urlscan.io logo urlscan.io
SecurityTrails logo

natalie.mu Open in urlscan Pro
54.248.123.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://natalie.mu/
Effective URL: https://natalie.mu/
Submission: On October 21 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 14 countries across 113 domains to perform 463 HTTP transactions. The main IP is 54.248.123.43, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is natalie.mu.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 13th 2023. Valid for: a year.
This is the only time natalie.mu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 54.248.123.43 16509 (AMAZON-02)
1 13.33.5.52 16509 (AMAZON-02)
7 2404:6800:400... 15169 (GOOGLE)
43 2600:140b:a00... 20940 (AKAMAI-ASN1)
2 2404:6800:400... 15169 (GOOGLE)
3 13.224.143.60 16509 (AMAZON-02)
15 2404:6800:400... 15169 (GOOGLE)
1 99.84.54.81 16509 (AMAZON-02)
2 99.86.222.34 16509 (AMAZON-02)
5 2001:4860:480... 15169 (GOOGLE)
2 2620:1ec:46::46 8075 (MICROSOFT...)
1 203.114.55.135 2519 (VECTANT A...)
2 2a04:4e42:400... 54113 (FASTLY)
2 18.65.116.10 16509 (AMAZON-02)
1 203.114.55.140 2519 (VECTANT A...)
5 23.56.171.128 20940 (AKAMAI-ASN1)
5 34.160.89.38 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 3.115.72.35 16509 (AMAZON-02)
4 74.118.186.106 6336 (TURN-US-ASN)
1 207.65.34.76 62713 (AS-PUBMATIC)
2 2602:803:c006... 26667 (RUBICONPR...)
1 103.132.192.30 138552 (RTBHOUSE-...)
2 5 104.18.27.193 13335 (CLOUDFLAR...)
2 103.253.24.61 6939 (HURRICANE)
2 13.249.146.82 16509 (AMAZON-02)
2 35.72.165.187 16509 (AMAZON-02)
3 124.146.153.162 2514 (INFOSPHER...)
1 52.77.157.107 16509 (AMAZON-02)
1 5 35.227.252.103 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.217.124.13 16625 (AKAMAI-AS)
1 34.120.63.153 396982 (GOOGLE-CL...)
4 23.106.127.49 59253 (LEASEWEB-...)
1 5 35.75.232.179 16509 (AMAZON-02)
1 69.175.41.44 32475 (SINGLEHOP...)
1 2406:2600:4::12 55569 (CRITEO-AS...)
8 10 103.43.90.21 29990 (ASN-APPNEX)
5 8 35.213.109.249 15169 (GOOGLE)
2 5 34.102.149.137 396982 (GOOGLE-CL...)
2 202.233.84.2 131957 (MICROAD M...)
1 99.86.199.99 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 23.208.233.60 16625 (AKAMAI-AS)
10 23.217.126.76 16625 (AKAMAI-AS)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 44.225.97.91 16509 (AMAZON-02)
1 20.119.174.243 8075 (MICROSOFT...)
1 8 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
1 2600:9000:202... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:213... 16509 (AMAZON-02)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2406:2600:4::1 55569 (CRITEO-AS...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 13.224.141.41 16509 (AMAZON-02)
2 18 52.46.143.56 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 52.221.171.128 16509 (AMAZON-02)
1 7 35.244.159.8 15169 (GOOGLE)
12 12 35.71.131.137 16509 (AMAZON-02)
4 4 124.146.153.164 2514 (INFOSPHER...)
3 10 34.98.64.218 396982 (GOOGLE-CL...)
3 4 99.86.199.17 16509 (AMAZON-02)
20 42 142.251.42.194 15169 (GOOGLE)
15 24 69.173.158.64 26667 (RUBICONPR...)
1 35.190.39.111 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 34.149.40.38 396982 (GOOGLE-CL...)
21 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
8 23.217.125.12 16625 (AKAMAI-AS)
3 5 2406:da18:929... 16509 (AMAZON-02)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.126.138 16509 (AMAZON-02)
2 2 54.150.135.134 16509 (AMAZON-02)
1 1 2600:9000:21b... 16509 (AMAZON-02)
1 2 99.86.199.91 16509 (AMAZON-02)
1 69.175.41.79 32475 (SINGLEHOP...)
1 2 18.139.177.100 16509 (AMAZON-02)
4 5 13.228.126.19 16509 (AMAZON-02)
1 23.192.45.99 20940 (AKAMAI-ASN1)
2 2 52.20.57.143 14618 (AMAZON-AES)
1 104.18.41.104 13335 (CLOUDFLAR...)
1 131.153.206.100 59210 (PHOENIXNA...)
2 162.19.138.82 16276 (OVH)
2 207.65.34.81 62713 (AS-PUBMATIC)
2 2404:6800:400... 15169 (GOOGLE)
7 7 74.118.186.107 6336 (TURN-US-ASN)
4 5 2001:df2:a300... 6336 (TURN-US-ASN)
5 5 64.74.236.31 22075 (AS-OUTBRAIN)
4 4 66.225.223.191 3949 (NTTA-3946)
1 2 69.173.151.100 26667 (RUBICONPR...)
1 1 23.105.12.159 30633 (LEASEWEB-...)
17 13.112.54.241 16509 (AMAZON-02)
12 12 35.213.12.39 15169 (GOOGLE)
2 2 2620:116:800e... 16509 (AMAZON-02)
2 2 52.6.39.46 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 54.169.118.21 16509 (AMAZON-02)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 2 23.106.127.165 59253 (LEASEWEB-...)
7 7 185.84.60.20 198622 (ADFORM)
4 5 151.101.194.49 54113 (FASTLY)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
17 2404:6800:400... 15169 (GOOGLE)
5 104.18.26.193 13335 (CLOUDFLAR...)
1 2406:da18:22e... 16509 (AMAZON-02)
3 4 34.124.209.251 396982 (GOOGLE-CL...)
2 3 35.186.193.173 15169 (GOOGLE)
1 2 220.150.223.50 4686 (BEKKOAME ...)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
8 12 141.95.33.111 16276 (OVH)
1 1 172.105.203.31 63949 (AKAMAI-LI...)
2 2 35.213.93.179 15169 (GOOGLE)
1 1 3.114.115.252 16509 (AMAZON-02)
2 5 182.161.74.16 55569 (CRITEO-AS...)
2 2 43.206.23.166 16509 (AMAZON-02)
1 1 23.61.252.40 20940 (AKAMAI-ASN1)
1 2 64.120.110.138 59253 (LEASEWEB-...)
4 172.217.161.66 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
8 8 2a02:fa8:c411... 399104 (CNVR-APAC)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 3.210.56.15 14618 (AMAZON-AES)
3 3 188.42.105.236 7979 (SERVERS-COM)
1 2404:6800:400... 15169 (GOOGLE)
20 207.65.34.80 62713 (AS-PUBMATIC)
2 2 54.150.37.244 16509 (AMAZON-02)
2 54.249.183.0 16509 (AMAZON-02)
1 1 139.162.117.143 63949 (AKAMAI-LI...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.198.85 15169 (GOOGLE)
3 3 13.213.197.118 16509 (AMAZON-02)
2 2 198.8.71.131 54312 (ROCKETFUEL)
4 5 34.111.113.62 396982 (GOOGLE-CL...)
2 3 18.141.105.172 16509 (AMAZON-02)
2 3 119.9.108.180 45187 (RACKSPACE...)
2 207.65.34.74 62713 (AS-PUBMATIC)
2 2 98.98.134.243 21859 (ZEN-ECN)
1 1 2600:9000:21c... 16509 (AMAZON-02)
1 4 23.106.127.53 59253 (LEASEWEB-...)
1 141.95.32.73 16276 (OVH)
1 3 2406:2600:4::b 55569 (CRITEO-AS...)
1 2600:1901:0:6... 396982 (GOOGLE-CL...)
2 182.161.74.11 55569 (CRITEO-AS...)
13 23.217.126.205 16625 (AKAMAI-AS)
1 104.18.24.18 13335 (CLOUDFLAR...)
3 11 35.71.178.8 16509 (AMAZON-02)
1 151.101.129.108 54113 (FASTLY)
2 162.55.236.225 24940 (HETZNER-AS)
1 107.178.248.96 15169 (GOOGLE)
1 23.192.45.82 20940 (AKAMAI-ASN1)
1 1 13.214.76.234 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.176.234.133 16509 (AMAZON-02)
1 1 72.34.250.75 27630 (AS-XFERNET)
2 59.151.138.103 20940 (AKAMAI-ASN1)
2 2 18.192.43.30 ()
1 151.101.193.19 54113 (FASTLY)
1 34.149.101.235 396982 (GOOGLE-CL...)
1 2600:140b:a80... 20940 (AKAMAI-ASN1)
1 34.111.79.67 396982 (GOOGLE-CL...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2600:1901:0:e... 396982 (GOOGLE-CL...)
4 34.120.63.33 396982 (GOOGLE-CL...)
1 2600:1901:0:80:: ()
463 135
6    54.248.123.43 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-123-43.ap-northeast-1.compute.amazonaws.com
natalie.mu
1    13.33.5.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-5-52.nrt51.r.cloudfront.net
flux-cdn.com
7    2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
43    2600:140b:a00:8::b81a:2b59 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
ogre.natalie.mu
2    2404:6800:4004:818::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.224.143.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-143-60.nrt51.r.cloudfront.net
c.amazon-adsystem.com
15    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    99.84.54.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-54-81.nrt20.r.cloudfront.net
config.aps.amazon-adsystem.com
2    99.86.222.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-222-34.nrt51.r.cloudfront.net
aax.amazon-adsystem.com
5    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:46::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    203.114.55.135 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: 203x114x55x135.ap203.ftth.arteria-hikari.net
cs.nakanohito.jp
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    18.65.116.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-116-10.kix50.r.cloudfront.net
yield-manager.browsiprod.com
1    203.114.55.140 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: 203x114x55x140.ap203.ftth.arteria-hikari.net
bs.nakanohito.jp
5    23.56.171.128 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-56-171-128.deploy.static.akamaitechnologies.com
gigaplus.makeshop.jp
5    34.160.89.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.89.160.34.bc.googleusercontent.com
a.flux.jp
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    3.115.72.35 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-72-35.ap-northeast-1.compute.amazonaws.com
hb.adingo.jp
4    74.118.186.106 (Singapore)

ASN6336 (TURN-US-ASN, US)
targeting.unrulymedia.com
1    207.65.34.76 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2602:803:c006:158::65 (Singapore)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
5    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    103.253.24.61 (Indonesia)

ASN6939 (HURRICANE, US)
shb.richaudience.com
2    13.249.146.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-146-82.nrt51.r.cloudfront.net
ad.as.amanad.adtdp.com
2    35.72.165.187 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-165-187.ap-northeast-1.compute.amazonaws.com
pb.ladsp.com
3    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
d.socdm.com
1    52.77.157.107 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-157-107.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    23.217.124.13 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-124-13.deploy.static.akamaitechnologies.com
a.teads.tv
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
4    23.106.127.49 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
prg-apac.smartadserver.com
5    35.75.232.179 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-232-179.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    69.175.41.44 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ap.lijit.com
1    2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
10    103.43.90.21 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
5    34.102.149.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.149.102.34.bc.googleusercontent.com
api.relaido.jp
2    202.233.84.2 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-rtb-pb.send.microad.jp
1    99.86.199.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-199-99.nrt51.r.cloudfront.net
cdn.browsiprod.com
3    2404:6800:4008:c15::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
3    23.208.233.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-233-60.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.217.126.76 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-126-76.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    44.225.97.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-97-91.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
8    2404:6800:4004:818::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
3    2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
1    2600:9000:202f:3800:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2138:1400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    13.224.141.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-141-41.nrt51.r.cloudfront.net
tags.crwdcntrl.net
18    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.221.171.128 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-171-128.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
u.openx.net
natasha-d.openx.net
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    124.146.153.164 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
jp-u.openx.net
u.openx.net
us-u.openx.net
4    99.86.199.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-199-17.nrt51.r.cloudfront.net
cr-p3.ladsp.com
cr-p10.ladsp.com
cr-p31.ladsp.com
42    142.251.42.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
24    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)
773a69a9c6d7145f5d1dbd4db47f256b.safeframe.googlesyndication.com
4    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
21    2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    23.217.125.12 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-125-12.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    2406:da18:929:5a01:259e:d14c:cabb:3cf7 (Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    54.150.135.134 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-135-134.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    2600:9000:21b5:3c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    99.86.199.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-199-91.nrt51.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    69.175.41.79 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ce.lijit.com
2    18.139.177.100 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-177-100.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
5    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.192.45.99 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-192-45-99.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    52.20.57.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-57-143.compute-1.amazonaws.com
sync.ipredictive.com
1    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    131.153.206.100 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    207.65.34.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2404:6800:4004:828::2002 (Australia)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
7    74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
5    64.74.236.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    66.225.223.191 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
sync.outbrain.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    23.105.12.159 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
17    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
12    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    2620:116:800e:21:6c50:dbee:bef5:203d (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.6.39.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-39-46.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    54.169.118.21 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-118-21.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.106.127.165 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
7    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
17    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    2406:da18:22e:4f04:b3f9:2e7a:3729:7051 (Singapore)

ASN16509 (AMAZON-02, US)
d.adroll.com
4    34.124.209.251 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
2    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2404:6800:4004:808::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    172.105.203.31 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1857-31.members.linode.com
a.c.appier.net
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
1    3.114.115.252 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-115-252.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
5    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    43.206.23.166 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-23-166.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    23.61.252.40 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-252-40.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
2    64.120.110.138 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
4    172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net
www.googleadservices.com
1    2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a02:fa8:c411:12::1050 (Amsterdam, Netherlands)

ASN399104 (CNVR-APAC, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
inmobi-match.dotomi.com
openx2-match.dotomi.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    3.210.56.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-15.compute-1.amazonaws.com
fksnk.com
3    188.42.105.236 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
1    2404:6800:4004:824::2006 (Australia)

ASN15169 (GOOGLE, US)
s0.2mdn.net
20    207.65.34.80 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    54.150.37.244 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-37-244.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
2    54.249.183.0 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-183-0.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
1    139.162.117.143 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1601-143.members.linode.com
gocm.c.appier.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.198.85 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 85.198.214.35.bc.googleusercontent.com
csync.loopme.me
3    13.213.197.118 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-197-118.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    18.141.105.172 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-105-172.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
3    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    207.65.34.74 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2600:9000:21c5:be00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    141.95.32.73 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-007.roqad.pl
wt.rqtrk.eu
3    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    2600:1901:0:6ede:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
sync6.im-apps.net
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
13    23.217.126.205 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-126-205.deploy.static.akamaitechnologies.com
contextual.media.net
1    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
11    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
1    107.178.248.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.248.178.107.bc.googleusercontent.com
penta.a.one.impact-ad.jp
1    23.192.45.82 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-192-45-82.deploy.static.akamaitechnologies.com
sync.relaido.jp
1    13.214.76.234 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-76-234.ap-southeast-1.compute.amazonaws.com
i.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
1    72.34.250.75 (Hemet, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    59.151.138.103 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a59-151-138-103.deploy.static.akamaitechnologies.com
cs.media.net
2    18.192.43.30 (None, )

ASN- ()
rtb.mfadsrvr.com
1    151.101.193.19 (United States)

ASN54113 (FASTLY, US)
img.ak.impact-ad.jp
1    34.149.101.235 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 235.101.149.34.bc.googleusercontent.com
sync.im-apps.net
1    2600:140b:a800::17c3:595b (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
1    34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com
odr.mookie1.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
4    34.120.63.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.63.120.34.bc.googleusercontent.com
tracker.v2.relaido.jp
1    2600:1901:0:80:: (None, )

ASN- ()
aw.dw.impact-ad.jp
Apex Domain
Subdomains		 Transfer
52 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
274 KB
49 natalie.mu
natalie.mu
ogre.natalie.mu
751 KB
41 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30346
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1256
78 KB
39 googlesyndication.com
773a69a9c6d7145f5d1dbd4db47f256b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
665 KB
33 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
image4.pubmatic.com — Cisco Umbrella Rank: 1249
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
65 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
83 KB
24 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
us-u.openx.net — Cisco Umbrella Rank: 547
jp-u.openx.net — Cisco Umbrella Rank: 12438
u.openx.net — Cisco Umbrella Rank: 739
natasha-d.openx.net
5 KB
23 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474
www.google.com — Cisco Umbrella Rank: 2
116 KB
22 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1583
rtb.gumgum.com — Cisco Umbrella Rank: 1656
usersync.gumgum.com — Cisco Umbrella Rank: 2253
6 KB
16 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
contextual.media.net — Cisco Umbrella Rank: 780
cs.media.net — Cisco Umbrella Rank: 1684
20 KB
13 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
45 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
6 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
5 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
6 KB
11 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5736
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
13 KB
11 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 5751
penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 104756
img.ak.impact-ad.jp — Cisco Umbrella Rank: 94002
aw.dw.impact-ad.jp
47 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
acdn.adnxs.com — Cisco Umbrella Rank: 663
24 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 895
dis.criteo.com — Cisco Umbrella Rank: 648
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
4 KB
11 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10674
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 7563
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
5 KB
10 relaido.jp
api.relaido.jp — Cisco Umbrella Rank: 160564
sync.relaido.jp — Cisco Umbrella Rank: 435261
tracker.v2.relaido.jp — Cisco Umbrella Rank: 321115
17 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
6 KB
8 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
inmobi-match.dotomi.com — Cisco Umbrella Rank: 11969
openx2-match.dotomi.com — Cisco Umbrella Rank: 5495
3 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
4 KB
7 socdm.com
d.socdm.com — Cisco Umbrella Rank: 52877
tg.socdm.com — Cisco Umbrella Rank: 1247
10 KB
7 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
u.4dex.io — Cisco Umbrella Rank: 3936
30 KB
6 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
816 B
6 ladsp.com
pb.ladsp.com — Cisco Umbrella Rank: 65194
cr-p3.ladsp.com — Cisco Umbrella Rank: 21057
cr-p10.ladsp.com
cr-p31.ladsp.com — Cisco Umbrella Rank: 12481
3 KB
6 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 966
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
1 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
1 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
3 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
13 KB
5 flux.jp
a.flux.jp — Cisco Umbrella Rank: 82081
971 B
5 makeshop.jp
gigaplus.makeshop.jp
49 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
4 im-apps.net
sync6.im-apps.net — Cisco Umbrella Rank: 60960
sync.im-apps.net — Cisco Umbrella Rank: 4468
dmp.im-apps.net — Cisco Umbrella Rank: 23607
audiencedata.im-apps.net — Cisco Umbrella Rank: 25926
4 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
i.w55c.net — Cisco Umbrella Rank: 2341
3 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 900
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
236 KB
4 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4325
sync.richaudience.com — Cisco Umbrella Rank: 2114
2 KB
4 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 21122
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
creativecdn.com — Cisco Umbrella Rank: 646
2 KB
4 adingo.jp
hb.adingo.jp — Cisco Umbrella Rank: 98447
662 B
4 browsiprod.com
yield-manager.browsiprod.com — Cisco Umbrella Rank: 12748
cdn.browsiprod.com — Cisco Umbrella Rank: 12824
events.browsiprod.com — Cisco Umbrella Rank: 11744
14 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
2 KB
3 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 23313
1 KB
3 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 5170
ipac.ctnsnet.com — Cisco Umbrella Rank: 6415
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
73 KB
3 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 22445
622 B
3 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 7687
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 28459
2 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 998
r.clarity.ms — Cisco Umbrella Rank: 7995
26 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
2 KB
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 17112
75 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6048
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
1 KB
2 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3336
406 B
2 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 25694
970 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2841
964 B
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 13521
gocm.c.appier.net — Cisco Umbrella Rank: 2653
1022 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
43 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 11392
627 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761
649 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
3 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
1010 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
539 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1089
958 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
530 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1105
sync1.intentiq.com — Cisco Umbrella Rank: 2757
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 microad.jp
s-rtb-pb.send.microad.jp — Cisco Umbrella Rank: 78236
1019 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
ce.lijit.com — Cisco Umbrella Rank: 1199
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
2 nakanohito.jp
cs.nakanohito.jp — Cisco Umbrella Rank: 97396
bs.nakanohito.jp — Cisco Umbrella Rank: 69641
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
161 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 257
689 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1386
213 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1111
744 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 26034
549 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
174 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
2 KB
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 2044
350 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
459 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
225 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
553 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
490 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 5702
613 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2907
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
852 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1495
181 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
816 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1171
44 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
449 B
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1720
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1185
645 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1985
531 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6069
474 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
5 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
47 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
491 B
1 flux-cdn.com
flux-cdn.com — Cisco Umbrella Rank: 85054
175 KB
0 rundsp.com Failed
match.rundsp.com Failed
0 parrable.com Failed
h.parrable.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 inmobi.com Failed
mweb.ck.inmobi.com Failed
0 nex8.net Failed
cs.nex8.net Failed
463 113
Domain Requested by
43 ogre.natalie.mu natalie.mu
33 cm.g.doubleclick.net 18 redirects google-bidout-d.openx.net
natalie.mu
rtb.gumgum.com
googleads.g.doubleclick.net
eb2.3lift.com
21 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
natalie.mu
googleads.g.doubleclick.net
www.googletagservices.com
18 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
natalie.mu
s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
u.openx.net
natasha-d.openx.net
ads.pubmatic.com
17 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
natalie.mu
googleads.g.doubleclick.net
17 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
15 fundingchoicesmessages.google.com natalie.mu
securepubads.g.doubleclick.net
14 simage2.pubmatic.com ads.pubmatic.com
natalie.mu
14 pixel.rubiconproject.com 9 redirects natalie.mu
13 contextual.media.net flux-cdn.com
contextual.media.net
ads.pubmatic.com
12 id5-sync.com 8 redirects cdn.id5-sync.com
natalie.mu
flux-cdn.com
12 x.bidswitch.net 12 redirects
12 match.adsrvr.org 12 redirects
11 eb2.3lift.com 3 redirects flux-cdn.com
eb2.3lift.com
10 eus.rubiconproject.com natalie.mu
eus.rubiconproject.com
s.amazon-adsystem.com
rtb.gumgum.com
flux-cdn.com
contextual.media.net
9 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
9 us-u.openx.net 2 redirects google-bidout-d.openx.net
u.openx.net
natasha-d.openx.net
8 ads.pubmatic.com natalie.mu
s.amazon-adsystem.com
rtb.gumgum.com
flux-cdn.com
contextual.media.net
ads.pubmatic.com
8 www.google.com 1 redirects natalie.mu
tpc.googlesyndication.com
googleads.g.doubleclick.net
8 y.one.impact-ad.jp 5 redirects natalie.mu
api.relaido.jp
8 ib.adnxs.com 6 redirects flux-cdn.com
acdn.adnxs.com
7 c1.adform.net 7 redirects
7 securepubads.g.doubleclick.net natalie.mu
securepubads.g.doubleclick.net
www.googletagservices.com
6 image2.pubmatic.com ads.pubmatic.com
natalie.mu
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 natalie.mu 1 redirects natalie.mu
5 pixel.tapad.com 4 redirects natalie.mu
5 dis.criteo.com 2 redirects googleads.g.doubleclick.net
ads.pubmatic.com
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 b1sync.zemanta.com 5 redirects
5 sync.1rx.io 5 redirects
5 ups.analytics.yahoo.com 4 redirects natasha-d.openx.net
5 pr-bh.ybp.yahoo.com 3 redirects u.openx.net
natalie.mu
5 api.relaido.jp 2 redirects flux-cdn.com
api.relaido.jp
5 rtb.openx.net 1 redirects flux-cdn.com
u.openx.net
5 a.flux.jp flux-cdn.com
5 gigaplus.makeshop.jp natalie.mu
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 tracker.v2.relaido.jp ads.pubmatic.com
api.relaido.jp
natalie.mu
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 www.googleadservices.com natalie.mu
googleads.g.doubleclick.net
4 um.simpli.fi 3 redirects natalie.mu
4 sync.outbrain.com 4 redirects
4 ad.turn.com 4 redirects
4 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
4 u.4dex.io natalie.mu
ads.pubmatic.com
ssbsync.smartadserver.com
4 tg.socdm.com 4 redirects
4 prg-apac.smartadserver.com flux-cdn.com
4 targeting.unrulymedia.com flux-cdn.com
4 hb.adingo.jp flux-cdn.com
3 gum.criteo.com 1 redirects contextual.media.net
3 uipglob.semasio.net 2 redirects natalie.mu
3 sync.crwdcntrl.net 2 redirects natalie.mu
3 pm.w55c.net 3 redirects
3 sync.gonet-ads.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 px.ads.linkedin.com 1 redirects natalie.mu
eb2.3lift.com
3 jp-u.openx.net google-bidout-d.openx.net
natasha-d.openx.net
3 static.criteo.net securepubads.g.doubleclick.net
flux-cdn.com
static.criteo.net
3 www.google.co.jp natalie.mu
3 secure-assets.rubiconproject.com 3 redirects
3 stats.g.doubleclick.net www.google-analytics.com
3 d.socdm.com flux-cdn.com
3 c.amazon-adsystem.com natalie.mu
c.amazon-adsystem.com
2 rtb.mfadsrvr.com 2 redirects
2 cs.media.net contextual.media.net
2 openx2-match.dotomi.com 2 redirects
2 sync.richaudience.com flux-cdn.com
sync.richaudience.com
2 mug.criteo.com natalie.mu
2 inmobi-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 p.rfihub.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 dps.jp.cinarra.com ads.pubmatic.com
natasha-d.openx.net
2 pool.admedo.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 ads.us.e-planning.net 1 redirects natalie.mu
2 ds.uncn.jp 2 redirects
2 a.sportradarserving.com 2 redirects
2 sync-dsp.ad-m.asia 1 redirects u.openx.net
ads.pubmatic.com
2 creativecdn.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects natalie.mu
2 ad.360yield.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cms.quantserve.com 2 redirects
2 secure.adnxs.com 2 redirects
2 pixel-us-east.rubiconproject.com 1 redirects s.amazon-adsystem.com
2 sync.targeting.unrulymedia.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 image6.pubmatic.com ads.pubmatic.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
flux-cdn.com
2 sync.ipredictive.com 2 redirects
2 match.sharethrough.com 1 redirects natalie.mu
2 match.prod.bidr.io 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 oajs.openx.net 1 redirects natalie.mu
2 i.clean.gg cadmus.script.ac
2 s-rtb-pb.send.microad.jp flux-cdn.com
2 g2.gumgum.com flux-cdn.com
2 pb.ladsp.com flux-cdn.com
2 ad.as.amanad.adtdp.com flux-cdn.com
2 shb.richaudience.com flux-cdn.com
2 fastlane.rubiconproject.com flux-cdn.com
2 script.4dex.io flux-cdn.com
script.4dex.io
2 yield-manager.browsiprod.com flux-cdn.com
cdn.browsiprod.com
2 cdn.jsdelivr.net flux-cdn.com
securepubads.g.doubleclick.net
2 www.clarity.ms natalie.mu
www.clarity.ms
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 www.googletagmanager.com natalie.mu
www.googletagmanager.com
1 aw.dw.impact-ad.jp natalie.mu
1 audiencedata.im-apps.net dmp.im-apps.net
1 simage4.pubmatic.com ads.pubmatic.com
1 c.bing.com eb2.3lift.com
1 odr.mookie1.com api.relaido.jp
1 dmp.im-apps.net sync.relaido.jp
1 sync.im-apps.net sync.relaido.jp
1 img.ak.impact-ad.jp natalie.mu
1 sync.go.sonobi.com 1 redirects
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com natasha-d.openx.net
1 i.w55c.net 1 redirects
1 sync.relaido.jp api.relaido.jp
1 cr-p31.ladsp.com natalie.mu
1 penta.a.one.impact-ad.jp flux-cdn.com
1 natasha-d.openx.net flux-cdn.com
1 acdn.adnxs.com flux-cdn.com
1 js-sec.indexww.com flux-cdn.com
1 sync6.im-apps.net flux-cdn.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 s.ad.smaato.net 1 redirects
1 image4.pubmatic.com natalie.mu
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 cr-p10.ladsp.com 1 redirects
1 s0.2mdn.net natalie.mu
1 fksnk.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 r.turn.com googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 analytics.pangle-ads.com 1 redirects
1 dynalyst-sync.adtdp.com 1 redirects
1 a.c.appier.net 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 cm.ctnsnet.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 ssbsync-us.smartadserver.com 1 redirects
1 prebid.a-mo.net natalie.mu
1 capi.connatix.com natalie.mu
1 hb.yahoo.net natalie.mu
1 ce.lijit.com natalie.mu
1 sync1.intentiq.com natalie.mu
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com natalie.mu
1 pixel-apac.rubiconproject.com 1 redirects
1 773a69a9c6d7145f5d1dbd4db47f256b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 r.clarity.ms www.clarity.ms
1 events.browsiprod.com cdn.browsiprod.com
1 cadmus.script.ac script.4dex.io
1 cdn.browsiprod.com flux-cdn.com
1 bidder.criteo.com flux-cdn.com
1 ap.lijit.com flux-cdn.com
1 prebid.media.net flux-cdn.com
1 a.teads.tv flux-cdn.com
1 mp.4dex.io flux-cdn.com
1 tlx.3lift.com flux-cdn.com
1 htlb.casalemedia.com flux-cdn.com
1 prebid-asia.creativecdn.com flux-cdn.com
1 hbopenbid.pubmatic.com flux-cdn.com
1 bs.nakanohito.jp cs.nakanohito.jp
1 cs.nakanohito.jp natalie.mu
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 flux-cdn.com natalie.mu
0 match.rundsp.com Failed natasha-d.openx.net
0 h.parrable.com Failed flux-cdn.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 mweb.ck.inmobi.com Failed googleads.g.doubleclick.net
0 cs.nex8.net Failed u.openx.net
463 197
Subject Issuer Validity Valid
natalie.mu
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-11		 a year crt.sh
flux-cdn.com
Amazon RSA 2048 M03		 2023-10-19 -
2024-11-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.natalie.mu
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.nakanohito.jp
JPRS Organization Validation Authority - G4		 2023-01-16 -
2024-01-31		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.browsiprod.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-02-12		 a year crt.sh
gigaplus.makeshop.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-27 -
2023-11-28		 a year crt.sh
a.flux.jp
GTS CA 1D4		 2023-10-07 -
2024-01-05		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M02		 2023-02-05 -
2024-03-05		 a year crt.sh
*.ladsp.com
GlobalSign RSA OV SSL CA 2018		 2023-05-16 -
2024-06-16		 a year crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2023-05-31 -
2024-06-30		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-01 -
2024-07-31		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.relaido.jp
GTS CA 1D4		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-09-10 -
2023-12-09		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-02-13 -
2024-02-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-08-25 -
2023-11-23		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
sync6.im-apps.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
a.one.impact-ad.jp
SECOM Passport for Web SR 3.0 CA		 2023-03-27 -
2024-03-31		 a year crt.sh
relaido.jp
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
img.ak.impact-ad.jp
SECOM Passport for Web SR 3.0 CA		 2023-09-21 -
2024-10-19		 a year crt.sh
sync.im-apps.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2023-03-14 -
2024-03-14		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
tracker.v2.relaido.jp
GTS CA 1D4		 2023-09-06 -
2023-12-05		 3 months crt.sh
aw.dw.impact-ad.jp
SECOM Passport for Web SR 3.0 CA		 2023-03-27 -
2024-03-31		 a year crt.sh

