fd9924afae7dcb2fd56e2be45fca4bbb7bd0f836e
ea6c8c540aebb25b5282323a3def66f9d5f2e619f49b44a5827e550d84f0f2ce
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a14a70d1c86cdd5f228e72092d76ea9d8ca6d674e57a24f1118799f63f844e
f411fce954a269a1d2603889751b6fcd80e15a9312da2db1af26e9be764e0b59
f4b6c2d2b1cd71a3e1836731f97f79e43e85f96bc19efe59751bdf3891ac3d3d
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
f919ddd1456ed6a6ed1f9c9f32a3195c238db8e0ea19b2538d606ac6cdb0ddde
f96779e801dd86db7530338cd1aa7ded6659ce7b9a2650aabef976b8bde5f1dd
f9e7dc2c6e2b8094f7d206aae6b970e1d98e08b0e6539b26ef009a07383f2bee
fad75c822093ab1f4d07c19804e2f1350e6cb53ad8faac322375fd47e9523797
ffc1ab156d4f6701973673259900397e7faf3f2af7641c4b92dc516ead15674a

www.mediafire.com Open in urlscan Pro 104.16.113.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

281 Requests

83 %HTTPS

40 %IPv6

67 Domains

105 Subdomains

77 IPs

10 Countries

2755 kBTransfer

10292 kBSize

139 Cookies

9 Outgoing links

Page URL History

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mediafire.com Open in urlscan Pro
104.16.113.74 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

83 %
HTTPS

40 %
IPv6

67
Domains

105
Subdomains

77
IPs

10
Countries

2755 kB
Transfer

10292 kB
Size

139
Cookies

281 HTTP transactions
7 data transactions