This page contains 85 frames:

Primary Page: https://natalie.mu/
Frame ID: 5BE7308DCE75762033E1BB63588A4225
Requests: 177 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: CAB5C7623947D0FBF6102A5038204851
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&dcc=t
Frame ID: 00CF45630D137BD3FF96409FC2A069FB
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1111C1EF040437554819CA5D23A110EB
Requests: 6 HTTP requests in this frame

Frame: https://773a69a9c6d7145f5d1dbd4db47f256b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04CE0F6F1E7394AA944F2CC1DC865C39
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjdBPw0_MjBWs0elWYeB7ZKPmOXTBKo6ht3_tTCGkmDFTr2veRM-9mU80wXBKTIDzF6UoiaU_zw9HmZ_lP_RfDl8pD2Nd5VkB45e8TrWnIT7pA4l4PoSBdfsvYNzu1nZnVmSTsRVT3OaCdxUV56rOorfrmqtBRuOtIyHrDvZmSoM90CCe0je28nRIY9RcuvN87PaTTKmwbLOhDwVftHCv2hziDOzkJdj9OHxNCqYN72etGINbVrvAmiutJoVQY1e_Nhh6EEZyIaC7fwYP6O46Xx3qph0yoBYNzlJnT98JlC0GuD5gcjGjQTlUJ&sai=AMfl-YTgF31r2UJK-u8hi_zu9iVz4efy5wVqlA_5v0NqXNIFKAWjnioa51ICFDk92d-4V56Ei8nXESQ1-d4NyFrfB-JnySGlwGeh1ZLAwWPMHwHxUpip1TpHqtK2Ys56Vg&sig=Cg0ArKJSzC73dljbsttfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D68447263B9D85B55A4A875B11610F27
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_2PqPFdaFl4VMntGPrCgHYMrlrwaYcQ4tw3Q6h2GmensfaU01DPibjNF6x4KFgodE3tLbcY0zORzKSTD3vNknWDd9Afnay52lXxXBcPW4c1KSA5I3qOx9rnZB_CW3WNyrDCAxt5MUmLb9f99-LFrz4gGyHql7gdOdyuojhGhmXSHXgi3pyCusbDPTUJC81xVkzDN4qPB9E2xBv_1TMqRNh5COOOzHke0KcoN0Gaul6udWeGjSermlZtopzT-4TryiNSZQRcv_2nbMnNjOwDNUbo2iYcD444wywJ3sjkkzZ8jhPjUV8jMp0co3&sai=AMfl-YS1ApbgX1MHDzY65npIR6vKXLPTGgxwbktlPMDQ_lxuv0q0XG6swghvZ3nwveAm0Dp-fmbe6QPdJ7bh1AdpJ1vKtIPGQuZF-fJDJriL2JO_iSenuOKC1g7RyjTcvw&sig=Cg0ArKJSzAq1xIqeIx0EEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4B2B6F05D03678959FD3FD19EE647B3E
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 090754DE59569623D014C1AE8DF7F7CC
Requests: 18 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 894F897D57AEB982C8D2005F93DDB4B1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html
Frame ID: D66D7571474D1A739E09BE5D9D81276E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&adk=1812271804&adf=3279755404&lmt=1697859698&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=4&bdt=143&idt=244&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&nras=1&correlator=4241903809445&frm=23&ife=4&pv=2&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.s1ndxitlj2uo&fsb=1&dtd=277
Frame ID: A474E95AB397660916DE3054C84555BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Frame ID: 60C7B398837CC19822FE101EAF8EA731
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=ZTPHAMCo8YMAANWuQJIAAAAA&ex=ss.com&status=ok
Frame ID: 10DEEA461D9610914B959D64CB1570D0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 7B31D2C2F68596DE6763D8A60FF09E12
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=3889747672840569450&ex=yj.com&
Frame ID: 5A985CC136A433CEC6A45FD500CC60B1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=30263585-fe1e-4105-9c6c-de647690968d&ex=p1.com&status=ok
Frame ID: 1C2B3301F8EF92715EF0DF132E7B0E21
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 7B7C607E877B9A86106E4911C67325F4
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 8F09BF9393D49436F850EC3E2D025B34
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B7AFB65AB30F2E5011430CD07D8FBC22
Requests: 4 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 322AD41D53D53F9BDE14E5865135C41A
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8243831494846978376&gdpr=0&gdpr_consent=
Frame ID: A30D30C9B22A7421FFD3BA055FC2286A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=2050966909577824490&gdpr=&gdpr_consent=
Frame ID: A91018BDBE024144D9A577DE3C4CD079
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZTPHAgAABg4jNAA5&gdpr=&gdpr_consent=&_test=ZTPHAgAABg4jNAA5
Frame ID: 0E15E279C370B55720F898BDB678CE57
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yOWJhZjkxNi1jZTZhLTQwYTYtODIxYS0zZjRkN2U2ZWFhYTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9587BC7CFC75346281970D5D6A00A47B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: FFDBC71ADF820BD0ED7BCB06C6EB0ECF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=5a421c59-afe3-4af2-b1d3-0cb476b75117
Frame ID: 97C322E04502912C47D3BFE55D090B4D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZTPHAMCo8YMAANWuQJIAAAAA
Frame ID: 095490E4C9DA3F84B8A0857301B5273B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=rKPpUx5xZ0xRpEOS0aDb&pi=gumgum&tc=1
Frame ID: 302AB13E8DBC6E483D5E16C8C99ABB54
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D5DDC704627F3BCF5FCC73F28A2919A2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&adk=1812271804&adf=2751417941&lmt=1697859698&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=3&bdt=220&idt=285&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.sjcqh5rd8omb&fsb=1&dtd=311
Frame ID: 3FE6B07AC93167E1EB795EA3347C3B51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Frame ID: C608F7B8C06EA2E8A42C3455535E297E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B88BAC20A2FB56B1EBF4DD6E1B57B51B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B3B231B1CC3DD481EE9FB02C76AD7A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D1F4B949AE5752BDB51D58D189AD097
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F1D23C938E43757FD0FABED56951966
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9F318C676F94D67ADE02BD2A5104DB9E
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 06A79FD4CAAB36D08C95E2A3B6376ACD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
Frame ID: C77F6DCA85CFA7F4D4F71007CD8A26D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 209CCED6E3CB7EB17311FACEAEA40912
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32D3C7D99C35CBD7DE7BB6FF122F08B1
Requests: 9 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AZeHHCUI7285ks8AD7P31LT3lc8AAAGLUkFjYg
Frame ID: 3F956282843CFCF5D8DC0F0562B86E8D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: AD1AB92A2BB19CEF3C2F5D87BF136F78
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef
Frame ID: 4CD2A2AA0930043306E1A000F91A2160
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DCCED4963DC113A98AB200EBFFB09AAB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_
Frame ID: 2F29CA7AE7E51353A7CF5EEACB797732
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5154921547521339729&gdpr=0&gdpr_consent=
Frame ID: 95A495E78BEF6B3997674925DE757E50
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 40A05E0B46AF2DF9D1C8B85397D3B464
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: E1C05C91AE913ECA2B6D2A933475115E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 8C813F09B377E540625B491F98AB88A1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-PB3GnW-CHuq5YZXAsczZQ
Frame ID: 08B3D6B1ECD6409B0A9395566EAC4047
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 478E10B1550027CF682F707C2D740E57
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=e961db5238a549d8b46788e2683f9a7d
Frame ID: 55A51121C56DB1E83ACA56BFD5FDA81E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=P3CRQxChV3tEOO_HzF9HWB_Mkac&gdpr=0&gdpr_consent=
Frame ID: D7505075D9B67AE0089B18CF2DB9B8A3
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: D8B62B8D7B6C8B4A5BDCC9B0832A0EE4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf1dca041ebd84a6d8e2354fcada8f8ff
Frame ID: 997EBD540B08045608C4E05E20C09E46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 6CF6A9D0A00C52D6FF96A58134E587B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rdNEECL61QUbir5&gdpr=0&gdpr_consent=
Frame ID: FA28D7E60605E4EA8D313C64DE158003
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC5EFBAD13334B4FB0AA82EF17528B9F&gdpr=0&gdpr_consent=
Frame ID: B0C11A6CFE85D830309AD4998803BC5E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245967042705005
Frame ID: 32BF332514B275AA571231453C7DDF8A
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: A56091EB5D604F6A1E1FABC0E2EA2FB3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
Frame ID: 024F4F8ADEB81965E108B3736EBFA656
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 999D88545E598F4DA80BB5728F54EE36
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: AA06B461CAB957E28FD9AF21021FDF64
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3C838894318BCD324415819CB2983285
Requests: 1 HTTP requests in this frame

Frame: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
Frame ID: 7AC3679F62BBEB0DFD6A52B792ED529C
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D400C18DDC18221C415FD47E64299934
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1DBBCE3A7E0F15A31AD67F2B53B848E9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8C0D7358DF080A38550CE951762049D6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Frame ID: 00890CFD0D8058606C17FE2714925EB2
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5178658069
Frame ID: 758E67739AA7E0ACA3C118224EE0E173
Requests: 2 HTTP requests in this frame

Frame: https://natasha-d.openx.net/w/1.0/pd
Frame ID: DD9FFE874AFBE4D45B757E4464667FD6
Requests: 11 HTTP requests in this frame

Frame: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Frame ID: 8A13E949C4311665FA4A3ED1E041B5D1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: DCB61CB64DBF28858346C0A53F065310
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=rkt&refUrl=&vid=78921005193408937000032733000V10&ovsid=2018245967042705005
Frame ID: C91650F6D06B408F150BBF70862EB537
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dpba%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3DPM_UID
Frame ID: F15FA0BF6B206AAC549E1A27B3D9987D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: E3CBF922759200E293752C0AB2C2F8B6
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: 1BFD2E654170282A547FE726B7AA32D6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: 63E15526BD0DA6ACD36B6991C2E109F6
Requests: 1 HTTP requests in this frame

Frame: https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892101
Frame ID: F3E536AEBEDF1221FFF374FC0CC17479
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: EB867E976762505366E663270BA7306E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: E8D4EC4CD8AA660FBE207488622C5EB4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: 2B9D78ADD9703471C24A6066BE193992
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=pba&refUrl=&vid=78921005193408937000032733000V10&ovsid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: 77B13FA094776A8361977CC7F4D29F1D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=pba&refUrl=&vid=78921005193408937000032733000V10&ovsid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Frame ID: B8FE2F88DD712C4286B44B34CFF4B92A
Requests: 1 HTTP requests in this frame

Frame: https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892104
Frame ID: BD2A71950CACAF0188DDB6F8E8334F5B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ナタリー - ポップカルチャーのニュースサイト

Page URL History Show full URLs

  1. http://natalie.mu/ HTTP 301
    https://natalie.mu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

463
Requests

76 %
HTTPS

25 %
IPv6

113
Domains

197
Subdomains

135
IPs

14
Countries

3148 kB
Transfer

7844 kB
Size

214
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://natalie.mu/ HTTP 301
    https://natalie.mu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55616&cb=48868377717&r=https%3A%2F%2Fnatalie.mu%2F&uid=6298bc6a7b005b9&tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=48868377717&r=https%3A%2F%2Fnatalie.mu%2F&uid=6298bc6a7b005b9&tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90
Request Chain 86
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55617&cb=21142778670&r=https%3A%2F%2Fnatalie.mu%2F&uid=63ab1f771e6824a&tid=c96e4bee-7039-422a-b0be-df60eca5deb6&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=21142778670&r=https%3A%2F%2Fnatalie.mu%2F&uid=63ab1f771e6824a&tid=c96e4bee-7039-422a-b0be-df60eca5deb6&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1
Request Chain 102
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 128
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&dcc=t
Request Chain 129
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
Request Chain 140
  • https://match.adsrvr.org/track/cmf/openx?oxid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0&gdpr_consent=
Request Chain 141
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZTPHAMCo8YMAANWuQJIAAAAA
Request Chain 142
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZiFyLxM7Rwiks8AD7P31LT3lc8AAAGLUkFczg
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjdkYmMzYTYtMjQzNy0yMmJmLWVhZTctNWU3ZTgxMzAyMTI0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjdkYmMzYTYtMjQzNy0yMmJmLWVhZTctNWU3ZTgxMzAyMTI0&google_tc=
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMMo3-0EsXJtnqzCQzqUP6s&google_cver=1
Request Chain 149
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LO0146JA-8-I3VV HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LO0146JA-8-I3VV
Request Chain 158
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sTLeZCtLCUVwMUCmQiAzkw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XZNfI.VE2oJhSapwDDA_jjBW158O.D6dINP6gw--~A
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPZuO9_-VJiiOQEjMOH3uU0&google_cver=1
Request Chain 160
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=&expires=30
Request Chain 161
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE8wMTQ2SkEtOC1JM1ZW HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED5jKiEB_X-nAucLkcDNHh0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE8wMTQ2SkEtOC1JM1ZW&google_push=
Request Chain 162
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO0146JA-8-I3VV
Request Chain 163
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE3ZDkxMzY0Y2RiMWFiNWNiZDU0NTQ5MmFiZmM1ZjhlOGQ2YzA2ZQ
Request Chain 165
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mQe788UxThuFRj-3NuiAgA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mQe788UxThuFRj-3NuiAgA
Request Chain 166
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIub07KZ44AABkhhMTs0Q&expires=30
Request Chain 167
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LO0146JA-8-I3VV HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LO0146JA-8-I3VV HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LO0146JA-8-I3VV&ckls=true&ci=RZlPIQDMw4&nc=false&trid=470423167
Request Chain 168
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LO0146JA-8-I3VV
Request Chain 169
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO0146JA-8-I3VV
Request Chain 170
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LO0146JA-8-I3VV&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LO0146JA-8-I3VV&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LO0146JA-8-I3VV&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ITlNYWDAxRTJ1SG1IcmI5NmJzeGlBWmEwNTh2V2IuWX5B&ovsid=LO0146JA-8-I3VV&dpid=58160
Request Chain 171
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78bcec09-5a68-428f-8d96-9211d6ef7f91&expires=30
Request Chain 172
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LO0146JA-8-I3VV&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 173
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LO0146JA-8-I3VV
Request Chain 190
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1697892098262 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1010089160 HTTP 302
  • https://sync.1rx.io/usersync/turn/3843438667609851527?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
Request Chain 191
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://sync.outbrain.com/sync-external?uid=pmrRo4wLvM1jvJsZvswr&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3DXd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q&p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=Xd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR&uid=6ba5396b-92ae-41e7-9c68-566af369286f HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q&p=appnexus&uid=$UID&obUid=Xd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q&p=appnexus&uid=5154921547521339729&obUid=Xd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3DXd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q&p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=Xd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR&uid=6ba5396b-92ae-41e7-9c68-566af369286f HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q&p=15268&obUid=Xd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Request Chain 192
  • https://tg.socdm.com/aux/idsync?proto=amazontam&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dss.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=ZTPHAMCo8YMAANWuQJIAAAAA&ex=ss.com&status=ok
Request Chain 194
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=$UID&ex=yj.com& HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%24UID%26ex%3Dyj.com%26 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3889747672840569450&ex=yj.com&
Request Chain 195
  • https://y.one.impact-ad.jp/ul_cb/a9_cs?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dp1.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=30263585-fe1e-4105-9c6c-de647690968d&ex=p1.com&status=ok
Request Chain 196
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 200
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8243831494846978376&gdpr=0&gdpr_consent=
Request Chain 202
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5154921547521339729
Request Chain 203
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=F6Gm8EKjpfEM9vehE6K4phX3rPYM96zyE_IaRy_9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 204
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=2c89b41c-c555-444d-987c-142a8382ee02
Request Chain 205
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3f709143-10a1-577b-4438-efc7cc5f4758$ip$31.204.145.167
Request Chain 206
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-aO0lLyxE2pdhu5X3OBvLOQmoGhJ2qShuvKVG~A
Request Chain 207
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=92e17aae-7a4f-47d2-88cf-efa73a6c9f71
Request Chain 209
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=Nrw5ZMVMNO_6Cm77dTDI
Request Chain 210
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=e1b58547-64f5-465f-a8be-b944b6237477
Request Chain 211
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=wnT0hVUtP019&ev=1&pid=558355
Request Chain 212
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3147753743312230826
Request Chain 214
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=2050966909577824490&gdpr=&gdpr_consent=
Request Chain 215
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZTPHAgAABg4jNAA5 HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZTPHAgAABg4jNAA5&gdpr=&gdpr_consent=&_test=ZTPHAgAABg4jNAA5
Request Chain 218
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=5a421c59-afe3-4af2-b1d3-0cb476b75117
Request Chain 219
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZTPHAMCo8YMAANWuQJIAAAAA
Request Chain 220
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=rKPpUx5xZ0xRpEOS0aDb&pi=gumgum&tc=1
Request Chain 221
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 224
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&expiration=1700484098&gdpr=0&gdpr_consent=
Request Chain 225
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTPHAq6QIONP0t0NdR41DgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHQO_09Y-8LOjhkCeG1yLpg&google_cver=1
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTPHAq6QIONP0t0NdR41DgAAFTUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBKoaNh3Ck2YYaObj5BG6_w&google_cver=1
Request Chain 229
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5538762629735579458&expiration=1699101698
Request Chain 230
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DC5EFBAD13334B4FB0AA82EF17528B9F
Request Chain 231
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e961db5238a549d8b46788e2683f9a7d&expiration=1700484098
Request Chain 237
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=BOKaUETGxTUZc0hwmMvV_g==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 238
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
Request Chain 239
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 279
  • https://a.c.appier.net/gcm?google_gid=CAESEHxKlVa1cTCOnZBbx7Zsf94&google_cver=1&google_push=AXcoOmTWVF2RmxAy5cCBJ6qWHpuYIzh-sheiAKN2uSAbWrhmsfbs9dvRsG0tTGVi_JAsMOZS0OyAthYxdszNzsYOn7mqGNEme1Fh2IY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVBCM0duVy1DSHVxNVlaWEFzY3paUQ%3D%3D&google_push=AXcoOmTWVF2RmxAy5cCBJ6qWHpuYIzh-sheiAKN2uSAbWrhmsfbs9dvRsG0tTGVi_JAsMOZS0OyAthYxdszNzsYOn7mqGNEme1Fh2IY
Request Chain 280
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFhTTXYbLGXktlzWbLGwnlQ&google_cver=1&google_push=AXcoOmRyOz-0fUDvMaS2nsWuDfw4S2qfBPqdwXv0D7zN78DcP-yU3oZjUrl-3GSO8XmPGPx_Zn8KEyONTUBp_Ota7AHVEIBbYi8_8lQ HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7926f9f4-50b2-4e62-8f53-7725a99d905e&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRyOz-0fUDvMaS2nsWuDfw4S2qfBPqdwXv0D7zN78DcP-yU3oZjUrl-3GSO8XmPGPx_Zn8KEyONTUBp_Ota7AHVEIBbYi8_8lQ&google_hm=-LMUx-yjQ9GlP3_eIiC2Hw==
Request Chain 281
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEFs32itnScYFBbh34abX08M&google_cver=1&google_push=AXcoOmQXfZv96ZjRNspyN_r5WasMMpLIRd8oYti56QtsljtJaNwDvgSlLTU1uF0qQjjm3aSJBZOji3a_X7smiVOy5gewnOpI3rQMPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTY5NDk5NzE2OTQ&google_push=AXcoOmQXfZv96ZjRNspyN_r5WasMMpLIRd8oYti56QtsljtJaNwDvgSlLTU1uF0qQjjm3aSJBZOji3a_X7smiVOy5gewnOpI3rQMPQ
Request Chain 283
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEI3D_hfhUb1rTW7gSGeX5LE&google_cver=1&google_push=AXcoOmTqgnSaXR3N5MiDnjalzw46yeEpPwAa61HI1EZov7OHD0vuQ5nqX-Bi0O9o6VhYXdHS4ul_pijtlEXEezIeVOmDFSMx0ZzWwIY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTqgnSaXR3N5MiDnjalzw46yeEpPwAa61HI1EZov7OHD0vuQ5nqX-Bi0O9o6VhYXdHS4ul_pijtlEXEezIeVOmDFSMx0ZzWwIY&google_hm=Ae9N31IpUEe2jD7sUlrauO8
Request Chain 284
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEOlqqktukoMs5SuGU1vrlxw&google_cver=1&google_push=AXcoOmR-xnD7T4V52pHZEH-omjKloRhcMHZc_dSb86otw7qNPPK4ZkRwrdMz6B_ZtkXuWJLYlFdch4nIPxiVCFDsaKHkvnVMWoQN57eZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-xnD7T4V52pHZEH-omjKloRhcMHZc_dSb86otw7qNPPK4ZkRwrdMz6B_ZtkXuWJLYlFdch4nIPxiVCFDsaKHkvnVMWoQN57eZ
Request Chain 287
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Request Chain 289
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C37LMAsczZdiSA4WWvcAP7L2c2AuYpZ3Vc9bG7rnbEWQQASCU8a4GYInzxYT0E6ABvNymmCjIAQmpAjubfuHsqDw-qAMByAPLBKoE8AFP0Gtjn0HJpqSLNnyIoUBucJD6rRoCH2AvDlhxbJMxDOjTefpiOTik2jSQpalx2qa2uS7Z20JxJW8MZ1vTIU8RuBH57wiA3LgKTeZNUshKht5BD9WUl7VRXeopKzo0H73mm9BF6M3_VMgQ8s6-hYA-VAX8D7RZByghxHqUoz2NPdeiuUWOiXQZ90VhLubR0cVMQuHAiz3SSF53ErIUR1TZEeQmviSPNL0ihgECWadKNuNV-IKI_pimeVH_rYj7YAH7I6ElIBqdXAri7lfp0w37MZbaKE3q5gbQwxTCraqKNi9UqkEg7aDXAsQPVwwmwiHABKzmzIPDBIgFn6Tt00ySBQQIBBgBkgUECAUYBKAGLoAHvJT39wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCQ3gPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJXWh0dHBzOi8vd3d3Lml0b3lva2Fkby5jby5qcC83dGhlcHJpY2UvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTd0aGVwcmljZYAKAcgLAZgM5Ln81twE2gwQCgoQwMeDjYem5MQkEgIBA7gTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNDI5NjY5MjgwMTgyMDgxOBgA&sigh=P8e_ufWvx-M&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNoSti_99gonmk_4Wk4NgzSMyx5u09g0CJeWM6bzWOKtqX03BZiM7Rixxp_nSTZ7UW1i5vfLJ7GAE&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd96b60221742914a0000000000000000%22,%222%22:%220x1c07b34298eb47660000000000000000%22,%223%22:%220xb0493aba1c93d3570000000000000000%22,%224%22:%220xdc923a80bc1adaad0000000000000000%22,%225%22:%220x4a2525845e5f20610000000000000000%22},%22debug_key%22:%224012006514250802129%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215524206774512279633%22}&andc=true
Request Chain 303
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LO0146JA-8-I3VV HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LO0146JA-8-I3VV&ex=d-rubiconproject.com&status=ok
Request Chain 304
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LO0146JA-8-I3VV HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LO0146JA-8-I3VV
Request Chain 308
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA1hf2eI1oMoD5tL75MPtk0&google_cver=1&google_push=AXcoOmRugT2TW_bP_fel-hOBxlclXxZkKXAwQg6kb-KvOTa8Di_vBCtbdFxIcr3EgQTvCoho6ON1N3McyaSw9XoffYnAevQ0uehVZcc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0MzQzODY2NzYwOTg1MTUyNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1hf2eI1oMoD5tL75MPtk0&google_cver=1
Request Chain 309
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPK_TUTwwEP9YKP49N0hw8Y&google_cver=1&google_push=AXcoOmT2fF3wsgzDK4dSCvH0cp1U49WcGT5b2GWtmYl8zThac4gZOSAdKD4xxgMlwfKAi3puvfHER_Pm01kaSwAaQgEDO_4LqlrWW4YU HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5386e1e262ef22a9&is_secure=true&networkId=14000&version=1&google_gid=CAESEPK_TUTwwEP9YKP49N0hw8Y&google_cver=1&google_push=AXcoOmT2fF3wsgzDK4dSCvH0cp1U49WcGT5b2GWtmYl8zThac4gZOSAdKD4xxgMlwfKAi3puvfHER_Pm01kaSwAaQgEDO_4LqlrWW4YU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMQW1jDsUtpwNuuIEWAAAAAAA&expiration=1697978499&google_cver=1&is_secure=true&google_gid=CAESEPK_TUTwwEP9YKP49N0hw8Y&google_push=AXcoOmT2fF3wsgzDK4dSCvH0cp1U49WcGT5b2GWtmYl8zThac4gZOSAdKD4xxgMlwfKAi3puvfHER_Pm01kaSwAaQgEDO_4LqlrWW4YU
Request Chain 310
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEP6SKNEPGtHjS3Z24zg0jZA&google_cver=1&google_push=AXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP6SKNEPGtHjS3Z24zg0jZA&google_cver=1&google_push=AXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 311
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIMwBznxvMSeM3e_h7cjudU&google_cver=1&google_push=AXcoOmSTHgVTOCKNa5I8r0mzDbas6K7KoFjjx3P6tToN7butXHgT_DhNMIko5peH6iROk5g0l8pjYXcAYaR4KZS08YNpH6L7tIt2psmN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSTHgVTOCKNa5I8r0mzDbas6K7KoFjjx3P6tToN7butXHgT_DhNMIko5peH6iROk5g0l8pjYXcAYaR4KZS08YNpH6L7tIt2psmN
Request Chain 312
  • https://fksnk.com/cs/google?google_gid=CAESEBoD_oYHe0zJT5E-O9K1tck&google_cver=1&google_push=AXcoOmSDHq4ACbFctuefV9vcQyKACPs0v8ETl0b8CKwTsd9uvs_KePZJp1ryQzM_5XJ1zJwGC1DAMFhJ0F64Kl32EfXI9YKvTRww3zcG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUVCNDk5MzVDNzMwQTE4NA==
Request Chain 314
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEN29KbbT-fXvYYjFk8DKSF0&google_cver=1&google_push=AXcoOmTumRDC9ilhlQ2_ff6N6_092_IFqDB-so25kNTX3o7qlFEtbZnU0yeBTQ5DnJlwMrs_UmxZd7DiTRLvRWzKKknMSqgg2tJM25bp HTTP 302
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEN29KbbT-fXvYYjFk8DKSF0&google_cver=1&google_push=AXcoOmTumRDC9ilhlQ2_ff6N6_092_IFqDB-so25kNTX3o7qlFEtbZnU0yeBTQ5DnJlwMrs_UmxZd7DiTRLvRWzKKknMSqgg2tJM25bp&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGU2ZWVmYWJjYmE2YzA4&google_push=AXcoOmTumRDC9ilhlQ2_ff6N6_092_IFqDB-so25kNTX3o7qlFEtbZnU0yeBTQ5DnJlwMrs_UmxZd7DiTRLvRWzKKknMSqgg2tJM25bp HTTP 302
  • https://sync.gonet-ads.com/match/google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGU2ZWVmYWJjYmE2YzA4&google_push= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 316
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 318
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQratAsczZY7HCpfAvcAP-uKsuAzf3JS1c4jR3PejEojMkd2VHBABIJTxrgZgifPFhPQToAGsh6aDA8gBA6kCO5t-4eyoPD6oAwHIA8kEqgTrAU_Q6VexuewqgCr3kMGdx3W40ufsRExiLs7mGMUOJgMxsx07kKbcPWLAR9Myc5fRFRoeRo2-yqJ51hNhTNQtDYc-r-vXcoW4mrrQwgmM3LC4spql9G37izBkWzKlC31Tu2HDOwTAAe00cmNtzD4H7Bb8iA7OrKtoTjGHbhJ_ic0H-BegSAUSI1uV8YrbuPYc_7mDBRluvwCbFUfYFJ0Y-p_7XD5Rsz0-Dmunrv04growG50MOqiAixoFQW_x09qpf02PixhcW4sTCWlsxtRy1JlLSPEeBTc5Id-Cb9yzdMBUZ879oK7AY7noyrnABMq2yfvJBIgF3az-5UySBQQIBBgBkgUECAUYBKAGA4AHvPjZfKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO3QBNIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgmsAWh0dHBzOi8vY29taWMtd2Fsa2VyLmNvbS92aWV3ZXIvP3R3PTImZGxjbD1qYSZjaWQ9S0RDV19GUzA2MjAzMjg3MDEwMDAxXzY4JnV0bV9zb3VyY2U9Z2RuJnV0bV9tZWRpdW09YmFubmVyJnV0bV9jb250ZW50PW1laWt5dWJvdWtlbnNoYV8zMDBfZDAxJnV0bV9jYW1wYWlnbj1tZWlreXVib3VrZW5zaGGACgHICwGiDAwqCgoI5LSxAu61sQLaDBEKCxCAib-inqubpY0BEgIBA9gTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00Mjk2NjkyODAxODIwODE4GAA&sigh=_3xhHILQHHc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNK3kHDCJVvv4sz3xoag-xAQ4sY1Txw1Pz2-zWxPTobLhows3JjIJ5B14Xm7brHmwgccSUEMKGGAE&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd6fa8bea4cdfaa7f0000000000000000%22,%222%22:%220x4952791103a4ec450000000000000000%22,%223%22:%220xfdc33f7220f028f10000000000000000%22,%224%22:%220x35952aa84fe3aa4c0000000000000000%22,%225%22:%220x9a8da60ed9c905bf0000000000000000%22},%22debug_key%22:%229324632885379204651%22,%22debug_reporting%22:true,%22destination%22:%22https://comic-walker.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22812221356%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211179406741342742849%22}&andc=true
Request Chain 319
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AZeHHCUI7285ks8AD7P31LT3lc8AAAGLUkFjYg
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f8b314c7-eca3-43d1-a53f-7fde2220b61f HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f8b314c7-eca3-43d1-a53f-7fde2220b61f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=39d3c750-c343-4dbc-841e-7117bbc97dd7&user_group=1&ssp=pubmatic&bsw_param=f8b314c7-eca3-43d1-a53f-7fde2220b61f HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 321
  • https://ds.uncn.jp/pm/0/sync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef
Request Chain 323
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_
Request Chain 324
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5154921547521339729&gdpr=0&gdpr_consent=
Request Chain 328
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-PB3GnW-CHuq5YZXAsczZQ
Request Chain 330
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=e961db5238a549d8b46788e2683f9a7d
Request Chain 331
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=P3CRQxChV3tEOO_HzF9HWB_Mkac&gdpr=0&gdpr_consent=
Request Chain 333
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf1dca041ebd84a6d8e2354fcada8f8ff
Request Chain 334
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 335
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rdNEECL61QUbir5&gdpr=0&gdpr_consent=
Request Chain 336
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC5EFBAD13334B4FB0AA82EF17528B9F&gdpr=0&gdpr_consent=
Request Chain 337
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245967042705005
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ah_gj3guQJW-8CXCb_avVg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 340
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=6A1FE08F-782E-4095-BEF0-25C26FF6AF56 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=6A1FE08F-782E-4095-BEF0-25C26FF6AF56 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1ab472d1-5f7c-4937-947f-96702413600e%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=1ab472d1-5f7c-4937-947f-96702413600e%2C%2C
Request Chain 342
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkExRkUwOEYtNzgyRS00MDk1LUJFRjAtMjVDMjZGRjZBRjU2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKFjjMCCHx2E7r1FT6fy9qw&google_cver=1
Request Chain 346
  • https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZTPHAMCo8YMAANWuQJIAAAAA
Request Chain 347
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=
Request Chain 348
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5538762629735579458
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L6QtLKdE2uVfJfgoDp4WtrfHbl8wUek-~A&gdpr=0
Request Chain 351
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 352
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=77869304d4e4227f&is_secure=true&networkId=17100&version=1&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQW1jDsUttAMYORXJAAAAAAA&expiration=1697978499&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 359
  • https://id5-sync.com/i/747/8.gif?id5id=ID5*odzvPPCltxT8w27OzHvlzClyxqeXwFrHMVdEdnTlvE1o-0oWv-GpqLDXJd-OOR8EaPw4ZDnXNu3Ja60eo439kQ&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/747/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/2/6/3.gif?puid=5154921547521339729&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/108/5/4.gif?puid=1ab472d1-5f7c-4937-947f-96702413600e&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/441/4/5.gif?puid=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/747/19/3/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/19/3/6.gif?puid=9d6085902ec5cba92a7a305fb5ede632&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50%26partner_url%3Dhttps%253A%252F%252Fid5-sync.com%252Fc%252F747%252F826%252F2%252F7.gif%253Fpuid%253D40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F826%2F2%2F7.gif%3Fpuid%3D40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/747/826/2/7.gif?puid=40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=39725d172d931faa&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/822.gif?puid=AAAMUFlDwy6N5gMBiTowAAAAAAA&expiration=1697978502&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/747/112/0/9.gif?puid=20E51ABF526A0992&gdpr=0&gdpr_consent=
Request Chain 362
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=651b575ed7
Request Chain 363
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5538762629735579458&gdpr=0&gdpr_consent=
Request Chain 364
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=8243831494846978376&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 365
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZTPHAgAABg4jNAA5&gdpr=0&gdpr_consent=
Request Chain 371
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnatalie.mu%2F&domain=natalie.mu&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=gxr8_3xaSFlCUGx2SWwvT2IwRlNYcEhVZEpXeS81U1RXZW9kWml3aG8rYXdHMmxUSlluNXZJL2VEajUybjBUczh4NkNQMzQ4MVpyTnRvN0hTbUYzZGdjdDk2QURCNGhoR2xuQkFyeTk5ekRSNTlxN1JhYXkremVYdE45Y1o5bkRNVk5DcHJWaU9VdTNrVnlxVVNIajV1NHA0UzN5UGtVU3FjbTBXcWxLWmVMYk10S1JGZ0dsN1ovcks0NE5yNEhLNGJQYWlFVU9rRy9mSkpnQk0rTmJSZEloZ3R4dVRhUnMxUWJ2SGpxdWhnbG1FbkZ5TzdqdjFuZGh3VXduQnVKR3J4SGhySlIyMEdBeXY5OHRwV0ZRaEJIbFc3UT09fA&cppv=2
Request Chain 376
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 382
  • https://y.one.impact-ad.jp/push_sync HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tvu5f2p&ttd_tpi=1 HTTP 302
  • https://y.one.impact-ad.jp/cs?d=247&uid=5a421c59-afe3-4af2-b1d3-0cb476b75117&tg=2&et=30&r=no&ttl=1700484100 HTTP 302
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Request Chain 387
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1060c56c8daa1faa&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALQleq18dQvgM5w0CdAAAAAAA&expiration=1697978500&nuid={OX_USER_ID}&is_secure=true
Request Chain 389
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=DC5EFBAD13334B4FB0AA82EF17528B9F
Request Chain 392
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=rdNEECL61QUbir5
Request Chain 393
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZTPHAgAABg4jNAA5
Request Chain 395
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56xCfe01KBDDa007jcqN
Request Chain 398
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 399
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Drkt%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=rkt&refUrl=&vid=78921005193408937000032733000V10&ovsid=2018245967042705005
Request Chain 401
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=son&refUrl=&vid=78921005193408937000032733000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=son&refUrl=&vid=78921005193408937000032733000V10&ovsid=1402b278-a7fe-4836-a434-12140de2c5a1
Request Chain 402
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dopx%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=opx&refUrl=&vid=78921005193408937000032733000V10&ovsid=139879f3-4640-46fb-9c48-7aa9f93d7d98
Request Chain 403
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dr1%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=66806327 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/5a421c59-afe3-4af2-b1d3-0cb476b75117 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dr1%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3DRX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=r1&refUrl=&vid=78921005193408937000032733000V10&ovsid=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQwODkzNzAwMDAzMjczMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEERlAmVYDM6ndiPt2tgupSM&google_cver=1
Request Chain 405
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Ddxu%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=dxu&refUrl=&vid=78921005193408937000032733000V10&ovsid=rdNEECL61QUbir5
Request Chain 406
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40e903b5-467c-4476-8f35-049066a27aa9&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 407
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f8b314c7-eca3-43d1-a53f-7fde2220b61f&google_hm=ZjhiMzE0YzctZWNhMy00M2QxLWE1M2YtN2ZkZTIyMjBiNjFm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHZHgln7QI8_v8nXZjELHvE&google_cver=1&ssp=medianet&bsw_param=f8b314c7-eca3-43d1-a53f-7fde2220b61f HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 408
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=Nrw5ZMVMNO_6Cm77dTDI
Request Chain 409
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3408937000032733000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3408937000032733000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=d6cf8721-9121-41ff-8302-2579438d0610&cs=1
Request Chain 410
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5a421c59-afe3-4af2-b1d3-0cb476b75117
Request Chain 417
  • https://x.bidswitch.net/sync?ssp=uliza&dsp_uuid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b314c7-eca3-43d1-a53f-7fde2220b61f&ssp=uliza&gdpr=&gdpr_consent=
Request Chain 419
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=5a421c59-afe3-4af2-b1d3-0cb476b75117&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 420
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyNzYxNzcxOTIxNzI2MjY3NzQ5NA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENPvTT_gXXE1ICqtKWsijqk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 422
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyNzYxNzcxOTIxNzI2MjY3NzQ5NA%3D%3D
Request Chain 424
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2927617719217262677494?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-757Ut.FE2oSVrBu16M6y3fymTBtkgTX_d58kZhCE4A--~A&dongle=0883
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2927617719217262677494&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5538762629735579458&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 427
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=40e903b5-467c-4476-8f35-049066a27aa9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 428
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5154921547521339729&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 437
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56 HTTP 302
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892101
Request Chain 439
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LO0146JA-8-I3VV HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LO0146JA-8-I3VV
Request Chain 446
  • https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=e87aa514-3fcd-49d2-b898-58c9384f6ee0&gdpr=0
Request Chain 459
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56 HTTP 302
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892104

463 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
natalie.mu/
Redirect Chain
  • http://natalie.mu/
  • https://natalie.mu/
157 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.123.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-123-43.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
28ac2bde4ed34f45e46efed7beba16533fee0e741b900308f47a9598e0395b13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
https://natalie.mu
age
26
cache-control
max-age=600, must-revalidate, public
content-encoding
gzip
content-length
29684
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:36 GMT
vary
Accept-Encoding
x-cache
hit

Redirect headers

Age
15
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 21 Oct 2023 12:41:36 GMT
Location
https://natalie.mu/
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Cache
hit
X-Frame-Options
SAMEORIGIN
home-v1697683105.css
natalie.mu/asset/common/polar/desktop/css/ 		95 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://natalie.mu/asset/common/polar/desktop/css/home-v1697683105.css
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.123.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-123-43.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
bdea8ca130f382ce76702da5a568e95768308c835a9a7a84f83d792d1dd12bf4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2023 02:38:25 GMT
age
35802
etag
W/"653096a1-17b03"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
20310
expires
Sun, 20 Oct 2024 02:44:53 GMT
natalie.min.js
flux-cdn.com/client/natasha/ 		760 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flux-cdn.com/client/natasha/natalie.min.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.5.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-5-52.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f08f672cf98b2d50eb91a14c8f320328de60ad0b96a26f5b534396891edeb488

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
zOc6P9JcJ0fKlsuU1_SaKCQ8X.ZUr7IK
content-encoding
br
via
1.1 c1497a48102918183992800b1802b40a.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 12:38:48 GMT
last-modified
Fri, 20 Oct 2023 10:21:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT51-C4
age
169
x-amz-server-side-encryption
AES256
etag
W/"667017b0d338264a095645db23e495c0"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=900
x-amz-cf-id
uSfZ7PhxVC3f4MMR3ORZSq4-8x72UsswZzlt-S-zwGb9MESTCAr3ug==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7c1fbc0d924a6f80a84561ec72130579e501b6c91af3f7b9fe255a7325e81c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29550
x-xss-protection
0
server
cafe
etag
713 / 19651 / m202310170101 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:36 GMT
oshareclip_202310_03.jpg
ogre.natalie.mu/media/news/eiga/2023/1020/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/eiga/2023/1020/oshareclip_202310_03.jpg?impolicy=thumb_fill&cropPlace=Center&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
04585fe3a4195af44171b5d9df484a6229ce37cbdfc781626c1d7ca0719c925c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 12:30:21 GMT
Server
Akamai Image Manager
ETag
"cfd5b9f41747529f19ffabc1bae24ec6"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6645
Expires
Sun, 22 Oct 2023 00:41:36 GMT
KOC2023_SARUGORILLA.jpg
ogre.natalie.mu/media/news/owarai/2023/0927/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/owarai/2023/0927/KOC2023_SARUGORILLA.jpg?impolicy=thumb_fill&cropPlace=Center&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
efbaa7830b1169b4a9ae5b327d6f9d07b4e17be0a45bf555f1f0e270bd670f8e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Thu, 19 Oct 2023 08:00:11 GMT
Server
Akamai Image Manager
ETag
"b230c4aa348065cffd3e5723bdc51bf9"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
19740
Expires
Sun, 22 Oct 2023 00:41:36 GMT
yonekichisama_10.jpg
ogre.natalie.mu/media/news/stage/2023/1016/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/stage/2023/1016/yonekichisama_10.jpg?impolicy=thumb_fit&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
dbc10a6a6bf1332ef8e2e8e28506f32a3e5434a097cea72efb5e024f8b80fd16

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 10:00:47 GMT
Server
Akamai Image Manager
ETag
"4ba9699d673938c3eda637d396e79be2"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
21508
Expires
Sun, 22 Oct 2023 00:41:36 GMT
BOYNEXTDOOR_art202309.jpg
ogre.natalie.mu/media/news/music/2023/0928/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/music/2023/0928/BOYNEXTDOOR_art202309.jpg?impolicy=thumb_fit&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3402dafcba71e2b1d9a664b616dbc58acde903d82d42b35ee351511d657fff64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 09:00:24 GMT
Server
Akamai Image Manager
ETag
"0a9dcc13a73997a52b7a5eeeb16fa474"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
23001
Expires
Sun, 22 Oct 2023 00:41:36 GMT
hiropri-kanshasai.jpg
ogre.natalie.mu/media/news/comic/2023/1021/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/comic/2023/1021/hiropri-kanshasai.jpg?impolicy=thumb_fit&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
448f89436b236a52d868715ba4fa2e07d2bf9e24210cc960c3913efe76420944

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 06:00:35 GMT
Server
Akamai Image Manager
ETag
"60e4372ac8f1d846466b736ed8d2bbff"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
11684
Expires
Sun, 22 Oct 2023 00:41:36 GMT
scandal16_thumb.jpg
ogre.natalie.mu/media/pp/scandal16/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/scandal16/scandal16_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
69efd852105c504fa6d535d85372056853363d06b64d2b4a57670a99cac04c85

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Tue, 17 Oct 2023 07:47:06 GMT
Server
Akamai Image Manager
ETag
"85db1ad7c3d367d275d7aad9f3416499"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6462
Expires
Sun, 22 Oct 2023 00:41:36 GMT
cmoa_denshi2024_01_X.jpg
ogre.natalie.mu/media/pp/cmoa_denshi2024_01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/cmoa_denshi2024_01/cmoa_denshi2024_01_X.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
244240696aa799538656ed334adb5a9e445c4daa32672dc89bed9f548e042b4c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Thu, 19 Oct 2023 02:33:13 GMT
Server
Akamai Image Manager
ETag
"2503a347d06e4368a74abcf921f07889"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
9684
Expires
Sun, 22 Oct 2023 00:41:36 GMT
thumb_inbox_1920.jpg
ogre.natalie.mu/media/pp/kusuriyanohitorigoto/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kusuriyanohitorigoto/thumb_inbox_1920.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a8eb1b50c925abfc85ede83208929f4e261b46257c89eeaca3b0071a0c8cb71a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Thu, 19 Oct 2023 03:59:07 GMT
Server
Akamai Image Manager
ETag
"9f600d56de8e76fd24c191f8e97a6dcb"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
17185
Expires
Sun, 22 Oct 2023 00:41:36 GMT
japanmobilityshow_x2.jpg
ogre.natalie.mu/media/pp/japanmobilityshow/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/japanmobilityshow/japanmobilityshow_x2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2071303c787db42eb2ce529f4f4baa35a87863d9adbd958e0e3416e856057ded

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Fri, 20 Oct 2023 02:47:03 GMT
X-Serial
860
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"62e1f4ab873182aea128386439a64d57"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
15135
Expires
Sun, 22 Oct 2023 00:41:36 GMT
btn_appstore.png
ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/btn_appstore.png
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2f866ee63cfae613128f652f897fb09b3ba8c36f6e6d74557f30afcd3ccc8b97

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Wed, 16 Aug 2023 01:46:12 GMT
X-Serial
1047
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"aaad3ccd75264a2f3423f49c4e98a8ce"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
5143
Expires
Sun, 22 Oct 2023 00:41:36 GMT
btn_googleplay.png
ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/btn_googleplay.png
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
671bf97817ffbfa377d13363e433de6cbcdf24c7e37ded61d8f4824e6e122f3e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Wed, 16 Aug 2023 01:58:48 GMT
Server
Akamai Image Manager
ETag
"1799443fa0c45a873c847a590be178d0"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
5625
Expires
Sun, 22 Oct 2023 00:41:36 GMT
scripts.js
ogre.natalie.mu/asset/natalie/common/polar/desktop/js/ 		239 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ogre.natalie.mu/asset/natalie/common/polar/desktop/js/scripts.js?v=1697683105
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0517be2e55df99767c225ddbe836fc534d8255e172046cd92da0e79cbc6ead5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Oct 2023 01:53:01 GMT
Server
AmazonS3
x-amz-request-id
06BCHVQHN6RAAP8A
ETag
"08745a8e5897b1c4a5c4a8dfeab3ca6f"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
x-amz-id-2
EVcss0qfU7PKkJMkgYXkPl7nqpYYSBM6EQnBoM511/e5R/WmR8B+fwzTajwmn53ZF1h0C46C7QqAB/QocYA+Ig==
Expires
Sun, 20 Oct 2024 12:41:36 GMT
gtm.js
www.googletagmanager.com/ 		232 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F3HP
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79ed04659dc9b317ff439987185dc8784914bd72075302e4570929411a953c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78043
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 Oct 2023 12:41:36 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.143.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-143-60.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
209807b4a945eb3978b50de85596e82a78af6ec6cf2d8757abadf90ef182a687

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:00:46 GMT
content-encoding
gzip
via
1.1 f78af098760ae7385efaf026c9ad4d94.cloudfront.net (CloudFront), 1.1 1e25bd98fa0bda7498f5119d7dc137f0.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 19:57:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5, NRT51-C3
age
2451
x-amz-server-side-encryption
AES256
etag
W/"e715d530f804a6faeb76dbd12252e8fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
T3BC-EH_fgIXYbWRIlpXzm3evdepZCtjFmi5kXNYSEyGdnllM16M0g==
AGSKWxXGB490MowzRTw2OYzMq8iFUtAn24PL7ogoD7CH0Mh70xmCsrt8RvIUVgwHJvoYEyYt8ZILKUcU4GHn_g1FSsg=
fundingchoicesmessages.google.com/f/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXGB490MowzRTw2OYzMq8iFUtAn24PL7ogoD7CH0Mh70xmCsrt8RvIUVgwHJvoYEyYt8ZILKUcU4GHn_g1FSsg=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ba4b5ac331c068dc59f2ba2b75d7718361334894077fbabec31af25b39e5935
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Z9AwB1MWdHvHJUX-dW5KNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Z9AwB1MWdHvHJUX-dW5KNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
custom_icon.png
natalie.mu/asset/common/polar/desktop/image/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://natalie.mu/asset/common/polar/desktop/image/common/custom_icon.png?v20230801
Requested by
Host: natalie.mu
URL: https://natalie.mu/asset/common/polar/desktop/css/home-v1697683105.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.123.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-123-43.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
122ab4c35f77496004124ffef2a86971276920136dba4e7e12302b3a9c66c640

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/asset/common/polar/desktop/css/home-v1697683105.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
last-modified
Wed, 18 Oct 2023 06:46:51 GMT
age
278484
etag
"652f7f5b-8da"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
2266
expires
Thu, 17 Oct 2024 07:20:11 GMT
header.png
natalie.mu/asset/common/polar/desktop/image/home/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://natalie.mu/asset/common/polar/desktop/image/home/header.png?v20230801
Requested by
Host: natalie.mu
URL: https://natalie.mu/asset/common/polar/desktop/css/home-v1697683105.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.123.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-123-43.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4ceccebc9a84ac6bd5dd8db1b6ae99496c939343d6236e77d698467ba411c157

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/asset/common/polar/desktop/css/home-v1697683105.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
last-modified
Wed, 18 Oct 2023 06:46:51 GMT
age
278800
etag
"652f7f5b-1648"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
5704
expires
Thu, 17 Oct 2024 07:14:55 GMT
NataIcon.woff
natalie.mu/asset/common/polar/desktop/font/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://natalie.mu/asset/common/polar/desktop/font/NataIcon.woff?v20230801
Requested by
Host: natalie.mu
URL: https://natalie.mu/asset/common/polar/desktop/css/home-v1697683105.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.123.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-123-43.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
252291b67c643c0c847e52b81a296dbb93c31096073b4c5ce43dc69e664443e9

Request headers

Referer
https://natalie.mu/asset/common/polar/desktop/css/home-v1697683105.css
Origin
https://natalie.mu
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
last-modified
Wed, 18 Oct 2023 06:46:51 GMT
age
278486
etag
"652f7f5b-18c0"
x-cache
hit
content-type
application/font-woff
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
6336
expires
Thu, 17 Oct 2024 07:20:09 GMT
3673
config.aps.amazon-adsystem.com/configs/ 		505 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3673
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.54.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-54-81.nrt20.r.cloudfront.net
Software
CloudFront /
Resource Hash
f33329ad037f275e6222ab50a050d2b13dba6d7f1026866a36160016e50585dd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:38:31 GMT
via
1.1 debbc427c5c43fa2029c8585e5059a5e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT20-C3
age
185
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
-pkhWj-UkVsmMMLE-ent0_sidG8OfSuc-rRGb1kb1RrI9DTiwKmMJQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223673%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%2...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223673%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnatalie.mu%252F%22%2C%22lv%22%3A%2223.1010.1530%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.222.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-222-34.nrt51.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
via
1.1 c8bd52480d52aa955712f548179b6426.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
SCAPrEPHM4cN_qH4WDama8pcrZDQXcXH_LqWfA-0BnnDttpobrGVUQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3673&u=https%3A%2F%2Fnatalie.mu
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.143.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-143-60.nrt51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 07:29:04 GMT
via
1.1 1e25bd98fa0bda7498f5119d7dc137f0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT51-C3
age
18751
x-cache
Hit from cloudfront
access-control-allow-origin
https://natalie.mu
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
96eTQVR-M73guE9rLEwCugbTSV-x88I8y-6FyL7Xv3IIel2L7NMicw==
bid
aax.amazon-adsystem.com/e/dtb/ 		151 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3673&u=https%3A%2F%2Fnatalie.mu%2F&pid=BK7YFoVsXcFW3&cb=0&ws=1600x1200&v=23.1010.1530&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1000000000002-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F4581080%2Fportal_big%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1000000000003-0%22%2C%22s%22%3A%5B%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F4581080%2Fportal_top%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.222.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-222-34.nrt51.r.cloudfront.net
Software
Server /
Resource Hash
4a2a76a2c71904a0ab0901a27104e5845bd8eb87d1b9a377ec188ff166f5b7aa

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
via
1.1 afaa51f779a1f87343986db80c97b24c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
timing-allow-origin
*
content-length
151
x-amz-cf-id
rAadT4LCKTbr7mH2lSMuaSbbduTwWVcsKccjabNuTPM781ceLXkRhw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.143.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-143-60.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 14fa20286bbb856e84a3ad09af9ec060.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 05:24:29 GMT
x-amz-cf-pop
NRT51-C3
age
34739
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
7g_BsQ0-Q2s-PVnqhDuTbx_6xv1shLsEX_IXeUHgwxbhsIJS18QbOw==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F3HP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 11:30:36 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4260
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 21 Oct 2023 13:30:36 GMT
9fboejhehh
www.clarity.ms/tag/ 		649 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9fboejhehh
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
226c340f0e636f3497595460ce97a3ab6ede611afb7936035aa9f280160e04e1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
-1
date
Sat, 21 Oct 2023 12:41:36 GMT
x-azure-ref
20231021T124136Z-qaz3uxwdh91qh4u0pf2udxc4ds000000019g000000035k1m
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
649
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
bi.js
cs.nakanohito.jp/b3/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs.nakanohito.jp/b3/bi.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.114.55.135 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
203x114x55x135.ap203.ftth.arteria-hikari.net
Software
nginx /
Resource Hash
deecb2faa3ec6c98b69bbb9ba7cb0a63e95fe5c711f9b4857e7b676fdc8aaa63

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Oct 2023 10:41:00 GMT
Server
nginx
ETag
W/"65267bbc-db60"
Transfer-Encoding
chunked
Content-Type
application/javascript
P3P
policyref="http://b.nakanohito.jp/w3c/p3p.xml", CP="NOI DSP COR ADM DEV PSA OUR IND UNI COM NAV INT STA"
Cache-Control
max-age=10800
Connection
close
Cache_Control
public
Expires
Sat, 21 Oct 2023 15:41:36 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y7LQ4S8GZR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F3HP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32bf7f3c73d70754912436e7180e7ee25a1e97ce74c33b8a547020bccc9feab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86196
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 12:41:36 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3da6fe153a252f454e3e58e8919b6f2bb5db37d1ff6a376881c6967e2d6171c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
31246
x-jsd-version
1.0.1849
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
834
x-served-by
cache-fra-eddf8230103-FRA, cache-nrt-rjtf7700024-NRT
x-jsd-version-type
version
etag
W/"635-oNUlBy9UD3FdZLE6gVaFW6sk7+c"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
yield-manager.browsiprod.com/ 		101 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/prebid?sk=natalie&sw=1600&sh=1200&url=https%3A%2F%2Fnatalie.mu%2F&us=%7B%7D&at=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.116.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-116-10.kix50.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
b9fb79755d8ffabfa5269b24ce02ba4cde1ce40561c6ef092a7c503179c3fbeb

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 471b140bf21b8c2f0f18622f5f2108d6.cloudfront.net (CloudFront)
server
akka-http/10.2.1
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
x-amz-cf-id
0kVSmdhyhGrez-Uql1X5LYnqwr7C1_FEyK-Ll7jl1pQC2FxjjFv7Ug==
/
bs.nakanohito.jp/b3/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bs.nakanohito.jp/b3/
Requested by
Host: cs.nakanohito.jp
URL: https://cs.nakanohito.jp/b3/bi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.114.55.140 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
203x114x55x140.ap203.ftth.arteria-hikari.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Server
nginx
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://natalie.mu
P3P
policyref="http://b.nakanohito.jp/w3c/p3p.xml", CP="NOI DSP COR ADM DEV PSA OUR IND UNI COM NAV INT STA"
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 11:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3764
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 20 Oct 2024 11:38:52 GMT
knighta_mv.jpg
ogre.natalie.mu/media/news/music/2023/1021/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/music/2023/1021/knighta_mv.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
caee451e4417b8754826f2d640cb050a87151005051ce98b02d2f7bf7334783f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 08:53:34 GMT
Server
Akamai Image Manager
ETag
"2e23fa917dc2db9afaf2da3074fc00eb"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6076
Expires
Sun, 22 Oct 2023 00:41:36 GMT
fujiifumiya_art202304.jpg
ogre.natalie.mu/media/news/music/2023/0414/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/music/2023/0414/fujiifumiya_art202304.jpg?impolicy=thumb_fill&cropPlace=Center&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
00f2643a8ba8fe3434c2565953b282d787621ef3cae58fa041ba6d21c401fb05

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sun, 10 Sep 2023 03:01:18 GMT
X-Serial
491
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"b139dd73f384d5a30f8685dce3ed8509"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
1469
Expires
Sun, 22 Oct 2023 00:41:36 GMT
IMG_6032.jpg
ogre.natalie.mu/media/news/music/2023/1021/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/music/2023/1021/IMG_6032.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1a64ab4d2224ef4a0adb5c00ceeea7814b61f62055192c779785aacda1a4c670

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 11:34:02 GMT
Server
Akamai Image Manager
ETag
"660217b5868dcdde4251566905cc1a11"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
3972
Expires
Sun, 22 Oct 2023 00:41:36 GMT
6_000000004672.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/6_000000004672.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.171.128 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-56-171-128.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
db18d34292e56ece2c92ec11e3b5c286c22a9d616e85af4450c0e518c14d11f2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Wed, 18 Oct 2023 01:13:14 GMT
Server
Akamai Image Manager
ETag
"652f307a-4fdd"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
4623
Expires
Sun, 22 Oct 2023 00:41:36 GMT
9_000000004660.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/9_000000004660.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.171.128 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-56-171-128.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4394dd85796842b60b622367e2da73ff308dd75c452863c1cbf65fb8a4bb9e94

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Fri, 13 Oct 2023 09:17:09 GMT
X-Serial
1432
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"65290a76-b452"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
15388
Expires
Sun, 22 Oct 2023 00:41:36 GMT
miku_td.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/miku_td.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.171.128 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-56-171-128.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
380e3aeaf28b7671ac80fd61c01dc1a33197ededbee49033ed3c996596c64c59

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Mon, 25 Sep 2023 09:48:12 GMT
X-Serial
310
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"6511567e-88e7"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
12943
Expires
Sun, 22 Oct 2023 00:41:36 GMT
2_000000004574.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/2_000000004574.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.171.128 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-56-171-128.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b8c91a8180c03c16e1554367b4f71f7396d6de86dc191cd06be078fc96290515

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Tue, 04 Jul 2023 08:29:15 GMT
Server
Akamai Image Manager
ETag
"64a3d7e1-8c50"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
9366
Expires
Sun, 22 Oct 2023 00:41:36 GMT
1_000000003786.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/1_000000003786.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.171.128 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-56-171-128.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f8de31382f761a63e986f704aea08f4b6bc138900dc89e6fefe2047bf8b465ac

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Tue, 05 Sep 2023 10:50:16 GMT
X-Serial
1270
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"64f7073e-8297"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6409
Expires
Sun, 22 Oct 2023 00:41:36 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-677a99a30a3a34fe662b0a543996efc9-d04c848c8d4cd6dd-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
677a99a30a3a34fe662b0a543996efc9/15009517397319931613
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
676194
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
Server
cloudflare
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDsv%2BixGv8QFuNVIUk3I7oThoLoGZ8%2FJTQ0ExCbgIXA%2Bhw6CnVaZuSGuJd8W3E8Uf60QAn1SFx8Nwjsd94qxP8L8ToimL6NyBbN326AwBrCjAXwfDMixme2lkkB3okS3MAbI%2FkrP3ONCdfUJ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=1800
CF-RAY
819993624d6e6845-NRT
Expires
Sat, 21 Oct 2023 13:11:36 GMT
4581080
fundingchoicesmessages.google.com/i/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/4581080?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2817985411793c7822b61c9887b0ee12f83d883d9262018eb769792b6791739c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gPHpz-ma7PiMFxSR84zBTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-gPHpz-ma7PiMFxSR84zBTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1175173064&t=pageview&_s=1&dl=https%3A%2F%2Fnatalie.mu%2F&ul=en-us&de=UTF-8&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=960750&gjid=1654854985&cid=306292013.1697892096&tid=UA-45927307-1&_gid=808437681.1697892096&_r=1&_slc=1&gtm=45He3ai0n81KQ3F3HP&z=1652412373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1175173064&t=pageview&_s=1&dl=https%3A%2F%2Fnatalie.mu%2F&ul=en-us&de=UTF-8&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1061182273&gjid=1939898637&cid=306292013.1697892096&tid=UA-45927307-2&_gid=808437681.1697892096&_r=1&_slc=1&gtm=45He3ai0n81KQ3F3HP&z=1139264926
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1175173064&t=pageview&_s=1&dl=https%3A%2F%2Fnatalie.mu%2F&ul=en-us&de=UTF-8&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=397736026&gjid=1107561069&cid=306292013.1697892096&tid=UA-45927307-15&_gid=808437681.1697892096&_r=1&_slc=1&gtm=45He3ai0n81KQ3F3HP&z=825747978
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y7LQ4S8GZR&gtm=45je3ai0&_p=1175173064&cid=306292013.1697892096&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697892096&sct=1&seg=0&dl=https%3A%2F%2Fnatalie.mu%2F&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y7LQ4S8GZR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_big&tagId=37154%3A1000254608&groupId=1000157048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.72.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-72-35.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:36 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_top&tagId=37154%3A1000254612&groupId=1000157048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.72.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-72-35.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:36 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 , Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://natalie.mu
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sat, 21 Oct 2023 12:41:36 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 , Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://natalie.mu
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sat, 21 Oct 2023 12:41:36 GMT
translator
hbopenbid.pubmatic.com/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19434&site_id=228754&zone_id=1133212&size_id=2&eid_pubcid.org=c6898560-ba59-49ec-8e96-e3136088c515%5E1&rf=https%3A%2F%2Fnatalie.mu%2F&tg_i.domain=natalie.mu&tg_i.page=https%3A%2F%2Fnatalie.mu%2F&tg_i.pbadslot=%2F4581080%2Fportal_big&tk_flint=pbjs_lite_v8.6.0&x_source.tid=89d08457-9ec5-44b5-a8ca-6e67965fb24a&l_pb_bid_id=50e295e5c2394b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&rp_maxbids=1&p_gpid=%2F4581080%2Fportal_big&slots=1&rand=0.9943996972896505
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ae470b2598822702c98fa0fdb3340d304e2ea7f8f445d463aa2a012d0394ffa1

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
330
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19434&site_id=228754&zone_id=1133214&size_id=15&alt_size_ids=221&eid_pubcid.org=c6898560-ba59-49ec-8e96-e3136088c515%5E1&rf=https%3A%2F%2Fnatalie.mu%2F&tg_i.domain=natalie.mu&tg_i.page=https%3A%2F%2Fnatalie.mu%2F&tg_i.pbadslot=%2F4581080%2Fportal_top&tk_flint=pbjs_lite_v8.6.0&x_source.tid=89d08457-9ec5-44b5-a8ca-6e67965fb24a&l_pb_bid_id=6f8cc1a748a906&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c96e4bee-7039-422a-b0be-df60eca5deb6&rp_maxbids=1&p_gpid=%2F4581080%2Fportal_top&slots=1&rand=0.7648766362614181
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f66516859be0502de78c76ada7e180424f283aff737d184d77b5f6993ac01781

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
331
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=566500
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f3fc366031f4cf0871a99060c0c58f6c06360c5f9df2f2d0c530e0495bc7336

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nVZxoBpd9IuTJk2NgcKpGlDhN37zCYbVG9NNPvSPeoTfJJfceTo%2FBKD%2Bi8lo4JdpnhBIvIsUJ9yyn6fHY8T7iA32AhLMfV%2FcLdqVWzori%2BKQW2EpvXTxfIXn6oq7W99sH3HuRXS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81999362cf968a60-NRT
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
/
shb.richaudience.com/hb/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.61 , Indonesia, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.61 , Indonesia, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:36 GMT
access-control-allow-credentials
true
server
nginx/1.14.1
access-control-max-age
86400
prebid
hb.adingo.jp/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_big&tagId=37154%3A1000254608&groupId=1000157048
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.72.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-72-35.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-app
prebid/fluctBidAdapter
Referer
https://natalie.mu/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
x-fluct-version
1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:36 GMT
access-control-expose-headers
x-openrtb-version
access-control-allow-credentials
true
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
prebid
hb.adingo.jp/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_top&tagId=37154%3A1000254612&groupId=1000157048
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.72.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-72-35.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-app
prebid/fluctBidAdapter
Referer
https://natalie.mu/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
x-fluct-version
1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:36 GMT
access-control-expose-headers
x-openrtb-version
access-control-allow-credentials
true
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=9jevnBLmR&skt=5&tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&prebid_id=208442f30829742&prebid_ver=8.6.0&page_url=https%3A%2F%2Fnatalie.mu%2F&ad_format_ids=4&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c6898560-ba59-49ec-8e96-e3136088c515%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.146.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-146-82.nrt51.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a5a90b97f551b67813511bc87b57d99c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
qjR6bMgP0SgxS9QohDg6tMBk4XRB9Mo-D53toMrSQF3odrg8-Rfl3Q==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=ItCYZfYmR&skt=5&tid=c96e4bee-7039-422a-b0be-df60eca5deb6&prebid_id=21935b19303afc4&prebid_ver=8.6.0&page_url=https%3A%2F%2Fnatalie.mu%2F&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c6898560-ba59-49ec-8e96-e3136088c515%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.146.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-146-82.nrt51.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a5a90b97f551b67813511bc87b57d99c.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
_tA8Q5v4mb-PiMOjCxRL3E1mLkCcWp80_OwUW8zoq6gOwqOPCfbMGA==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
pb.ladsp.com/adrequest/ 		91 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.165.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-165-187.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
prebid
pb.ladsp.com/adrequest/ 		91 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.165.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-165-187.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
v1
d.socdm.com/adsv/ 		1017 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=55792&sdktype=0&hb=true&t=json3&transactionid=c96e4bee-7039-422a-b0be-df60eca5deb6&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.162 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
33db50983fdd055ed3ab1d4eae8637dc27da0be1816fa80e17f5be11f336a183

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=55792&sdktype=0&hb=true&t=json3&transactionid=c96e4bee-7039-422a-b0be-df60eca5deb6&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZTPHAMCo8YIAAGXAfhIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad114"}
X-SO-Key
ZTPHAMCo8YIAAGXAfhIAAAAA
X-SO-Upstream-ID
m-ad114
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad114.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
1017
X-SO-IP
31.204.145.167
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
7
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
auction
tlx.3lift.com/header/ 		19 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fnatalie.mu%2F&tmax=2000
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.157.107 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-157-107.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d7788b451c0d9499f2d0b8a308346768ec836a762a89b9fb2f9c7def2b104831

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
77df1fa141507a008f3ae5d32889cb264a9aa74e258de59a52bb426a7e463b58

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
db179ef7d2518293114aa9ca73870cc93a3a30acf2550c6a2becadb7e3d45930

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
mp.4dex.io/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece7623aa37c0f0bebfe0ad5dc5680c6f100d4ffe03932dd4f54d14e6a2b7f17

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-tyo
date
Sat, 21 Oct 2023 12:41:36 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_, Validating the Prebid Request adunits. Invalid placement: _err_quota_
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81999362cca1351d-NRT
expires
0
bid-request
a.teads.tv/hb/ 		16 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.124.13 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-124-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 21 Oct 2023 12:41:36 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDH8PEK
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
eba7374e14d057ede49d73aedc028c94fcc2b80e135bd189094eec9d7fb4d5fb

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 12:41:36 GMT
v1
prg-apac.smartadserver.com/prebid/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.49 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.49 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:35 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.49 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.49 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
imp
g2.gumgum.com/hbid/ 		2 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1697892096435&to=-540&aun=div-gpt-ad-1000000000002-0&pubcid=c6898560-ba59-49ec-8e96-e3136088c515&gpid=%2F4581080%2Fportal_big&maxw=728&maxh=90&si=235527&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnatalie.mu%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.6.0%22%7D&ogu=https%3A%2F%2Fnatalie.mu&ns=10240
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.232.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-232-179.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1697892096436&to=-540&aun=div-gpt-ad-1000000000003-0&pubcid=c6898560-ba59-49ec-8e96-e3136088c515&gpid=%2F4581080%2Fportal_top&maxw=300&maxh=250&si=235528&pi=3&bf=300x250%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnatalie.mu%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.6.0%22%7D&ogu=https%3A%2F%2Fnatalie.mu&ns=10240
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.232.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-232-179.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
bid
ap.lijit.com/rtb/ 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.44 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
3e0b7a713db60eace41ae5b5b07e68c9b875ff88252e93a73c943595a4e71487

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 21 Oct 2023 12:41:37 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://natalie.mu
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=74360&sdktype=0&hb=true&t=json3&transactionid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&sizes=728x90&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_big&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.162 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
62951b1dd8e453027c9f32517272d5ae642de7eeb3913416cc99976bca6d57e4

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=74360&sdktype=0&hb=true&t=json3&transactionid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&sizes=728x90&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_big&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZTPHAMCo8XwAAAIGfQsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40213"}
X-SO-Key
ZTPHAMCo8XwAAAIGfQsAAAAA
X-SO-Upstream-ID
a-ad40213
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40213.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
1100
X-SO-IP
31.204.145.167
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
36
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=74359&sdktype=0&hb=true&t=json3&transactionid=c96e4bee-7039-422a-b0be-df60eca5deb6&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.162 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
e37d820442e75222bbb23f7fcc16a5ce61ab37f2bbe8e694b890359cddd0609f

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=74359&sdktype=0&hb=true&t=json3&transactionid=c96e4bee-7039-422a-b0be-df60eca5deb6&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZTPHAMCo8YMAANWuQJIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40174"}
X-SO-Key
ZTPHAMCo8YMAANWuQJIAAAAA
X-SO-Upstream-ID
a-ad40174
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40174.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
1100
X-SO-IP
31.204.145.167
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
197
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=59977425189&lsavail=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
an-x-request-uuid
df51f7b0-175b-412b-b390-b2cc3f7e72a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.145.167; 31.204.145.167; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55616&cb=48868377717&r=https%3A%2F%2Fnatalie.mu%2F&uid=6298bc6a7b005b9&tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=48868377717&r=https%3A%2F%2Fnatalie.mu%2F&uid=6298bc6a7b005b9&tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&uc=div-gpt-ad-1000000000002-0&tmax=200...
133 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=48868377717&r=https%3A%2F%2Fnatalie.mu%2F&uid=6298bc6a7b005b9&tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
248e18c2d4ecf058a5acea142dd74784bd0af3ed62989cd19f4a7d5b1b78ef7c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
128

Redirect headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Server
nginx
Access-Control-Allow-Origin
https://natalie.mu
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=48868377717&r=https%3A%2F%2Fnatalie.mu%2F&uid=6298bc6a7b005b9&tid=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55617&cb=21142778670&r=https%3A%2F%2Fnatalie.mu%2F&uid=63ab1f771e6824a&tid=c96e4bee-7039-422a-b0be-df60eca5deb6&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=21142778670&r=https%3A%2F%2Fnatalie.mu%2F&uid=63ab1f771e6824a&tid=c96e4bee-7039-422a-b0be-df60eca5deb6&uc=div-gpt-ad-1000000000003-0&tmax=200...
133 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=21142778670&r=https%3A%2F%2Fnatalie.mu%2F&uid=63ab1f771e6824a&tid=c96e4bee-7039-422a-b0be-df60eca5deb6&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e47b16255f2bb243d8b8a71ad1e2de067daba8a037a40454f405d3287fc7fd6d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
128

Redirect headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Server
nginx
Access-Control-Allow-Origin
https://natalie.mu
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=21142778670&r=https%3A%2F%2Fnatalie.mu%2F&uid=63ab1f771e6824a&tid=c96e4bee-7039-422a-b0be-df60eca5deb6&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
sprebid
api.relaido.jp/bid/v1/ 		235 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.relaido.jp/bid/v1/sprebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.149.102.34.bc.googleusercontent.com
Software
/
Resource Hash
ffd77776047b40eb9bc1bff3a7baa2fa4792e6e46250841facc622bf601c3587

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186
prebid
s-rtb-pb.send.microad.jp/ 		47 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=6ade661f795cd101b9cd46de4d19272e&url=https%3A%2F%2Fnatalie.mu%2F&referrer=null&bid_id=67fe3d645f3e5a5&transaction_id=5c11c73e-6a81-4ca3-8cc9-577d60f84f27&media_types=5&cbt=ab6b547aed73e818b524159bb&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%22c6898560-ba59-49ec-8e96-e3136088c515%22%7D%5D
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://natalie.mu
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
prebid
s-rtb-pb.send.microad.jp/ 		47 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=7870280f220bfe542151cb4bc131aa50&url=https%3A%2F%2Fnatalie.mu%2F&referrer=null&bid_id=6803147b11b3927&transaction_id=c96e4bee-7039-422a-b0be-df60eca5deb6&media_types=5&cbt=357fc396ffc1ee018b524159bb&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%22c6898560-ba59-49ec-8e96-e3136088c515%22%7D%5D
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://natalie.mu
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
unruly_prebid
targeting.unrulymedia.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 , Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 , Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-99.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
912b197b2cd25b5d6d321ccdb58a628bc5ede874aaa64afedf4dd848e7473d03

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
.Cso4BZenH4pCWInzPswgkwryI4m3vxb
content-encoding
gzip
via
1.1 82f20c67c51e8887a41d187eaa59b3b0.cloudfront.net (CloudFront)
date
Sat, 21 Oct 2023 12:04:09 GMT
last-modified
Wed, 09 Aug 2023 12:26:05 GMT
server
AmazonS3
x-amz-cf-pop
NRT51-C2
age
2248
x-amz-server-side-encryption
AES256
etag
W/"ced5715e922d665bf16cab7f46531cfe"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=3600
x-amz-cf-id
AT8cabgFCBObvIHdd3wonmkZImP3XiapiX1xvwUvTbrr3NEwBqiE6g==
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45927307-1&cid=306292013.1697892096&jid=960750&gjid=1654854985&_gid=808437681.1697892096&_u=YEBAAAAAAAAAAC~&z=1412877421
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c15::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45927307-2&cid=306292013.1697892096&jid=1061182273&gjid=1939898637&_gid=808437681.1697892096&_u=YEDAAAABAAAAAC~&z=1476639785
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c15::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45927307-15&cid=306292013.1697892096&jid=397736026&gjid=1107561069&_gid=808437681.1697892096&_u=YEDAAEABAAAAACAAI~&z=1342273291
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c15::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-5650bda37f444a1731991a3e3ac49b5a-5d30d35618ad38a7-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
5650bda37f444a1731991a3e3ac49b5a/6715099411144063143
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
last-modified
Fri, 20 Oct 2023 16:18:03 GMT
server
cloudflare
age
0
etag
W/"67e8e96dae06a1f9b3ffb0918bbde23a596265fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
819993630c1de014-NRT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1631922
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciVrb7RmnHclQtFpL5F8bR5y9X7pE5J70YOuc%2F9wiI4M96kfX9PBaUlkbtZXfBXbQ2nHAj8CPs0XlJfFtSOE35BDIjaPDrNTojqmbVRxZy9HJFoausjBw3FZw3lJWB1lTJmB06TwdKvx63k0"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
81999362fd23afe2-NRT
clarity.js
www.clarity.ms/s/0.7.13/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.13/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9fboejhehh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
br
last-modified
Tue, 17 Oct 2023 11:58:02 GMT
etag
W/"0x8DBCF0850CC9F3D"
vary
Accept-Encoding
x-azure-ref
20231021T124136Z-qaz3uxwdh91qh4u0pf2udxc4ds000000019g000000035k3m
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0cc84977-201e-007e-090e-01be9c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-scyWb8RFh9jzDTfS7OBtdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-scyWb8RFh9jzDTfS7OBtdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://natalie.mu
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXj1K1LOKNy7JbgT3ffWC6pegwJFxPOtVUtCGsjgP6M01Dez6aCFUzU5wvRpJIO8hZqqEYGoVMd_AgY7DnONfKPc2hG1dP_oqfUu_fbRvgOgdjTvc0yTinmiv_He5P3tZ4Cq2n_bw==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXj1K1LOKNy7JbgT3ffWC6pegwJFxPOtVUtCGsjgP6M01Dez6aCFUzU5wvRpJIO8hZqqEYGoVMd_AgY7DnONfKPc2hG1dP_oqfUu_fbRvgOgdjTvc0yTinmiv_He5P3tZ4Cq2n_bw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3ODkyMDk2LDQ4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uYXRhbGllLm11LyIsbnVsbCxbWzgsIjFqMGVzTnUwUldBIl0sWzksImVuLVVTIl0sWzcsIjE4Il0sWzExLCJbW10sW10sW11dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20cb5ecbbf1a2fd92522dc0edca65b3a0c4a858d4c45be45f5430dc8a6d6f0d9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AjeVJLlAYT6FKGHOnyoUcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AjeVJLlAYT6FKGHOnyoUcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CAB5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 12:41:36 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Oct 2023 12:41:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 21 Oct 2023 12:41:36 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
supply
events.browsiprod.com/events/v2/ 		0
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=UdNhuGqUI_euQKvKGwzO
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.97.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-97-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:36 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=natalie&url=https%3A%2F%2Fnatalie.mu%2F&bid=UdNhuGqUI_euQKvKGwzO&at=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sw=1600&sh=1200&rp=false
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.116.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-116-10.kix50.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
98719f4116b14fd0f677f6f4ef19e1341d04836b5c33867a00f17aad8f10268d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
via
1.1 471b140bf21b8c2f0f18622f5f2108d6.cloudfront.net (CloudFront)
server
akka-http/10.2.1
x-amz-cf-pop
KIX50-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
x-amz-cf-id
nBnPT_tfbC7Qpoyw95o6tayeiaZ8vGjp-ovg4muN_EA-iT8o1DH4tQ==
wowow_oginogogo_thumb.jpg
ogre.natalie.mu/media/pp/wowow_oginogogo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/wowow_oginogogo/wowow_oginogogo_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
33d7611f4f8e447ce66778c1ca3c47eeddcbf2e1ade5284be58cc4efdaa1b408

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Thu, 19 Oct 2023 09:16:17 GMT
X-Serial
1714
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"741e388d6dea8327a674724d37a46a5f"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6132
Expires
Sun, 22 Oct 2023 00:41:36 GMT
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/music/wowowondemand/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/music/wowowondemand/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fc6698a8265c559b0d6ae12b4ef40f9453eadf4135db0a54fbd34037752747c4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Wed, 16 Aug 2023 01:35:24 GMT
Server
Akamai Image Manager
ETag
"1c2c6b6995edb97c6aa8fab94aa7935e"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
26675
Expires
Sun, 22 Oct 2023 00:41:36 GMT
six-singing-women_X.jpg
ogre.natalie.mu/media/pp/six-singing-women/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/six-singing-women/six-singing-women_X.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a439884088411fa56a79d457e5c8dab284bbd0401c06669573a6ae80dcafe3b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Mon, 16 Oct 2023 00:18:18 GMT
Server
Akamai Image Manager
ETag
"a377f76cff01103273e776047fc1fb94"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
11261
Expires
Sun, 22 Oct 2023 00:41:36 GMT
gnw-anime_thumb.jpg
ogre.natalie.mu/media/pp/gnw-anime/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/gnw-anime/gnw-anime_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
665e03e485e0a9d83ceb67f758d9c7a7c6ac447a0cd6f18a8ddcd7962b800914

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Thu, 05 Oct 2023 08:35:30 GMT
X-Serial
89
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"24dacfb1c0c026f69222af52c60ab947"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
39337
Expires
Sun, 22 Oct 2023 00:41:36 GMT
usync.js
eus.rubiconproject.com/ Frame CAB5 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2aadefee7323482d56b4248ba3656671b2202eab2084b648fdad9473615b8266

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Oct 2023 11:50:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83330
Connection
keep-alive
Content-Length
11097
Expires
Sun, 22 Oct 2023 11:50:26 GMT
collect
r.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://natalie.mu
Date
Sat, 21 Oct 2023 12:41:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-2&cid=306292013.1697892096&jid=1061182273&_u=YEDAAAABAAAAAC~&z=1665174417
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-2&cid=306292013.1697892096&jid=1061182273&_u=YEDAAAABAAAAAC~&z=1665174417
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-15&cid=306292013.1697892096&jid=397736026&_u=YEDAAEABAAAAACAAI~&z=1264085682
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-15&cid=306292013.1697892096&jid=397736026&_u=YEDAAEABAAAAACAAI~&z=1264085682
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-1&cid=306292013.1697892096&jid=960750&_u=YEBAAAAAAAAAAC~&z=1270951162
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-1&cid=306292013.1697892096&jid=960750&_u=YEBAAAAAAAAAAC~&z=1270951162
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202f:3800:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:17:51 GMT
via
1.1 8a22018246b9415310329a166e95e7e2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
NRT51-C4
age
1426
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ANsLm3e8mi52zhWBFSmhcY-vHxzoBkoaRVZ1jpG8X2VKgXREy4SygQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
0VSM4HXS2JH2VW1Y
age
10
x-amz-server-side-encryption
AES256
x-amz-id-2
Fk4TWUR8rJWf5vj3oiXvpta3wKV1/ZPKsaRYkG6w1KOVyyFsYdfd7W0Gkb79c0zoCDCz83Ucsrk=
last-modified
Mon, 16 Oct 2023 11:34:12 GMT
server
cloudflare
etag
W/"e5bbc80dac7ff8597f5b639831f48d87"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
819993640b8b264b-NRT
expires
Sat, 21 Oct 2023 13:41:36 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2138:1400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 00:45:42 GMT
x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Via
1.1 87684a2174eeee359a89721a3d15aa94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
NRT12-C2
Age
42955
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
h9gdM7dqorFzMOJRGa_VSU5oYew6vjVKqlO7kLEA7NcTDLzAQcYOSg==
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
413212
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
819993641c81b015-NRT
expires
Tue, 24 Oct 2023 12:41:36 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:26:53 GMT
content-encoding
gzip
age
238483
x-guploader-uploadid
ADPycdv7A7UlWyYoEyZZoWvQBDDrkDzEu0ZQbVaiQ0BdyzAm2l6Swj2UdrPvIsv9evCEWrLn9kVxK_gwlKfCpKa0zhMjdw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 17 Oct 2024 18:26:53 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 12:41:36 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 21 Oct 2023 12:41:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
39002
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-nrt-rjtf7700055-NRT
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
ebf3461f8f9a81a50b54dba64bc0c99a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-141-41.nrt51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 21:34:19 GMT
content-encoding
gzip
via
1.1 e7c9aa1d394ec7ef1b477421fb6519ce.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT51-C3
age
74371
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
uglll-4Ov8_yRHi9ed1JSqiXm8mIU4SbOUvw-9ccXCSX2Mg1abm-lg==
iu3
s.amazon-adsystem.com/ Frame 00CF
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&dcc=t
321 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b73fd0c664be6aac87da06538b1543f4a6eb5e3a62016250c3b95752ea3103a7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
321
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 21 Oct 2023 12:41:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WFMW6WNSBVC9QYG4NE6G

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 12:41:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZJGSCWK4HQV7AWHFWFQG
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
54f0215c33b6876e32ac0f7d7ae04bc8dc569505e6812ad8abb6247a582c16c6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:36 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Eklc6iRmjARtFAb9qQ0W1hj1Jy4"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 21 Oct 2023 12:41:36 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://natalie.mu
location
/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
neighborscon_thumb.jpg
ogre.natalie.mu/media/pp/neighborscon01/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/neighborscon01/neighborscon_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4349cbfeba2a637b438ab4cdab291ac70ac355a845c1d071736b3455715f5a0f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Thu, 19 Oct 2023 09:15:09 GMT
X-Serial
2030
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"1c9b088f60bf56ce7c09d5673a6dc6c1"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6326
Expires
Sun, 22 Oct 2023 00:41:36 GMT
kamiyamayoh06_thumb.jpg
ogre.natalie.mu/media/pp/kamiyamayoh06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kamiyamayoh06/kamiyamayoh06_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1cecee6431949440f1823b37875da8cbd88c101871f59a0cade8cfee0bb161d9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Mon, 16 Oct 2023 04:36:57 GMT
Server
Akamai Image Manager
ETag
"e479e06515c966586b8a6a0e4fb975f2"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
9212
Expires
Sun, 22 Oct 2023 00:41:36 GMT
04limitedsazabys12_x-2.jpg
ogre.natalie.mu/media/pp/04limitedsazabys12/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/04limitedsazabys12/04limitedsazabys12_x-2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5c8ecd1f028494d0c7a4ec3e47001304bc5cdd0aa207d9a7f116368c5a32b9ab

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Wed, 18 Oct 2023 12:00:12 GMT
X-Serial
759
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"78387e58120af2ee57f4e169e3f8145c"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
36532
Expires
Sun, 22 Oct 2023 00:41:36 GMT
katsushikatrio_thumb.jpg
ogre.natalie.mu/media/pp/katsushikatrio/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/katsushikatrio/katsushikatrio_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f0389470970ef83dea159117db455560a1f3b0d52dcc2fe21e4d7644e36f74a2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Wed, 18 Oct 2023 10:30:10 GMT
Server
Akamai Image Manager
ETag
"4e8e8f684b2ff8ff4eb434a7de52990a"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
18127
Expires
Sun, 22 Oct 2023 00:41:36 GMT
sanoibuki04_thumb.jpg
ogre.natalie.mu/media/pp/sanoibuki04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/sanoibuki04/sanoibuki04_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
20fdbea34430276282a38f46cde2542a88c740db47751e9642f5e4b8ffa632d4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Wed, 18 Oct 2023 09:30:09 GMT
Server
Akamai Image Manager
ETag
"6daea7cfe4c6ce0cd9dd83fd555b1f97"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
16917
Expires
Sun, 22 Oct 2023 00:41:36 GMT
kroi08_x.jpg
ogre.natalie.mu/media/pp/kroi08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kroi08/kroi08_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6366876cf5534f38514cf45937134de620cd89a63dc20f3de56fe02680ab491b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Fri, 13 Oct 2023 04:47:22 GMT
X-Serial
1933
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"7c84b5861f462603d009c716ac28c383"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
10270
Expires
Sun, 22 Oct 2023 00:41:36 GMT
luz_thumnail.jpg
ogre.natalie.mu/media/news/music/2023/1021/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/music/2023/1021/luz_thumnail.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e9a8f8fab377073bf920a6439c90343b9f85ea9b1fcd66dc66e32aac8f40c352

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 10:35:33 GMT
X-Serial
151
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"d50827850379894a5d0b786c070d53d0"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
5358
Expires
Sun, 22 Oct 2023 00:41:36 GMT
nyanko_sanrio1.jpg
ogre.natalie.mu/media/news/comic/2023/1021/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/comic/2023/1021/nyanko_sanrio1.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7d0d01197b092672215ab4f296facd80b983cf8fdc989d67b034c81dc77396f8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:36 GMT
Last-Modified
Sat, 21 Oct 2023 07:01:53 GMT
Server
Akamai Image Manager
ETag
"72b10904146fe91750b7b5b853d3c87c"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
3235
Expires
Sun, 22 Oct 2023 00:41:36 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.171.128 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-171-128.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
112c7c1a60f862909e78f256b83c33edd2f8a1b65bfb6f64842d107abfcb0c07

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://natalie.mu
cache-control
no-cache
x-server
10.42.8.235
access-control-allow-credentials
true
content-length
235
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 1111 		484 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2084e2d0a19a3a1b68077893c687e5342bf1b8451cef15d5e487465dc41cddc6

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
306
content-type
text/html
date
Sat, 21 Oct 2023 12:41:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 1111
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=dbb4106c-ed40-7c1b-ff07-04c74bd2ef44&gdpr=0&gdpr_consent=
date
Sat, 21 Oct 2023 12:41:37 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 1111
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZTPHAMCo8YMAANWuQJIAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZTPHAMCo8YMAANWuQJIAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 21 Oct 2023 12:41:38 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZTPHAMCo8YMAANWuQJIAAAAA","privacy_sensitive":false,"uid":"ZTPHAMCo8YMAANWuQJIAAAAA","upstream_id":"a-ad40214"}
X-SO-Key
ZTPHAMCo8YMAANWuQJIAAAAA
X-SO-Upstream-ID
a-ad40214
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40214.dc2p.scaleout.jp
X-SO-UID
ZTPHAMCo8YMAANWuQJIAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
31.204.145.167
X-SO-Cluster-ID
0
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZTPHAMCo8YMAANWuQJIAAAAA
Cache-Control
private
X-SO-Ads-Time
1212
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 1111
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZiFyLxM7Rwiks8AD7P31LT3lc8AAAGLUkFczg
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZiFyLxM7Rwiks8AD7P31LT3lc8AAAGLUkFczg
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 886a171d4fd47a45f08d1726d75c8f18.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZiFyLxM7Rwiks8AD7P31LT3lc8AAAGLUkFczg
cache-control
no-cache
content-length
0
x-amz-cf-id
a72iYxH5MdPU0nxoDJbtbd-h7oP3PmBWzgiDSvCfooJ_bYSucpxRKQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1111
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjdkYmMzYTYtMjQzNy0yMmJmLWVhZTctNWU3ZTgxMzAyMTI0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjdkYmMzYTYtMjQzNy0yMmJmLWVhZTctNWU3ZTgxMzAyMTI0&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjdkYmMzYTYtMjQzNy0yMmJmLWVhZTctNWU3ZTgxMzAyMTI0&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjdkYmMzYTYtMjQzNy0yMmJmLWVhZTctNWU3ZTgxMzAyMTI0&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1111
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMMo3-0EsXJtnqzCQzqUP6s&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMMo3-0EsXJtnqzCQzqUP6s&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMMo3-0EsXJtnqzCQzqUP6s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame CAB5 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
encrypt
esp.rtbhouse.com/ 		201 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b77904e3e1a97cfc384fb9ee1920b4a7930f9eecc6b2c65368ef6e11c9c7172c

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
50e10de4170ede2fbba28194dec58df4
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1374250731733004&correlator=936752588712797&eid=31077696&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&gdpr=0&iu_parts=4581080%2Cportal_big%2Cportal_top&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250%7C1x1&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697892097417&lmt=1697859697&adxs=602%2C1020&adys=50%2C504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnatalie.mu%2F&vis=1&psz=728x0%7C310x250&msz=728x0%7C310x0&fws=0%2C0&ohw=0%2C0&ga_vid=306292013.1697892096&ga_sid=1697892097&ga_hid=1175173064&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRj1tIWStTFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJANWJiNDA5MjM1NDQ5ZGFiODcwMjZlNjc0YTJjNDQ5NDVhNzAyZTc5ZjMzNGQ4NTFmNGIyOGU5MWIyOGE1OTNlYRiuuYWStTFIABI7CgpwdWJjaWQub3JnEiRjNjg5ODU2MC1iYTU5LTQ5ZWMtOGU5Ni1lMzEzNjA4OGM1MTUYgLWFkrUxSAASGAoJeWFob28uY29tGOm3hZK1MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRj1tIWStTFIAFICCGQSFwoIcnRiaG91c2UY9bSFkrUxSABSAghkEhkKCnVpZGFwaS5jb20Y9bSFkrUxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVEwSm5kazVWVkVoUkszbHNNR04zZGt3dldHTjFVVDA5SW4wPRiTuIWStTFIABIbCgxpZDUtc3luYy5jb20Y9bSFkrUxSABSAghk&dlt=1697892096026&idt=313&prev_scp=amznbid%3D2%26amznp%3D2%26browsiViewability%3DNA%7Camznbid%3D2%26amznp%3D2%26browsiViewability%3DNA&cust_params=genre%3D%26content%3Dhome%26action%3Dindex%26path%3D%252F%26publisher_id%3D366%26flux_test_flag%3Dprd&adks=3139867011%2C1147668949&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eedf8ee29b8230f313d98ce35c699a2d82ce8f04383f09bce180ab11f9326558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13674
x-xss-protection
0
google-lineitem-id
6387510179,6386852611
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138447404424,138448103695
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
773a69a9c6d7145f5d1dbd4db47f256b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://773a69a9c6d7145f5d1dbd4db47f256b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:37 GMT
expires
Sun, 20 Oct 2024 12:41:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
u.4dex.io/ Frame CAB5
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LO0146JA-8-I3VV
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LO0146JA-8-I3VV
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LO0146JA-8-I3VV
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LO0146JA-8-I3VV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-06b7b012fce48542cdd20708f61dc643-63fabd20a9849fd4-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
06b7b012fce48542cdd20708f61dc643/7204278501913173972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
view
securepubads.g.doubleclick.net/pcs/ Frame D684 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjdBPw0_MjBWs0elWYeB7ZKPmOXTBKo6ht3_tTCGkmDFTr2veRM-9mU80wXBKTIDzF6UoiaU_zw9HmZ_lP_RfDl8pD2Nd5VkB45e8TrWnIT7pA4l4PoSBdfsvYNzu1nZnVmSTsRVT3OaCdxUV56rOorfrmqtBRuOtIyHrDvZmSoM90CCe0je28nRIY9RcuvN87PaTTKmwbLOhDwVftHCv2hziDOzkJdj9OHxNCqYN72etGINbVrvAmiutJoVQY1e_Nhh6EEZyIaC7fwYP6O46Xx3qph0yoBYNzlJnT98JlC0GuD5gcjGjQTlUJ&sai=AMfl-YTgF31r2UJK-u8hi_zu9iVz4efy5wVqlA_5v0NqXNIFKAWjnioa51ICFDk92d-4V56Ei8nXESQ1-d4NyFrfB-JnySGlwGeh1ZLAwWPMHwHxUpip1TpHqtK2Ys56Vg&sig=Cg0ArKJSzC73dljbsttfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D684 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44aedbff7c0eb61eb74231c1bc4113c702ea833d1dd7ec27d2a14c3c2cc699e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Origin
https://natalie.mu
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51581
x-xss-protection
0
server
cafe
etag
2608178222509703136
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D684 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_2PqPFdaFl4VMntGPrCgHYMrlrwaYcQ4tw3Q6h2GmensfaU01DPibjNF6x4KFgodE3tLbcY0zORzKSTD3vNknWDd9Afnay52lXxXBcPW4c1KSA5I3qOx9rnZB_CW3WNyrDCAxt5MUmLb9f99-LFrz4gGyHql7gdOdyuojhGhmXSHXgi3pyCusbDPTUJC81xVkzDN4qPB9E2xBv_1TMqRNh5COOOzHke0KcoN0Gaul6udWeGjSermlZtopzT-4TryiNSZQRcv_2nbMnNjOwDNUbo2iYcD444wywJ3sjkkzZ8jhPjUV8jMp0co3&sai=AMfl-YS1ApbgX1MHDzY65npIR6vKXLPTGgxwbktlPMDQ_lxuv0q0XG6swghvZ3nwveAm0Dp-fmbe6QPdJ7bh1AdpJ1vKtIPGQuZF-fJDJriL2JO_iSenuOKC1g7RyjTcvw&sig=Cg0ArKJSzAq1xIqeIx0EEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4B2B 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b943873017fc172045a9104708c2a70998010bdfff88d71f33fa8700f174f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Origin
https://natalie.mu
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51595
x-xss-protection
0
server
cafe
etag
11538574186158053410
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B2B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:37 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0907 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157485
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 21 Oct 2023 12:41:37 GMT
expires
Mon, 23 Oct 2023 08:26:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame CAB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sTLeZCtLCUVwMUCmQiAzkw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XZNfI.VE2oJhSapwDDA_jjBW158O.D6dINP6gw--~A
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XZNfI.VE2oJhSapwDDA_jjBW158O.D6dINP6gw--~A
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XZNfI.VE2oJhSapwDDA_jjBW158O.D6dINP6gw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame CAB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPZuO9_-VJiiOQEjMOH3uU0&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPZuO9_-VJiiOQEjMOH3uU0&google_cver=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPZuO9_-VJiiOQEjMOH3uU0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CAB5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=&expires=30
date
Sat, 21 Oct 2023 12:41:37 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame CAB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE8wMTQ2SkEtOC1JM1ZW
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED5jKiEB_X-nAucLkcDNHh0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE8wMTQ2SkEtOC1JM1ZW&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE8wMTQ2SkEtOC1JM1ZW&google_push=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE8wMTQ2SkEtOC1JM1ZW&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
setuid
px.ads.linkedin.com/ Frame CAB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO0146JA-8-I3VV
0
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO0146JA-8-I3VV
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D0181FC5FF924534B44A24185D800317 Ref B: TYBEDGE0807 Ref C: 2023-10-21T12:41:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIOU9d/nJm0Y/hwijhJA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO0146JA-8-I3VV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CAB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE3ZDkxMzY0Y2RiMWFiNWNiZDU0NTQ5MmFiZmM1ZjhlOGQ2YzA2ZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE3ZDkxMzY0Y2RiMWFiNWNiZDU0NTQ5MmFiZmM1ZjhlOGQ2YzA2ZQ
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE3ZDkxMzY0Y2RiMWFiNWNiZDU0NTQ5MmFiZmM1ZjhlOGQ2YzA2ZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame CAB5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KQ49GM75XZ55D8YK3CD4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CAB5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mQe788UxThuFRj-3NuiAgA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mQe788UxThuFRj-3NuiAgA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mQe788UxThuFRj-3NuiAgA
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J2AT2GBDK2707N0SV3AJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mQe788UxThuFRj-3NuiAgA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CAB5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIub07KZ44AABkhhMTs0Q&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIub07KZ44AABkhhMTs0Q&expires=30
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIub07KZ44AABkhhMTs0Q&expires=30
Date
Sat, 21 Oct 2023 12:41:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame CAB5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LO0146JA-8-I3VV
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LO0146JA-8-I3VV
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LO0146JA-8-I3VV&ckls=true&ci=RZlPIQDMw4&nc=false&trid=470423167
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LO0146JA-8-I3VV&ckls=true&ci=RZlPIQDMw4&nc=false&trid=470423167
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
99.86.199.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-91.nrt51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
via
1.1 34b77cbc168238eeef5c5db82c8ffe9e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
IgR9M5KbLE8RYhAtUyyJ0vfQ2pqWqgNfQBbkl3Jff6Lqo07lkn5Wrg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
via
1.1 34b77cbc168238eeef5c5db82c8ffe9e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LO0146JA-8-I3VV&ckls=true&ci=RZlPIQDMw4&nc=false&trid=470423167
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
xH-L1LnTTUpYhAQJyM9O2sOGjsWvG0OA7_OV7VWCsT5doqWD1thZ2g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame CAB5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LO0146JA-8-I3VV
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LO0146JA-8-I3VV
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
69.175.41.79 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LO0146JA-8-I3VV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
v1
match.sharethrough.com/sync/ Frame CAB5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO0146JA-8-I3VV
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO0146JA-8-I3VV
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
18.139.177.100 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-177-100.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO0146JA-8-I3VV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
cksync
hb.yahoo.net/ Frame CAB5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LO0146JA-8-I3VV&redir=true
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LO0146JA-8-I3VV&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LO0146JA-8-I3VV&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ITlNYWDAxRTJ1SG1IcmI5NmJzeGlBWmEwNTh2V2IuWX5B&ovsid=LO0146JA-8-I3VV&dpid=58160
53 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ITlNYWDAxRTJ1SG1IcmI5NmJzeGlBWmEwNTh2V2IuWX5B&ovsid=LO0146JA-8-I3VV&dpid=58160
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
23.192.45.99 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-192-45-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 21 Oct 2023 12:41:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:39 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1ITlNYWDAxRTJ1SG1IcmI5NmJzeGlBWmEwNTh2V2IuWX5B&ovsid=LO0146JA-8-I3VV&dpid=58160
date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame CAB5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78bcec09-5a68-428f-8d96-9211d6ef7f91&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78bcec09-5a68-428f-8d96-9211d6ef7f91&expires=30
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=78bcec09-5a68-428f-8d96-9211d6ef7f91&expires=30
Date
Sat, 21 Oct 2023 12:41:38 GMT
Connection
keep-alive
X-CI-RTID
eea87618-c43b-4b19-bf09-61001872b7d9
Content-Length
144
Content-Type
text/html; charset=utf-8
pixel
capi.connatix.com/us/ Frame CAB5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LO0146JA-8-I3VV&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LO0146JA-8-I3VV&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://capi.connatix.com/us/pixel?puid=LO0146JA-8-I3VV&pId=11&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame CAB5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LO0146JA-8-I3VV
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LO0146JA-8-I3VV
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LO0146JA-8-I3VV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.777709462157383
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hXx6vXUiFH-mYS2GeKTWWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-hXx6vXUiFH-mYS2GeKTWWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.406286818292384
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-eIGVmlp2i8okpTARklSKpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-eIGVmlp2i8okpTARklSKpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 894F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
33a80cd1c2cc1db3c62751c94760abf86924cd3c7b335bc7a079ac2c5b5bb375
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2803
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 21 Oct 2023 12:41:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5C8E6GFCHTZ7X8GX8807
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
07575b733b04ff991456dac0e2c6ae75f07c03853c6ebf50fbea055fb4cc5186
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3dySwVLBlbgXzuTb6O3Qgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3dySwVLBlbgXzuTb6O3Qgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://natalie.mu
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ Frame D684 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_fy2021.js?bust=31078964
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64efadc328159222f0d7d2f12c26a7eda185e3a6966b398d4195df4f45297c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136799
x-xss-protection
0
server
cafe
etag
2135482482263174065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame D66D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
4634
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 11:24:23 GMT
etag
4569948109300706969
expires
Sat, 04 Nov 2023 11:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D684 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1b550749d5fb763a1b3116d2d3f254b750168b3a1b78aadfc3990144092932c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4B2B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9ddf84afe6dfb0dace6cb175528b1ae3f5919874c2fc43411b3ce07898b0185

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ Frame 4B2B 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b785f5fbd57a42a8bc5df63e3767d33571c6bcc3700b86aeadc0561e9e65b691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136895
x-xss-protection
0
server
cafe
etag
14144742695574791079
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:37 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0907 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34593368&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2612554bef522a9e0fd7d4ccbf001639b64df95600625fbb8f9761dd07d24640

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame D684 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssD8ows9k4nCn73NY3jsAShebC6NjkjuD6lMsHaVXoOsZpOmm8pGCdKtJlp2OIMKkXl5JweWC5m3rZg4yTwZcyUT5k4ULpkCT85uZqGtlWXkYYR_dqZNIV3DiHTB9_ZfC6iDHB8EKI418BD23Ypgz2zab9l3sGde_GEt2A0SgnMvt10unExK1WLCWdlN-hc0v46jcXV1bafsPHi6DKyBl6fwV8OGJWhTB132OSGSTi3PA4SVgXzGGOvUu95WFov2ZM7PgithlTeJwE-sQYMPoR0ZCXD6U2mdAqXHEG_fJ_K6_19mv0eLUyiZtGktnc&sai=AMfl-YRWRvMTpiMArCri4qgyWLWFs2ORfUDXdq1UdqS_Dfa6ic1CkbzkoOt9hzTt17QIFLlh7RAqQqpO324V2BEP-jfhdn7kxlN6sd6HyWHr4nAWhz5luOd76y2k5rT1iw&sig=Cg0ArKJSzAtjpL5PXu6wEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 12:41:38 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame D684 		214 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=natalie.mu&callback=_gfp_s_&client=ca-pub-4296692801820818&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_fy2021.js?bust=31078964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7310718df3f66bf651df22d961c4c2476ee380245607b6676d794699ce22667e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A474 		16 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&adk=1812271804&adf=3279755404&lmt=1697859698&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=4&bdt=143&idt=244&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&nras=1&correlator=4241903809445&frm=23&ife=4&pv=2&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.s1ndxitlj2uo&fsb=1&dtd=277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_fy2021.js?bust=31078964
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
84891b94c7a750b0263ad80582bcddcaca7cb27bf770e3a50d6e3730ffbdb2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
1145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 60C7 		161 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_fy2021.js?bust=31078964
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ab7c5dcbc4e594dafbb9e05221fc0d756e8403669577729e9b98e397e7384a48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
48588
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D684 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_fy2021.js?bust=31078964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ffbdd0e70ce0acdf237e27df0464f5e58b35020ec63e08ecefe607d2e8bf2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12277
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 894F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1697892098262
  • https://ad.turn.com/r/cs?pid=45&rndcb=1010089160
  • https://sync.1rx.io/usersync/turn/3843438667609851527?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-f996afd1-54a8-47b4-bbaa-74ff...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2B7EH1RHHQVKP7JXMKHM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf996afd154a847b4bbaa74ff734537f3004
content-type
text/html
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 894F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://sync.outbrain.com/sync-external?uid=pmrRo4wLvM1jvJsZvswr&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63...
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252F...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG...
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPM...
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3Z...
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Famazon_tam%252F...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG...
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q&p=15268&obUid=Xd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel-us-east.rubiconproject.com/exchange/sync.php?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPLQNVZFE3ZUO5GHMTJRNJ3EU422OZZXO4Q&p=15268&obUid=Xd5cYWg6ihll8NjNKDkMFwDMKpKWhVm4FWeFwscgy-TyYbCyCdyvJ49FlJabCXFR&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Date
Sat, 21 Oct 2023 12:41:40 GMT
Cache-Control
no-cache
X-TraceId
65e090ebf382fb294247297542e6c33e
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 10DE
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=amazontam&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dss.com
  • https://s.amazon-adsystem.com/ecm3?id=ZTPHAMCo8YMAANWuQJIAAAAA&ex=ss.com&status=ok
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=ZTPHAMCo8YMAANWuQJIAAAAA&ex=ss.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JSMSMFFCQ70GG5W1ERB9

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 12:41:38 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=ZTPHAMCo8YMAANWuQJIAAAAA&ex=ss.com&status=ok
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
724
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40214.dc2p.scaleout.jp
X-SO-IP
31.204.145.167
X-SO-Key
ZTPHAMCo8YMAANWuQJIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=amazontam&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dss.com","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZTPHAMCo8YMAANWuQJIAAAAA","privacy_sensitive":false,"uid":"ZTPHAMCo8YMAANWuQJIAAAAA","upstream_id":"a-ad40214"}
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-UID
ZTPHAMCo8YMAANWuQJIAAAAA
X-SO-Upstream-ID
a-ad40214
amzns2s
rtb.gumgum.com/usync/ Frame 7B31 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.232.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-232-179.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a9d0d53e01edded7eaddb6b0c680a19d16c60ac9a8c1263e1c4d73e18e0eecae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 21 Oct 2023 12:41:38 GMT
etag
W/"01703fdaa7009c5e3c6019a185e47bc61"
server
nginx
timing-allow-origin
*
ecm3
s.amazon-adsystem.com/ Frame 5A98
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=$UID&ex=yj.com&
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fid%3D%24UID%26ex%3Dyj.com%26
  • https://s.amazon-adsystem.com/ecm3?id=3889747672840569450&ex=yj.com&
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=3889747672840569450&ex=yj.com&
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FK77HGE91R5TQVAWEFSQ

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
48b3af05-794d-48c6-86aa-62f62d3d5f29
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=3889747672840569450&ex=yj.com&
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
31.204.145.167; 31.204.145.167; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 1C2B
Redirect Chain
  • https://y.one.impact-ad.jp/ul_cb/a9_cs?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dp1.com
  • https://s.amazon-adsystem.com/ecm3?id=30263585-fe1e-4105-9c6c-de647690968d&ex=p1.com&status=ok
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=30263585-fe1e-4105-9c6c-de647690968d&ex=p1.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8H4KEZSTQXF3AQ578PE0

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 12:41:38 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=30263585-fe1e-4105-9c6c-de647690968d&ex=p1.com&status=ok
Server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame 7B7C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270b37ca538b6fd3d87d1f45638e52aa8d3e8ea168044edce7e2ded732576b68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8199936cfad48a60-NRT
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btq8DvZEN8bJdFCYGPgIcCzaIQPcDuPLKgemHbOrAw9V0QI86RypWXB%2FjlFgKqhceXcTV%2FGs%2FXRw7U6D%2BUTKphb3aTq%2Fy3MWGB4aS76PUfSRMUPOglW5PkIhTRZqC7qTFr1MKtgIXH%2FzBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8199936cdaaa8a60-NRT
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGUrwWPEOnBk1hP0XCPAQTtaRmCsXj56v7brexbdQxJOPPvKgZVTyQnYdxY6u5RlGv2mD%2BaWYcGRc8m3TS3bHugw0CJVYCpNGUE0fue1PJQsU%2FL3SILDyfN3hXzgKTjzoEhEDQkz4UzB2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F09 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157484
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Mon, 23 Oct 2023 08:26:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B7AF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 12:41:38 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 322A 		456 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9ed3c9129fff9938552309a1ed5d8af5a8317c6dd4a421fcdd28fb2c461d04e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
281
content-type
text/html
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame A30D
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8243831494846978376&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8243831494846978376&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
V3WCFXC68SW9HG4JP2CE

Redirect headers

content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8243831494846978376&gdpr=0&gdpr_consent=
usync.js
eus.rubiconproject.com/ Frame B7AF 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2aadefee7323482d56b4248ba3656671b2202eab2084b648fdad9473615b8266

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Oct 2023 11:50:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83328
Connection
keep-alive
Content-Length
11097
Expires
Sun, 22 Oct 2023 11:50:26 GMT
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5154921547521339729
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5154921547521339729
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
an-x-request-uuid
7348672d-d0e0-4b90-b3dd-fb774eda9294
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5154921547521339729
x-proxy-origin
31.204.145.167; 31.204.145.167; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=F6Gm8EKjpfEM9vehE6K4phX3rPYM96zyE_IaRy_9
  • https://usersync.gumgum.com/usersync?b=bsw&i=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=0&gdpr_consent=&us_privacy=
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=2c89b41c-c555-444d-987c-142a8382ee02
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=2c89b41c-c555-444d-987c-142a8382ee02
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=2c89b41c-c555-444d-987c-142a8382ee02
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3f709143-10a1-577b-4438-efc7cc5f4758$ip$31.204.145.167
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-3f709143-10a1-577b-4438-efc7cc5f4758$ip$31.204.145.167
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-3f709143-10a1-577b-4438-efc7cc5f4758$ip$31.204.145.167
Date
Sat, 21 Oct 2023 12:41:38 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-aO0lLyxE2pdhu5X3OBvLOQmoGhJ2qShuvKVG~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-aO0lLyxE2pdhu5X3OBvLOQmoGhJ2qShuvKVG~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-aO0lLyxE2pdhu5X3OBvLOQmoGhJ2qShuvKVG~A
content-length
0
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=92e17aae-7a4f-47d2-88cf-efa73a6c9f71
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=92e17aae-7a4f-47d2-88cf-efa73a6c9f71
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=92e17aae-7a4f-47d2-88cf-efa73a6c9f71
Date
Sat, 21 Oct 2023 12:41:38 GMT
Connection
keep-alive
X-CI-RTID
acf46d51-5397-4f22-b16c-0c2d53409c28
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 7B31 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=Nrw5ZMVMNO_6Cm77dTDI
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=Nrw5ZMVMNO_6Cm77dTDI
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=Nrw5ZMVMNO_6Cm77dTDI
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=e1b58547-64f5-465f-a8be-b944b6237477
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=e1b58547-64f5-465f-a8be-b944b6237477
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=e1b58547-64f5-465f-a8be-b944b6237477
access-control-allow-origin
*
date
Sat, 21 Oct 2023 12:41:38 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=wnT0hVUtP019&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=wnT0hVUtP019&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
location
https://usersync.gumgum.com/usersync?b=pln&i=wnT0hVUtP019&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5556fd6f8-78fxh
expires
-1
usersync
usersync.gumgum.com/ Frame 7B31
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3147753743312230826
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3147753743312230826
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3147753743312230826
date
Sat, 21 Oct 2023 12:41:38 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7B31 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XBSF9SE63R5QKNZ6YV1R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame A910
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=2050966909577824490&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=2050966909577824490&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.232.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-232-179.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=2050966909577824490&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 0E15
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZTPHAgAABg4jNAA5
  • https://usersync.gumgum.com/usersync?b=atm&i=ZTPHAgAABg4jNAA5&gdpr=&gdpr_consent=&_test=ZTPHAgAABg4jNAA5
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZTPHAgAABg4jNAA5&gdpr=&gdpr_consent=&_test=ZTPHAgAABg4jNAA5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZTPHAgAABg4jNAA5&gdpr=&gdpr_consent=&_test=ZTPHAgAABg4jNAA5
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700055-NRT
x-timer
S1697892098.254383,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 9587 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8yOWJhZjkxNi1jZTZhLTQwYTYtODIxYS0zZjRkN2U2ZWFhYTg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFDB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157484
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Mon, 23 Oct 2023 08:26:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 97C3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=5a421c59-afe3-4af2-b1d3-0cb476b75117
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=5a421c59-afe3-4af2-b1d3-0cb476b75117
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sat, 21 Oct 2023 12:41:38 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=5a421c59-afe3-4af2-b1d3-0cb476b75117
server
Kestrel
usersync
usersync.gumgum.com/ Frame 0954
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZTPHAMCo8YMAANWuQJIAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZTPHAMCo8YMAANWuQJIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 12:41:38 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZTPHAMCo8YMAANWuQJIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
702
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40214.dc2p.scaleout.jp
X-SO-IP
31.204.145.167
X-SO-Key
ZTPHAMCo8YMAANWuQJIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZTPHAMCo8YMAANWuQJIAAAAA","privacy_sensitive":false,"uid":"ZTPHAMCo8YMAANWuQJIAAAAA","upstream_id":"a-ad40214"}
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-UID
ZTPHAMCo8YMAANWuQJIAAAAA
X-SO-Upstream-ID
a-ad40214
usersync
usersync.gumgum.com/ Frame 302A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=rKPpUx5xZ0xRpEOS0aDb&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=rKPpUx5xZ0xRpEOS0aDb&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT Sat, 21 Oct 2023 12:41:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=rKPpUx5xZ0xRpEOS0aDb&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D5DD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 12:41:38 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame D5DD 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2aadefee7323482d56b4248ba3656671b2202eab2084b648fdad9473615b8266

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Oct 2023 11:50:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83328
Connection
keep-alive
Content-Length
11097
Expires
Sun, 22 Oct 2023 11:50:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D684 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_fy2021.js?bust=31078964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 12:41:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 7B7C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&expiration=1700484098&gdpr=0&gdpr_consent=
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&expiration=1700484098&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmVy8ioEY%2Fj%2FS2fyM9Bc%2BFLj5YPkiIKj3y4c4u1dIVhpEf1BKzBubMpYE0iG0Z9QeEmPhL4Y%2Fr8ZGKw4TiWz5pKc5yNtK4s0lPIjHK0id%2F%2B2pggmwSFvYkSGPoXaX7QeftA550lb%2F3g00A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8199936d2afd8a60-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&expiration=1700484098&gdpr=0&gdpr_consent=
date
Sat, 21 Oct 2023 12:41:38 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 7B7C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTPHAq6QIONP0t0NdR41DgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHQO_09Y-8LOjhkCeG1yLpg&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHQO_09Y-8LOjhkCeG1yLpg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DDo454wn30OhpeYSYe2lFLhl2cLCH0H1DUayJij0V5pQ7NkAByYwAsc9pxwaGrqfd3nYW2oBwU8Crr9Ad7%2BdW5916WMW9c3d4MCNBPHPJVtkVy38TH%2FFf9WgpXgs7T3eTrDDw8N6TXVlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8199936d8850262c-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHQO_09Y-8LOjhkCeG1yLpg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7B7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTPHAq6QIONP0t0NdR41DgAAFTUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBKoaNh3Ck2YYaObj5BG6_w&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBKoaNh3Ck2YYaObj5BG6_w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww9BTCn6WPYdlIkjq%2FdmPCYg%2BlsyBo6%2FUAYbviZnDIbwoQHPF1TSXN%2Fr4i34%2BwDPxR7JWvic6m4YDxiaU7x05T1fdSphXqLzTbw78EvGFx0FCH7oNLBHR00K4dEAfqmBo%2B6xRDBb6gRQxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8199936d884e262c-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBKoaNh3Ck2YYaObj5BG6_w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7B7C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTPHAq6QIONP0t0NdR41DgAAFTUAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DBMSCP8CW3GXX3RA8XHA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 7B7C 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:22e:4f04:b3f9:2e7a:3729:7051 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 7B7C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5538762629735579458&expiration=1699101698
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5538762629735579458&expiration=1699101698
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Fo1BoLlLl3pEXXF7zNvRv%2BAGVE%2FkddpX7V%2F0mZd9W97NDiMQJ4eSI3Ou1ypPbup%2Bodu2E2I%2BwxcA2ezscSIxJokpWcIXwevadn7z8I2vUFlfjkSxom5kFhU6fPWITYH57g6tMjCegpb4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8199936f1a9e262c-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5538762629735579458&expiration=1699101698
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 7B7C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DC5EFBAD13334B4FB0AA82EF17528B9F
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DC5EFBAD13334B4FB0AA82EF17528B9F
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuyUka%2BIOjNEIyNV%2FqRZSOonUBBFFsXJGz%2BzzkMGnxoubyab5XrZbIByj52m7zr5JisIsLsZOSDw6c1ZGGlDSesm9z2fa530DXORq0VfkiQJdFSA3CSw3NXL7i6GXB6Y4vYYeOYbCM8beg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8199936e99df262c-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DC5EFBAD13334B4FB0AA82EF17528B9F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 20 Oct 2023 12:41:38 GMT
crum
dsum-sec.casalemedia.com/ Frame 7B7C
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e961db5238a549d8b46788e2683f9a7d&expiration=1700484098
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e961db5238a549d8b46788e2683f9a7d&expiration=1700484098
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGAdLhfsq0Gnb64Q88YfOYMlHOLsjpqWho9eJ26%2FwV%2B4Kjvk7u7EcRpU5MYo9l8rjVN6OFyA%2BpNMBblePBVxoSCxzpLT4e6BwjxyVKbmYlUnoe8DnLelJGAktPbxCIeE0HYUQhMSpx7cFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8199936d884f262c-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e961db5238a549d8b46788e2683f9a7d&expiration=1700484098
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 7B7C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZTPHAq6QIONP0t0NdR41DgAAFTUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W0P5EPS4BEFANJ8JQFK7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyXcNVmN-ksyJ1j2BCMpVlbdW3doSSmnR2iA8D1T2baClw-TqjMorso0Ir0yHBIxXP1rqHjL_kD3IGtZ4sTDfiCu1lLshScSaZJ-Wat9LlsvfVqV668dCPtf8HTMVM6ljIhr5sZbVJ-MCAI3aW_m4kfRsZXaVz5Czngf-jsUzBmPT_Muf7ey85CfyBtB0NYQSrqWJbxPl7yh7N5Jzw5CURCWmgxz__0lXIDdg8qAUo1snIGe2l9QG2x9IT-yAXYBiCuDXHVsb8Ru8qvqogWtHQvcdx3Oa-sluNvzYW4wKX0y8uWAwTgM81bzuIxJw&sai=AMfl-YSgGcxY9PZBohI6U-mNd7OSxu6mhQhMyYFipjPiePqey7K6VfI0jfPG_bSYXU9BAmcZAIkjHnx9RFDPG4rHRr5Uti9I0tRbyajHjG3hMe6qRC8X_Ky7kDgymE5mbw&sig=Cg0ArKJSzFgZxac-4F4GEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 12:41:38 GMT
ecm3
s.amazon-adsystem.com/ Frame 322A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=83626c11-f1ea-c7e1-3f09-865023e124a4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
26PARA1BQD39ZR2HR6KQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
4f737628-7dec-ee52-ced0-1232b485220d
pr-bh.ybp.yahoo.com/sync/openx/ Frame 322A 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4f737628-7dec-ee52-ced0-1232b485220d?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:259e:d14c:cabb:3cf7 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 322A 		0
0
dds
rtb.openx.net/sync/ Frame 322A
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=BOKaUETGxTUZc0hwmMvV_g==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 322A
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Server
nginx
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Location
http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 322A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookie.js
partner.googleadservices.com/gampad/ Frame 4B2B 		214 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=natalie.mu&callback=_gfp_s_&client=ca-pub-4296692801820818&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e48bea460193cd447a4bbc7ed3f93e3517c119ac70f59dff27439a7afe7e6d1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3FE6 		16 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&adk=1812271804&adf=2751417941&lmt=1697859698&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=3&bdt=220&idt=285&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.sjcqh5rd8omb&fsb=1&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
84891b94c7a750b0263ad80582bcddcaca7cb27bf770e3a50d6e3730ffbdb2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
1145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C608 		106 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
42ddd8c25de53ddae471291211294b71e68ea469ed38a81e8a7c10a22833ecbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
40794
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4B2B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f830fa5d4639f2f4ba907f33104d972b81b66cae90d4631adc172e0eed4f078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12022
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B88B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
13354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 08:59:04 GMT
expires
Sun, 20 Oct 2024 08:59:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4B3B 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0682aaa9b31e6dd0867035e9bf6524abc9d1473f5d0556cd6826483aae2e00a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vrUpgmt4oTZhGVItxuUf4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vrUpgmt4oTZhGVItxuUf4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Sat, 21 Oct 2023 12:41:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4B2B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 12:41:38 GMT
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame B88B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 05:43:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
25114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Oct 2024 05:43:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231017&jk=704225170573443&rc=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B88B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-DfPcw
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-80c639e157ef589afd277e8a4c9d4863-769100f295400136-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
80c639e157ef589afd277e8a4c9d4863/8543611009984626998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D1F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
13354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 08:59:04 GMT
expires
Sun, 20 Oct 2024 08:59:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4F1D 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5871712e179e672db12a6277d268c1988fb485ec278cb6e47bcf3170efcfb440
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qD3_LQJnSzr9dt_Au9yxOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qD3_LQJnSzr9dt_Au9yxOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Sat, 21 Oct 2023 12:41:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame 8D1F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 05:43:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
25114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Oct 2024 05:43:04 GMT
adb.js
fundingchoicesmessages.google.com/f/AGSKWxWtwUwBn2b1QSQZeCIYLm0aWBnFqHdD0FCnG6YOz8OjLV7YQvqCfJI9DiuPYJKYFUjiDpIBaGH583kR9gHyHb7-RgamcKaW3NQpBJ0TQNyJZQ-dLQRhTlV6SSP2_BHOfWK-BeSfRrDD33fegfvJOQCD7KV8j... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWtwUwBn2b1QSQZeCIYLm0aWBnFqHdD0FCnG6YOz8OjLV7YQvqCfJI9DiuPYJKYFUjiDpIBaGH583kR9gHyHb7-RgamcKaW3NQpBJ0TQNyJZQ-dLQRhTlV6SSP2_BHOfWK-BeSfRrDD33fegfvJOQCD7KV8js1xfwTw2RM5YgNOC7Kr8tqWCcqONwwk/_/adp.htm/slider-ad-.ad.wrapper./adb.js?tag=/adtopcenter.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzoWIRReXaIZnFqzvkMFMpjXMko1w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25e1d42c06a31c867bf518ba680133ba6ed8ab463e26c8311591073f9003c0cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hHnc4MCGVMGhxxabCipHgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-hHnc4MCGVMGhxxabCipHgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzoWIRReXaIZnFqzvkMFMpjXMko1w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f2baedcd158862b8b005f419813280e093b9fb2e0ba4f4074c9af30db27c928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 11:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
3204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11366
x-xss-protection
0
server
cafe
etag
3715999647879306108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:48:14 GMT
AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UDBRvu2IYWCfHtkzo2liLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-UDBRvu2IYWCfHtkzo2liLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231017&jk=2568533022925001&rc=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Omg8knaeFO2B0g0PerW9vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-Omg8knaeFO2B0g0PerW9vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8D1F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6_ulVw
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DPOgp5Le2jn3J6nF69tsNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DPOgp5Le2jn3J6nF69tsNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://natalie.mu
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX5qcB59TBoZIl5DrQJzoyLwm3KBeUxIZYSBgkqPfhhgvEwwXWU4W7-B1JkaD_O_T-Ix5vFJRc7DCvu94jHbG2xgXYB02SHWOavkG5zJi-Xj1GKhC-juw0BOIK4iBGkDkbUyjjOhw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DsB6ctRHJcZwPeBAm9vMvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DsB6ctRHJcZwPeBAm9vMvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWnwn8Jx054QUHie0f6Y2XtPmScX6VLEogaQgNdDXSs1vbn5bqwHyRPuCltVBGJxrv3GAicKUNINNs-8paxBiX6s2cLp2dGWS2_01Nlq-sSkYW-mP7XurZVdq1ZO9RJc0SauI9wSA==
fundingchoicesmessages.google.com/f/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWnwn8Jx054QUHie0f6Y2XtPmScX6VLEogaQgNdDXSs1vbn5bqwHyRPuCltVBGJxrv3GAicKUNINNs-8paxBiX6s2cLp2dGWS2_01Nlq-sSkYW-mP7XurZVdq1ZO9RJc0SauI9wSA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3ODkyMDk4LDQyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbmF0YWxpZS5tdS8iLG51bGwsW1s4LCIxajBlc051MFJXQSJdLFs5LCJlbi1VUyJdLFs3LCIxOCJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a898937214010653ff06609b6ea2229a40a0a5f1e75654a56029bf51251769c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_zYj9ISoAIUeOb5gkIqHrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-_zYj9ISoAIUeOb5gkIqHrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 60C7 		900 B
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%94%BA%E3%81%AF%E8%88%97%EF%BD%9E%E5%A4%A7%E5%8F%AF%E5%88%86%E5%AE%850%E9%85%8D%E4%BA%95%E5%8C%BA%E3%83%A7%E3%81%86%E3%81%8F%E3%81%AA%E5%86%85%E3%82%8C%20%E5%B7%9D%E3%81%A8%E3%83%89%E3%83%94%E3%82%B0%E3%82%B7%E5%8F%96%E3%82%8A%E3%82%A4%E9%96%8B2%E3%81%8A%E3%81%93-6%E3%82%AB%E3%81%91%E3%83%83%E5%93%81%E5%BA%973%E3%83%A81%E3%81%97%E3%82%AF%E6%99%82%E3%83%BC%E3%82%8B%E3%83%B3%E5%8F%97%E3%83%88
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33cf0d8d3d87823cb341d0eef288ebdf0a43e99ac967be120474ec26828bf482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 12:41:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Oct 2023 12:41:38 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 60C7 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 06:29:32 GMT
x-content-type-options
nosniff
server
cafe
age
22326
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Sun, 22 Oct 2023 06:29:32 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 12:41:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 60C7 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
35798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:45:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 60C7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
35797
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:45:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 60C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
35796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:45:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9F31 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
35798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:45:00 GMT
etag
48472445140208031
expires
Sun, 22 Oct 2023 02:45:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 60C7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
35797
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:45:01 GMT
l
www.google.com/ads/measurement/ Frame 60C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuEZWPXIi3YplJEifxkFd8RfBY0vSOXwizO-WecNwCSKwMgbyXk12VNXoBAS9h_aAcyWdsITCVzi68HcekzeP-0S7Tbw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60C7 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:38 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 60C7 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 02:45:02 GMT
v2
id5-sync.com/gm/ 		635 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
21e4b7d14ff84f30c0f4b79a9d12720b3df0bc79cf8a33fbfe77a459c9d39660
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
9216095162094444457
tpc.googlesyndication.com/simgad/ Frame 60C7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9216095162094444457?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 17:48:53 GMT
x-content-type-options
nosniff
age
67965
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2592
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 03:39:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Oct 2024 17:48:53 GMT
truncated
/ Frame 60C7 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 60C7 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
3
mweb.ck.inmobi.com/sync/ Frame 9F31 		0
0
pixel
cm.g.doubleclick.net/ Frame 9F31
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEHxKlVa1cTCOnZBbx7Zsf94&google_cver=1&google_push=AXcoOmTWVF2RmxAy5cCBJ6qWHpuYIzh-sheiAKN2uSAbWrhmsfbs9dvRsG0tTGVi_JAsMOZS0OyAthYxdszNzsYOn7mqGNEme1Fh2IY
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVBCM0duVy1DSHVxNVlaWEFzY3paUQ%3D%3D&google_push=AXcoOmTWVF2RmxAy5cCBJ6qWHpuYIzh-sheiAKN2uSAbWrhmsfbs9dvRsG0tTGVi_JAsMOZS0OyAthYxdszNz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVBCM0duVy1DSHVxNVlaWEFzY3paUQ%3D%3D&google_push=AXcoOmTWVF2RmxAy5cCBJ6qWHpuYIzh-sheiAKN2uSAbWrhmsfbs9dvRsG0tTGVi_JAsMOZS0OyAthYxdszNzsYOn7mqGNEme1Fh2IY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 21 Oct 2023 12:41:38 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LVBCM0duVy1DSHVxNVlaWEFzY3paUQ%3D%3D&google_push=AXcoOmTWVF2RmxAy5cCBJ6qWHpuYIzh-sheiAKN2uSAbWrhmsfbs9dvRsG0tTGVi_JAsMOZS0OyAthYxdszNzsYOn7mqGNEme1Fh2IY
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
246
pixel
cm.g.doubleclick.net/ Frame 9F31
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFhTTXYbLGXktlzWbLGwnlQ&google_cver=1&google_push=AXcoOmRyOz-0fUDvMaS2nsWuDfw4S2qfBPqdwXv0D7zN78DcP-yU3oZjUrl-3GSO8XmPGPx_Zn8KEyONTUBp_Ota7AHV...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7926f9f4-50b2-4e62-8f53-7725a99d905e&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRyOz-0fUDvMaS2nsWuDfw4S2qfBPqdwXv0D7zN78DcP-yU3oZjUrl-3GSO8XmPGPx_Zn8KEyONTUBp_Ota7AHVEIBbYi8_8lQ&google_hm=-LMUx-yjQ9GlP3_eIiC2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRyOz-0fUDvMaS2nsWuDfw4S2qfBPqdwXv0D7zN78DcP-yU3oZjUrl-3GSO8XmPGPx_Zn8KEyONTUBp_Ota7AHVEIBbYi8_8lQ&google_hm=-LMUx-yjQ9GlP3_eIiC2Hw==
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRyOz-0fUDvMaS2nsWuDfw4S2qfBPqdwXv0D7zN78DcP-yU3oZjUrl-3GSO8XmPGPx_Zn8KEyONTUBp_Ota7AHVEIBbYi8_8lQ&google_hm=-LMUx-yjQ9GlP3_eIiC2Hw==
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9F31
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEFs32itnScYFBbh34abX08M&google_cver=1&google_push=AXcoOmQXfZv96ZjRNspyN_r5WasMMpLIRd8oYti56QtsljtJaNwDvgSlLTU1uF0qQjjm3aSJBZOji3a_X7smiVO...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTY5NDk5NzE2OTQ&google_push=AXcoOmQXfZv96ZjRNspyN_r5WasMMpLIRd8oYti56QtsljtJaNwDvgSlLTU1uF0qQjjm3aSJBZOji3a_X7smiVOy5gewn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTY5NDk5NzE2OTQ&google_push=AXcoOmQXfZv96ZjRNspyN_r5WasMMpLIRd8oYti56QtsljtJaNwDvgSlLTU1uF0qQjjm3aSJBZOji3a_X7smiVOy5gewnOpI3rQMPQ
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTY5NDk5NzE2OTQ&google_push=AXcoOmQXfZv96ZjRNspyN_r5WasMMpLIRd8oYti56QtsljtJaNwDvgSlLTU1uF0qQjjm3aSJBZOji3a_X7smiVOy5gewnOpI3rQMPQ
Date
Sat, 21 Oct 2023 12:41:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 9F31 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRbi7xSsaUUdnh-qvhaFrmJgnSFEzBW-93JLFKy6GAK7ELVhN_uahyUOO_8qr23E4gIyv4Cy_7_fDKtouNxUBtsEH8EvXLbzZg&google_gid=CAESEL6qFRn9lbdbiN6KSpKUJVQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
209885
expires
Sat, 21 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F31
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEI3D_hfhUb1rTW7gSGeX5LE&google_cver=1&google_push=AXcoOmTqgnSaXR3N5MiDnjalzw46yeEpPwAa61HI1EZov7OHD0vuQ5nqX-Bi0O9o6VhYXdHS4ul_pijtlEXEezIeV...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTqgnSaXR3N5MiDnjalzw46yeEpPwAa61HI1EZov7OHD0vuQ5nqX-Bi0O9o6VhYXdHS4ul_pijtlEXEezIeVOmDFSMx0ZzWwIY&google_hm=Ae9N31IpUEe2jD7sU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTqgnSaXR3N5MiDnjalzw46yeEpPwAa61HI1EZov7OHD0vuQ5nqX-Bi0O9o6VhYXdHS4ul_pijtlEXEezIeVOmDFSMx0ZzWwIY&google_hm=Ae9N31IpUEe2jD7sUlrauO8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmTqgnSaXR3N5MiDnjalzw46yeEpPwAa61HI1EZov7OHD0vuQ5nqX-Bi0O9o6VhYXdHS4ul_pijtlEXEezIeVOmDFSMx0ZzWwIY&google_hm=Ae9N31IpUEe2jD7sUlrauO8
Date
Sat, 21 Oct 2023 12:41:38 GMT
Server
Apache
Connection
keep-alive
Content-Length
234
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 9F31
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEOlqqktukoMs5SuGU1vrlxw&google_cver=1&google_push=AXcoOmR-xnD7T4V52pHZEH-omjKloRhcMHZc_dSb86otw7qNPPK4ZkRwrdMz6B_ZtkX...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-xnD7T4V52pHZEH-omjKloRhcMHZc_dSb86otw7qNPPK4ZkRwrdMz6B_ZtkXuWJLYlFdch4nIPxiVCFDsaKHkvnVMWoQN57eZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-xnD7T4V52pHZEH-omjKloRhcMHZc_dSb86otw7qNPPK4ZkRwrdMz6B_ZtkXuWJLYlFdch4nIPxiVCFDsaKHkvnVMWoQN57eZ
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
10a52c15.fae674d
date
Sat, 21 Oct 2023 12:41:38 GMT
x-bytefaas-request-id
20231021124138CF92E121D9FE6D352B60
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-61-252-36.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time
169,23.61.252.36
server-timing
cdn-cache; desc=MISS, edge; dur=160, origin; dur=9, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231021124138CF92E121D9FE6D352B60
x-cache-remote
TCP_MISS from a23-32-17-20.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-xnD7T4V52pHZEH-omjKloRhcMHZc_dSb86otw7qNPPK4ZkRwrdMz6B_ZtkXuWJLYlFdch4nIPxiVCFDsaKHkvnVMWoQN57eZ
x-bytefaas-execution-duration
3.82
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01126bcd55d9104511b0a49f52feed1d8a69ebaadaec70f7ad8f9609213ce1a5f37d9c878b4c6eb4a63a1ed5acb4b06294ad9a405068b193f078c1fe1ceafccd3bffda01608371e2c7bd7d99cf254c9bd91d707a3414b7daff580efdcbcb9206cae6a12476b1f91d9f41d13c843f343fd1
x-origin-response-time
9,23.32.17.20
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 21 Oct 2023 12:41:38 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9F31 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jm-alMCNBtX04H02aRCQszvrtt2_j9YKWzNKhXtJ6vKOupElVorPq3EGbpU2_0FByQPoZRtQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 60C7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f3adb21eca94d4aef0fc05586a1d0a0473fd66058a369c7f01af3b6c1502bd8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 06A7
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
13 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.138 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
13
content-type
text/html
date
Sat, 21 Oct 2023 12:41:38 GMT
server
openresty
x-sid
SIN-721

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sat, 21 Oct 2023 12:41:38 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-721
AGSKWxUK8wig-Lgwrr2QsQ7lBzWTCClmYDoFpEOzjEX54CnZLBH5g_nN7hazV06RqToa9kRNh8_1pYPvn7hLHpHIKy-zSef-RjeE5mnptCsKzvRmtTWEP9_cvr1EsmdDN1TF4sVsZVYeBA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUK8wig-Lgwrr2QsQ7lBzWTCClmYDoFpEOzjEX54CnZLBH5g_nN7hazV06RqToa9kRNh8_1pYPvn7hLHpHIKy-zSef-RjeE5mnptCsKzvRmtTWEP9_cvr1EsmdDN1TF4sVsZVYeBA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3ODkyMDk4LDU2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9uYXRhbGllLm11LyIsbnVsbCxbWzgsIjFqMGVzTnUwUldBIl0sWzksImVuLVVTIl0sWzcsIjE4Il0sWzExLCJbW10sW10sW11dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88f97c6086525f7576f2a097c43cf6037f3e80d103c50cd1fadb533aa74d1f00
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UEjH_4YKMY3ppUsMYNyRmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UEjH_4YKMY3ppUsMYNyRmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 60C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C37LMAsczZdiSA4WWvcAP7L2c2AuYpZ3Vc9bG7rnbEWQQASCU8a4GYInzxYT0E6ABvNymmCjIAQmpAjubfuHsqDw-qAMByAPLBKoE8AFP0Gtjn0HJpqSLNnyIoUBucJD6rRoCH2AvDlhxbJM...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd96b60221742914a0000000000000000%22,%222%22:%220x1c07b34298eb47660000000000000000%22,%223%22:%220xb0493a...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd96b60221742914a0000000000000000%22,%222%22:%220x1c07b34298eb47660000000000000000%22,%223%22:%220xb0493aba1c93d3570000000000000000%22,%224%22:%220xdc923a80bc1adaad0000000000000000%22,%225%22:%220x4a2525845e5f20610000000000000000%22},%22debug_key%22:%224012006514250802129%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215524206774512279633%22}&andc=true
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:39 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd96b60221742914a0000000000000000","2":"0x1c07b34298eb47660000000000000000","3":"0xb0493aba1c93d3570000000000000000","4":"0xdc923a80bc1adaad0000000000000000","5":"0x4a2525845e5f20610000000000000000"},"debug_key":"4012006514250802129","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["10-21"],"6":["true"]},"priority":"500","source_event_id":"15524206774512279633"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 12:41:39 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 21 Oct 2023 12:41:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd96b60221742914a0000000000000000","2":"0x1c07b34298eb47660000000000000000","3":"0xb0493aba1c93d3570000000000000000","4":"0xdc923a80bc1adaad0000000000000000","5":"0x4a2525845e5f20610000000000000000"},"debug_key":"4012006514250802129","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["10-21"],"6":["true"]},"priority":"500","source_event_id":"15524206774512279633"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
font
fonts.gstatic.com/l/ Frame 60C7 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq403dIt9snJ--DTh0RVz7cOU904C6FxDauoc7z3f-tfO_DRlaPjieFP_WIi3CL1Dkgz-RLL01ROgAkmKpx_s7Abf9Av88Yw0Cs0wAEwLMex0atg7FpnsNk-s0JY3IzMJofpbou59WRPhdAnRggb0cHgqRine8rM56qoIUNeOP_Y612l_UJvRYPFxpAKE_5pRgmk5smn-yP0CfhyuqPOD25OzgoTyT5_3hGZLnjGDnXR-qNPhM&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%94%BA%E3%81%AF%E8%88%97%EF%BD%9E%E5%A4%A7%E5%8F%AF%E5%88%86%E5%AE%850%E9%85%8D%E4%BA%95%E5%8C%BA%E3%83%A7%E3%81%86%E3%81%8F%E3%81%AA%E5%86%85%E3%82%8C%20%E5%B7%9D%E3%81%A8%E3%83%89%E3%83%94%E3%82%B0%E3%82%B7%E5%8F%96%E3%82%8A%E3%82%A4%E9%96%8B2%E3%81%8A%E3%81%93-6%E3%82%AB%E3%81%91%E3%83%83%E5%93%81%E5%BA%973%E3%83%A81%E3%81%97%E3%82%AF%E6%99%82%E3%83%BC%E3%82%8B%E3%83%B3%E5%8F%97%E3%83%88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bb543d9f92a02b07043a85b973a870064de7620f9b928be7febd92fabdaf928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:19:53 GMT
x-content-type-options
nosniff
age
40905
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27964
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Sat, 21 Oct 2023 01:19:53 GMT
khaos.json
token.rubiconproject.com/ Frame B7AF 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LO0146JA-8-I3VV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 12:41:38 GMT
khaos.json
token.rubiconproject.com/ Frame D5DD 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LO0146JA-8-I3VV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd96b60221742914a0000000000000000%22,%222%22:%220x1c07b34298eb47660000000000000000%22,%223%22:%220xb0493aba1c93d3570000000000000000%22,%224%22:%220xdc923a80bc1adaad0000000000000000%22,%225%22:%220x4a2525845e5f20610000000000000000%22},%22debug_key%22:%224012006514250802129%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215524206774512279633%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
pagead2.googlesyndication.com/bg/ Frame C77F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=90&slotname=1531161447&adk=1649404926&adf=3173046723&pi=t.ma~as.1531161447&w=728&lmt=1697859698&format=728x90&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097734&bpp=1&bdt=144&idt=251&shv=r20231017&mjsv=m202310170101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1852322216&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=602&ady=50&biw=1600&bih=1200&isw=728&ish=90&ifk=3585867704&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805920%2C44805931%2C31078297%2C31078964%2C44803793&oid=2&pvsid=704225170573443&tmod=335914977&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.9a35kbdn7ni4&fsb=1&dtd=282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 20:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
318639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14583
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 20:10:59 GMT
14727170804498542058
tpc.googlesyndication.com/simgad/ Frame C608 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14727170804498542058
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ead519981d97d5f71e6747fab1c14c04b17e6cecd690d4b600e506a9445a7c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 05:41:18 GMT
x-content-type-options
nosniff
age
25220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125464
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 01:45:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 20 Oct 2024 05:41:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame C608 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
35797
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:45:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C608 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
35796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:45:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C608 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
35797
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 02:45:01 GMT
l
www.google.com/ads/measurement/ Frame C608 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0y7bG1zgk2zNlLwCmMrtRrSIWaDbHzlKQCPZcTynfyDWUboXBjzR7JWqda8sNPupheisFqVDXAdAROKjVrf6AZYed_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C608 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:41:38 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C608 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73e3191e8775f3d00119696caa79759b2ae87b5bf058bf6a66b626eb04580244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:38:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
39777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14188
x-xss-protection
0
server
cafe
etag
9007259302920372400
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 01:38:41 GMT
ecm3
s.amazon-adsystem.com/ Frame B7AF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LO0146JA-8-I3VV
  • https://s.amazon-adsystem.com/ecm3?id=LO0146JA-8-I3VV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LO0146JA-8-I3VV&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_ox-db5_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2HKKZBAV1GDRNC62YYVC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LO0146JA-8-I3VV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
usersync
usersync.gumgum.com/ Frame D5DD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LO0146JA-8-I3VV
  • https://usersync.gumgum.com/usersync?b=mag&i=LO0146JA-8-I3VV
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LO0146JA-8-I3VV
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LO0146JA-8-I3VV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 209C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
2695
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 11:56:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 32D3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
35798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:45:00 GMT
etag
48472445140208031
expires
Sun, 22 Oct 2023 02:45:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVNQRI0BCB5OxyZ3V2Lx9vPxeFaPAwcHLDT5iPbpv3mdOniO3K6K788Bb6Ct9q3y-6Bh0CLwPNjN3lnUfLxY4OHjq-7-yseGa0i5WrpZOF639kjRAaigfJkb_yCpKjNrnk-QXG9NA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVNQRI0BCB5OxyZ3V2Lx9vPxeFaPAwcHLDT5iPbpv3mdOniO3K6K788Bb6Ct9q3y-6Bh0CLwPNjN3lnUfLxY4OHjq-7-yseGa0i5WrpZOF639kjRAaigfJkb_yCpKjNrnk-QXG9NA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.1j0esNu0RWA.es5.O/am=gAE/d=1/rs=AJlcJMx_-2Gi72uxExQRO9AUXKjJRXIGGQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IG_07inMITkxBXOtFhUTmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-IG_07inMITkxBXOtFhUTmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 32D3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA1hf2eI1oMoD5tL75MPtk0&google_cver=1&google_push=AXcoOmRugT2TW_bP_fel-hOBxlclXxZkKXAwQg6kb-KvOTa8Di_vBCtbdFxIcr3EgQTvCoho6ON1N3McyaSw9XoffYnAevQ0uehVZcc
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0MzQzODY2NzYwOTg1MTUyNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1hf2eI1oMoD5tL75MPtk0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1hf2eI1oMoD5tL75MPtk0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H2
Server
2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA1hf2eI1oMoD5tL75MPtk0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPK_TUTwwEP9YKP49N0hw8Y&google_cver=1&google_push=AXcoOmT2fF3wsgzDK4dSCvH0cp1U49WcGT5b2GWtmYl8zThac4gZOSA...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5386e1e262ef22a9&is_secure=true&networkId=14000&version=1&google_gid=CAESEPK_TUTwwEP9YKP49N0hw8Y&google_cver=1&google_push=AXcoOmT2fF3w...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMQW1jDsUtpwNuuIEWAAAAAAA&expiration=1697978499&google_cver=1&is_secure=true&google_gid=CAESEPK_TUTwwEP9YKP49N0hw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMQW1jDsUtpwNuuIEWAAAAAAA&expiration=1697978499&google_cver=1&is_secure=true&google_gid=CAESEPK_TUTwwEP9YKP49N0hw8Y&google_push=AXcoOmT2fF3wsgzDK4dSCvH0cp1U49WcGT5b2GWtmYl8zThac4gZOSAdKD4xxgMlwfKAi3puvfHER_Pm01kaSwAaQgEDO_4LqlrWW4YU
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMQW1jDsUtpwNuuIEWAAAAAAA&expiration=1697978499&google_cver=1&is_secure=true&google_gid=CAESEPK_TUTwwEP9YKP49N0hw8Y&google_push=AXcoOmT2fF3wsgzDK4dSCvH0cp1U49WcGT5b2GWtmYl8zThac4gZOSAdKD4xxgMlwfKAi3puvfHER_Pm01kaSwAaQgEDO_4LqlrWW4YU
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame 32D3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEP6SKNEPGtHjS3Z24zg0jZA&google_cver=1&google_push=AXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP6SKNEPGtHjS3Z24zg0jZA&google_cver=1&google_push=AXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wv...
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP6SKNEPGtHjS3Z24zg0jZA&google_cver=1&google_push=AXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
819993721d82e06e-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3355
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEP6SKNEPGtHjS3Z24zg0jZA&google_cver=1&google_push=AXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSlJHZHmiHLwdDLYkYhkOZ27FLnJdfSgYzqlh2l1ozYZ8m9vM9ZVyjJmv_8KnEn7pgZleqHg19ZtqqAOEKYoEmwk4-u0wvUj1w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
819993711bc8e06e-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIMwBznxvMSeM3e_h7cjudU&google_cver=1&google_push=AXcoOmSTHgVTOCKNa5I8r0mzDbas6K7KoFjjx3P6tToN7butXHgT_DhNMIko5peH6iROk5g0l8pjY...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSTHgVTOCKNa5I8r0mzDbas6K7KoFjjx3P6tToN7butXHgT_DhNMIko5peH6iROk5g0l8pjYXcAYaR4KZS08YNpH6L7tIt2psmN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSTHgVTOCKNa5I8r0mzDbas6K7KoFjjx3P6tToN7butXHgT_DhNMIko5peH6iROk5g0l8pjYXcAYaR4KZS08YNpH6L7tIt2psmN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 21 Oct 2023 12:41:38 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5CFD368754EB4F288D66EFE395C97EDF Ref B: TYBEDGE0807 Ref C: 2023-10-21T12:41:38Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSTHgVTOCKNa5I8r0mzDbas6K7KoFjjx3P6tToN7butXHgT_DhNMIko5peH6iROk5g0l8pjYXcAYaR4KZS08YNpH6L7tIt2psmN
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIOU9qNaVwRIk28fugHQ==
pixel
cm.g.doubleclick.net/ Frame 32D3
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEBoD_oYHe0zJT5E-O9K1tck&google_cver=1&google_push=AXcoOmSDHq4ACbFctuefV9vcQyKACPs0v8ETl0b8CKwTsd9uvs_KePZJp1ryQzM_5XJ1zJwGC1DAMFhJ0F64Kl32EfXI9YKvTRww3zcG
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUVCNDk5MzVDNzMwQTE4NA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUVCNDk5MzVDNzMwQTE4NA==
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUVCNDk5MzVDNzMwQTE4NA==
date
Sat, 21 Oct 2023 12:41:39 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
usersync.aspx
dis.criteo.com/dis/ Frame 32D3 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQLpzFVDeEKcUbQr079Y5PmafvgzgjnGz1QiELLgoKd47fksQV5mmEY6B4xxIUw3pgnH5PXF1hyMwgVdSpPFIrJ0T4hlycSS6qN&google_gid=CAESEL6qFRn9lbdbiN6KSpKUJVQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
221696
expires
Sat, 21 Oct 2023 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 32D3
Redirect Chain
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEN29KbbT-fXvYYjFk8DKSF0&google_cver=1&google_push=AXcoOmTumRDC9ilhlQ2_ff6N6_092_IFqDB-so25kNTX3o7qlFEtbZnU0yeBTQ5DnJlwMrs_UmxZd7DiTRLvRWzKKknM...
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEN29KbbT-fXvYYjFk8DKSF0&google_cver=1&google_push=AXcoOmTumRDC9ilhlQ2_ff6N6_092_IFqDB-so25kNTX3o7qlFEtbZnU0yeBTQ5DnJlwMrs_UmxZd7DiTRLvRWzKKknM...
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGU2ZWVmYWJjYmE2YzA4&google_push=AXcoOmTumRDC9ilhlQ2_ff6N6_092_IFqDB-so25kNTX3o7qlFEtbZnU0yeBTQ5DnJlwMrs_UmxZd7DiTRLvRWzKKknMSqgg2...
  • https://sync.gonet-ads.com/match/google
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGU2ZWVmYWJjYmE2YzA4&google_push=
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
2404:6800:4004:824::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 18:57:53 GMT
x-content-type-options
nosniff
age
63827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Oct 2023 18:57:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 32D3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jvqxwv9iVnFgzdv4-zUXOL4x-efApuoJWhnxny2GVcii-AuWJWL8Ise3u-czm6nyM26hiGQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 209C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:39 GMT
expires
Sat, 21 Oct 2023 12:41:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C608 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8448f1812b530b0f242051d7ea00e75e1900a0bf5cfa6b74726f0bd65b9f2393

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame C608
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQratAsczZY7HCpfAvcAP-uKsuAzf3JS1c4jR3PejEojMkd2VHBABIJTxrgZgifPFhPQToAGsh6aDA8gBA6kCO5t-4eyoPD6oAwHIA8kEqgTrAU_Q6VexuewqgCr3kMGdx3W40ufsRExiLs7...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd6fa8bea4cdfaa7f0000000000000000%22,%222%22:%220x4952791103a4ec450000000000000000%22,%223%22:%220xfdc33f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd6fa8bea4cdfaa7f0000000000000000%22,%222%22:%220x4952791103a4ec450000000000000000%22,%223%22:%220xfdc33f7220f028f10000000000000000%22,%224%22:%220x35952aa84fe3aa4c0000000000000000%22,%225%22:%220x9a8da60ed9c905bf0000000000000000%22},%22debug_key%22:%229324632885379204651%22,%22debug_reporting%22:true,%22destination%22:%22https://comic-walker.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22812221356%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211179406741342742849%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:39 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd6fa8bea4cdfaa7f0000000000000000","2":"0x4952791103a4ec450000000000000000","3":"0xfdc33f7220f028f10000000000000000","4":"0x35952aa84fe3aa4c0000000000000000","5":"0x9a8da60ed9c905bf0000000000000000"},"debug_key":"9324632885379204651","debug_reporting":true,"destination":"https://comic-walker.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["812221356"],"4":["10-21"],"6":["true"]},"priority":"500","source_event_id":"11179406741342742849"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 21 Oct 2023 12:41:39 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 21 Oct 2023 12:41:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd6fa8bea4cdfaa7f0000000000000000","2":"0x4952791103a4ec450000000000000000","3":"0xfdc33f7220f028f10000000000000000","4":"0x35952aa84fe3aa4c0000000000000000","5":"0x9a8da60ed9c905bf0000000000000000"},"debug_key":"9324632885379204651","debug_reporting":true,"destination":"https://comic-walker.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["812221356"],"4":["10-21"],"6":["true"]},"priority":"500","source_event_id":"11179406741342742849"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3F95
Redirect Chain
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AZeHHCUI7285ks8AD7P31LT3lc8AAAGLUkFjYg
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AZeHHCUI7285ks8AD7P31LT3lc8AAAGLUkFjYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:22:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AZeHHCUI7285ks8AD7P31LT3lc8AAAGLUkFjYg
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma
no-cache
server
Logicad
via
1.1 886a171d4fd47a45f08d1726d75c8f18.cloudfront.net (CloudFront)
x-amz-cf-id
1Y6FNIFl9ja0Ae4L-EKUgZ7RfWSQE-UpXgUNjY7PXEaGIFAlVaDroQ==
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
Pug
simage2.pubmatic.com/AdServer/ Frame AD1A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f8b314c7-eca3-43d1-a53f-7fde2220b61f
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f8b314c7-eca3-43d1-a53f-7fde2220b61f
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=39d3c750-c343-4dbc-841e-7117bbc97dd7&user_group=1&ssp=pubmatic&bsw_param=f8b314c7-eca3-43d1-a53f-7fde2220b61f
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:41:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 12:41:39 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 4CD2
Redirect Chain
  • https://ds.uncn.jp/pm/0/sync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:17:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
170
Content-Type
text/html; charset=utf-8
Date
Sat, 21 Oct 2023 12:41:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef
Server
Apache
usersync.aspx
dis.criteo.com/dis/ Frame DCCE 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 12:41:37 GMT
expires
Sat, 21 Oct 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
254960
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 2F29
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 11:38:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 95A4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5154921547521339729&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5154921547521339729&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:16:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7ff2d152-0113-4242-b5a0-a46a83da1119
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5154921547521339729&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
31.204.145.167; 31.204.145.167; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 40A0 		0
0
pxd
dps.jp.cinarra.com/ Frame E1C0 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.183.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-183-0.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 8C81 		85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700055-NRT
x-timer
S1697892099.814117,VS0,VE166
Pug
image2.pubmatic.com/AdServer/ Frame 08B3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-PB3GnW-CHuq5YZXAsczZQ
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-PB3GnW-CHuq5YZXAsczZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:22:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:41:39 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-PB3GnW-CHuq5YZXAsczZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 478E 		43 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 55A5
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=e961db5238a549d8b46788e2683f9a7d
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=e961db5238a549d8b46788e2683f9a7d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:22:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=e961db5238a549d8b46788e2683f9a7d
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame D750
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=P3CRQxChV3tEOO_HzF9HWB_Mkac&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=P3CRQxChV3tEOO_HzF9HWB_Mkac&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:22:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 21 Oct 2023 12:41:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=P3CRQxChV3tEOO_HzF9HWB_Mkac&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame D8B6 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 997E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf1dca041ebd84a6d8e2354fcada8f8ff
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf1dca041ebd84a6d8e2354fcada8f8ff
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 12:41:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf1dca041ebd84a6d8e2354fcada8f8ff
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 6CF6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 10:16:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 21 Oct 2023 12:41:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame FA28
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rdNEECL61QUbir5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rdNEECL61QUbir5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:22:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 12:41:39 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rdNEECL61QUbir5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-03fd7d1aa7a80ccdf@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B0C1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC5EFBAD13334B4FB0AA82EF17528B9F&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC5EFBAD13334B4FB0AA82EF17528B9F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 10:17:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
Fri, 20 Oct 2023 12:41:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:DC5EFBAD13334B4FB0AA82EF17528B9F&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame 32BF
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245967042705005
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245967042705005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:16:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 21 Oct 2023 12:41:39 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245967042705005
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
setuid
u.4dex.io/ Frame A560 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 21 Oct 2023 12:41:38 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0907
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ah_gj3guQJW-8CXCb_avVg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=157484
accept-ranges
bytes
content-length
5606
expires
Mon, 23 Oct 2023 08:26:22 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 0907
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1ab472d1-5f7c-4937-947f-96702413600e%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=1ab472d1-5f7c-4937-947f-96702413600e%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=1ab472d1-5f7c-4937-947f-96702413600e%2C%2C
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttd_puid=1ab472d1-5f7c-4937-947f-96702413600e%2C%2C
date
Sat, 21 Oct 2023 12:41:39 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 0907 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.105.172 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-105-172.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.12.127
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 0907
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:34 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:34 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkExRkUwOEYtNzgyRS00MDk1LUJFRjAtMjVDMjZGRjZBRjU2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:16:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKFjjMCCHx2E7r1FT6fy9qw&google_cver=1
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKFjjMCCHx2E7r1FT6fy9qw&google_cver=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 12:41:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKFjjMCCHx2E7r1FT6fy9qw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0907 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 20 Oct 2023 12:41:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZTPHAMCo8YMAANWuQJIAAAAA
42 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZTPHAMCo8YMAANWuQJIAAAAA
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:22:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 21 Oct 2023 12:41:39 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZTPHAMCo8YMAANWuQJIAAAAA","privacy_sensitive":false,"uid":"ZTPHAMCo8YMAANWuQJIAAAAA","upstream_id":"a-ad40214"}
X-SO-Key
ZTPHAMCo8YMAANWuQJIAAAAA
X-SO-Upstream-ID
a-ad40214
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40214.dc2p.scaleout.jp
X-SO-UID
ZTPHAMCo8YMAANWuQJIAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
31.204.145.167
X-SO-Cluster-ID
0
Server
nginx
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZTPHAMCo8YMAANWuQJIAAAAA
Cache-Control
private
X-SO-Ads-Time
319
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
Pug
simage2.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=
42 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 11:38:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5a421c59-afe3-4af2-b1d3-0cb476b75117&gdpr=0&gdpr_consent=
date
Sat, 21 Oct 2023 12:41:38 GMT
server
Kestrel
content-length
355
Pug
simage2.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5538762629735579458
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5538762629735579458
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 12:41:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5538762629735579458
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
6A1FE08F-782E-4095-BEF0-25C26FF6AF56
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0907 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6A1FE08F-782E-4095-BEF0-25C26FF6AF56?gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:259e:d14c:cabb:3cf7 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L6QtLKdE2uVfJfgoDp4WtrfHbl8wUek-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L6QtLKdE2uVfJfgoDp4WtrfHbl8wUek-~A&gdpr=0
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L6QtLKdE2uVfJfgoDp4WtrfHbl8wUek-~A&gdpr=0
date
Sat, 21 Oct 2023 12:41:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
1 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 10:16:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3843438667609851527&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0907
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=77869304d4e4227f&is_secure=true&networkId=17100&version=1&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQW1jDsUttAMYORXJAAAAAAA&expiration=1697978499&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&...
42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQW1jDsUttAMYORXJAAAAAAA&expiration=1697978499&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 10:17:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQW1jDsUttAMYORXJAAAAAAA&expiration=1697978499&nuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D684 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231017&jk=704225170573443&bg=!3d6l3pHNAAbDUgby41I7ADQBe5WfOI29_5K8aCxCQxrw5a3SVfP3AA60mRS5-iUIA61VIc1Z_M3Ci6Bvs_CRJ3Z2necPAgAAAFlSAAAAAmgBB5kCu_mI_t0S_dPyXqJCpDQn1UMPVwLduuFmNUgrNnnLyVIMQfcW2KWdD4I-qkRwjMBEp0PNtqXw-xYFYTNeMldh7k2YuTAmUfpZhyUjgxUFgtO20epmwy4BR8RO7rEaSkXQUpKuB9-IWXKwIHoMQzV50SM-fKtXG0zLl7x_nPYVL_xtK5MbV0Ty52jfBa_mxb9iQUV4iTW_J6qscXMuGjsbvXzSJ3lsPPM7om2LahFuHEYmKblyyjp3ZDC5SZUk3YOKqQjVKH1jN8C1VKOBfv3mmyDjtl_qNGLi1zwoKscTvBQS2oLe2EdrgIUjIdMSDvYAYqkbWcXEvc-_h2DYzIEQ5vv_57LD62NHmFEE70k-hsp-knogzg2FZUviI5Dvt60sky3eZvZ6VoauLxDNxz-v5MPHs7RHhXbvv9Oce7Ikp0i3sTBe1ZDCi_IgSRkBlZNYvsIeokVGk_Rt_OHnB12R11vRa8FbovUAO3CbQRb7wJzq6IDTZStQqtVpLL6wZkSTmISNWRRxv1bSm4C39NhwLvg2G2vCQaAO2ORYuvLQhFY5v9JBZMgMucNZdHCwVeWB6JxsORAgXDrq4meWdTdZmZcu1i1MtWt4VcAhZcUK1oL3_Lc9zJoHq6hbitzxxhKFVD47tkjwfr0gw8Nwy-8ExjPa9p6au3S7UZrft04epY6I9U4sE2_xsAl4LLJQThC8S8FZ5c7q3XslM1jiy_qBxecCpKfZ7txz4p0x9VLwPnX5BZMNob9aMkQMaKSIapEXXHeXgSeBJ1cFNDvySI3q8u0T7eCd-R-Hu8KUjn1OLDA9f5dALcvoXaY7U64OeU2A4T6n_oegQrzatMv_SLBsYSZW0_a5h0NfUEiW6UL2i7xLAtB7WuazZj99RP37YhvSsChs6NzF7_7_BN3qW6FXCmQl90SQNqoHRCY6Rg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd6fa8bea4cdfaa7f0000000000000000%22,%222%22:%220x4952791103a4ec450000000000000000%22,%223%22:%220xfdc33f7220f028f10000000000000000%22,%224%22:%220x35952aa84fe3aa4c0000000000000000%22,%225%22:%220x9a8da60ed9c905bf0000000000000000%22},%22debug_key%22:%229324632885379204651%22,%22debug_reporting%22:true,%22destination%22:%22https://comic-walker.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22812221356%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211179406741342742849%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231017&jk=2568533022925001&bg=!NDelN3jNAAbDUgby41I7ADQBe5WfONtS0OMdWR-rE-jHbg-zAWnivYtrIDMFaTEvSGfc3napfZUcisTyyg2M_Sa8UaNSAgAAAD9SAAAAA2gBBwoAdU_cbnmb7RGY7OdkrVo82d1k2Qm5ZL_8ctEjMh488KFIqgmvZ-0hHdeA2q8zS_4XEywxoonWEUrAVVxnRjBsPb4SEX4Ha8Z9wYN3V7cIFcWowfQ6v_oaiLGQ7riNt_Z2ji_K2H6We9I78iAyYkzhlWArUGOKMpkCydxBfq8N1lp10MYVbB65JEpNRUpqivlCs5mSf0kG-KACil2wvbeX1DbeAkT_WALsv4dVQzDMgqdmxyBOyc-3RX7EtLGbQ_CNp_8EAxN2d-ZTRLx8W_jPg1m6CyayZ0A2OGgQcXgBQk_dy5OGm-Aw8B58c85Z4UcW1fNGLElKanZW15oAP30Ifpou4xQCX4jsBDOBhDVWDyAOOpJ8fcyN9o-ghATI_U2LdlVfUwSq-1DENfuCqXh_W1mUtxR4Qeum-w09AdMH6lgF5XuZuAxmzVc_ispedlFT3LzfKT9tcDEc8PGitZ5c4aJsU5RoKvhanLDNxMkOdXueAeKDaHJ1I7nV7S6i3HWAg1jYHqDtA-e0xi8zevj0Lkt4punQ7zn7k62GciYVSLC60XWTTsxmac1orpQpBq5Q63DWCwuB8R0-Oy4o0pZx4oSQBDkq3soQ1odAKGS-2hunWoylwFaRc1X5tN4OKdiS3QXi8YyZE3fQIuBqFPoFlGFLyVW0nkTSKexOiqZajx440komUJijAskrWAC3ZcC2UbbdR8ue40-xuyvaQdnKyackukIQJnHzF-qpZiQLEKmP3WM5r3OXljBNymCE6H7_7C--1VPTx99MxkfAqQx1oqlZONx7vDE-gtIgOT7noqzfoHrAAV07ynu-vU6M3TIn8hp0JdGTVonKJbGgD9y9xlBOc9EqS-gntmKnB0wuP58bRNDM2BaEZjqDHbGKpKxFNsa30VjWC2lUca7Jcyuw_oD20uE_q6L5WGAbWMkPJzdmGEYyHImhsRkLQ6B-L3xtL9QRCBRHGyVbhvGbhxURbouGuUEnb2feb5bB6w9727AZjr4BYr20m3XXfnLwVDEQtWzmMFqtsqLLWzGoiGk5JqEZOq0q4RSlcZ1iVcqJ-lFKMv5RNmNoRkablhpdPfooqGPB-7VNVvvtQxB4JNAIl60t
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D684 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZwDF0dnKu9Y0tP7AnZmKoj9R6RWtDh7k-eaOFhuGA5OqM4slkHr-o-sO3dfe9UVFZhSK5OZ0j7-Hif2L4aXtjY2QoksRDfwhukkaY4OnbBHxcdTOg7Zq54wGIuWmpGI53C262OUeF6g&sig=Cg0ArKJSzFD4crKX6xRhEAE&id=lidar2&mcvt=1000&p=50,602,140,1330&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3139867011&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697892097591&rpt=395&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
pagead2.googlesyndication.com/bg/ Frame 024F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186313&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1697859698&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697892097823&bpp=1&bdt=219&idt=293&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&cookie=ID%3D30cfb477d5b7d325%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_MZoQeg-jykQP52sFQ4uNuTjJeJmfw&gpic=UID%3D00000c6c2ed6f902%3AT%3D1697892097%3ART%3D1697892097%3AS%3DALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw&prev_fmts=0x0&nras=1&correlator=4241903809445&frm=23&ife=4&pv=1&ga_vid=306292013.1697892096&ga_sid=1697892098&ga_hid=1325775361&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=504&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C42532335%2C44795922%2C44805112%2C44805534%2C44805680%2C44805919%2C44805933%2C31078297%2C31078965%2C44800659&oid=2&pvsid=2568533022925001&tmod=1523313878&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xtkfq3wbbn59&fsb=1&dtd=316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 20:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
318640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14583
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 20:10:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B2B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8-ylv7si3UOplcCpfmXWUGPGg0Gj0bOwCjvcolCQXXagpYK7FhkUrkgeDTpT5lMBiMym1QsHsnjs_MDel9s4bKKUhkvmNR8Aa2Z9XKvcUIQarfcAPka53xJtAD1OU0O3tUsld1t94vQ&sig=Cg0ArKJSzPMa6ZU7yyI6EAE&id=lidar2&mcvt=1000&p=503,1025,753,1325&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1147668949&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697892097604&rpt=513&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9.gif
id5-sync.com/c/747/112/0/
Redirect Chain
  • https://id5-sync.com/i/747/8.gif?id5id=ID5*odzvPPCltxT8w27OzHvlzClyxqeXwFrHMVdEdnTlvE1o-0oWv-GpqLDXJd-OOR8EaPw4ZDnXNu3Ja60eo439kQ&o=api&gdpr_consent=undefined&gdpr=false
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=5a421c59-afe3-4af2-b1d3-0cb476b75117&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/747/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/747/2/6/3.gif?puid=5154921547521339729&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/747/108/5/4.gif?puid=1ab472d1-5f7c-4937-947f-96702413600e&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/747/441/4/5.gif?puid=a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/747/19/3/6.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/747/19/3/6.gif?puid=9d6085902ec5cba92a7a305fb5ede632&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F826%2F2%2F7.gif%3Fpuid...
  • https://id5-sync.com/c/747/826/2/7.gif?puid=40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=39725d172d931faa&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/822.gif?puid=AAAMUFlDwy6N5gMBiTowAAAAAAA&expiration=1697978502&is_secure=true&gdpr_consent=&gdpr=0
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/747/112/0/9.gif?puid=20E51ABF526A0992&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/747/112/0/9.gif?puid=20E51ABF526A0992&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 21 Oct 2023 12:41:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:36 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://id5-sync.com/c/747/112/0/9.gif?puid=20E51ABF526A0992&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 999D 		998 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
800d2e6825b2a2de9ca92b13f67a36dfe3ee87c7eca4a55a903ca989546d8749

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
998
content-type
text/html
date
Sat, 21 Oct 2023 12:41:39 GMT
setuid
u.4dex.io/ Frame 999D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=8243831494846978376&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 999D
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=651b575ed7
43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=651b575ed7
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sat, 21 Oct 2023 12:40:57 GMT
via
1.1 f3c5f4930da878ee6625af13df3ad240.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-C1
age
42
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=651b575ed7
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
weVfF4RxjxMW0RX0pb6AdELMGmeOnXbvvbtm0Duy5QImk9s0i9hBMw==
/
rtb-csync.smartadserver.com/redir/ Frame 999D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5538762629735579458&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5538762629735579458&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5538762629735579458&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
wt.rqtrk.eu/ Frame 999D
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=8243831494846978376&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=8243831494846978376&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
141.95.32.73 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-007.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
1
content-length
43
expires
Sat, 21 Oct 2023 12:41:39 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=8243831494846978376&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 999D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZTPHAgAABg4jNAA5&gdpr=0&gdpr_consent=
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZTPHAgAABg4jNAA5&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-nrt-rjtf7700055-NRT
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697892100.644615,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZTPHAgAABg4jNAA5&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 60C7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPKZRqssmiNZ4955LlWELmf5JTOJ8waiiFiCJLUmzwyY8SAyVocuHILkRyHT6gsvbp97gsiyfejqS1cQWB8tmNMnAwvdQ7h7meCXIFzlyWv8wh13Iewvh1bHtIvyR5wJufmNAqS-CWrqsYt8n-hshGKFl0CtB725ZwUvdnJFRp7XsDC8k4VnG_d5HIgUubmIGnkVMJvRHjiNswxKThdsfnJi2dArYVzNGwXlYqQuNvKUIDChpWpli6PyBWFJii1flgHv_t3t8hNeXSIFlxUdwh3QWHXjXwTP_G10wgxcr2CuOKpLy5uNpep2OkSlEHP3-KFowhq0IXku_frdRitqJkBbiQzc-irI06aYi21Sm6B2sdjSBjDaF6Qmf2KxO6WglV708v2rAibCBOmxi1SYw-p-ZQWATqDjkEE9BSeHVVc1zaq58m9Fd4YUuq7rAdFbKrzA4vTbb7x7AyG8efQl8iqR14ikopElvuBkz64m16HCYjY6Qmz81o3_Zklne66XyWb5gxPGmpMCtN6nuhdRC8O4N3hcatuJKXwfCiCOnh8MaVuVIS_EIdh2BxyZ-96GrIrDhTS3NAlTMoa20xvsPYbuOf_yHh6cqaim1Gf0EZYn7d4h6-Nc6B8aw4OnzurlP9-k6ZzxhH51BuZMDoLNVAkJmZsoRqRRBPQTiTtf7eq6Wn625sCTobqGN59tatUTLGk4Ftgpup0uSpyzDn9jI4L-5rOGBWoEzYf5QisBiOCZB7hmd6f1ab3_8Znv5oSSRB2wi1_2Oxpyror1R_ojIMEjJvThbsiNLDS-pl83uEUOS1K2AqLPUxtiUtDpdHYNDdIhI_8b8q2IPCp07GXJr0AhAr1K3mMIyCNCvUosxP76OQOzw4eGBMmSdGTdQIETJ3nWBOSDbzlSDrq0vNzQ9mcJVkmEs-2yiIPnD4WH_9AQxYiWYnGi5cKals8IRqcV9iF4XSB6asM3i4oFhTyyAXBoJAZ5zHEyg3Zhyy9n60Vt454Frx9cYyCwHexjsxrUYL6F_qC9DDkB2aX6mkl-92TqZLy3C8SXhvucva3nW54AiXgrUykxgIoB0xoMwDPRGykWuKUWmMXhDbHig8z5j9mBoWdkQb0Yt7wfquLPqO2RrqBw9iCaYrrjNXuITptVKNA0ZTXkDYD0KDeX41g6PdxdwwGWWkw0n2t97r7ctmtEL84HSJT8q9T1h1lo3l0V2QsOdl4ZvAfvWHuAb1AiWYaQOmVUfL4-FzsYQAJ-QTneb3iMk25rhf4yrG95ogZ3mzqqedhHDZZnyPe7nPV0hjFVi2oA_EvtN0ZJjpOGPuvwAtHT9BbKpMVKqQ&sai=AMfl-YR9o8--muH140s20VJ8b_4yTMldjpTSoq5xbfYDXpjHqUQYSbYA6KCLsL-6Ph52Co7zZxck8PlkjZtPVvspirz_SO9ReoWObaRWKCgnmQxJ0jxKrG8jfnpb5zvXcQul57BdYKGOM7OS&sig=Cg0ArKJSzB3GotWMeSJKEAE&cid=CAQSOwDICaaNoSti_99gonmk_4Wk4NgzSMyx5u09g0CJeWM6bzWOKtqX03BZiM7Rixxp_nSTZ7UW1i5vfLJ7GAE&id=lidar2&mcvt=1017&p=0,0,90,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1649404926&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697892098016&rpt=604&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C608 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZe3pGsP_zb3VNdKx3QhQw5O4QJUNLrLu2lrzTiZ0Y6QXOUz2waojPuw3kqJJ6dAmWzYfBerqgRkZg3ProqEJzGYaoTPFE2h0hWsycGb1auvVaTglt_ME-0reScXMJpncXjgYpPqnqbQ&sai=AMfl-YQHo6JKMRYCijkhc7sxvu3rhDetsmWF-Y6HMlM1Trq0e4FBNXoR5cfU0W8r09hBN5k6rMA1bM0ch3IfybC7gFoIcw3biK8FeRTBNp4zwcsBUNkkoWBO6qGW4JM&sig=Cg0ArKJSzNdGa9dbWiFaEAE&cid=CAQSOwDICaaNK3kHDCJVvv4sz3xoag-xAQ4sY1Txw1Pz2-zWxPTobLhows3JjIJ5B14Xm7brHmwgccSUEMKGGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3401233556&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697892098140&rpt=641&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnatalie.mu%2F&domain=natalie.mu&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
233308
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
prebid
id5-sync.com/api/config/ 		135 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
802dcdd50c71f2f2fc1f72b0af6fb13be6f999fc72ce1abe1707dc7a0ec4032c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pid
sync6.im-apps.net/1008852/ 		70 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/1008852/pid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:6ede:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e914bb00cfa9b74f4992ba0d10a6ce83af8f26d12988b3b6cc9f03ffbd65f52a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 google
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
private, max-age=1800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnatalie.mu%2F&domain=natalie.mu&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=gxr8_3xaSFlCUGx2SWwvT2IwRlNYcEhVZEpXeS81U1RXZW9kWml3aG8rYXdHMmxUSlluNXZJL2VEajUybjBUczh4NkNQMzQ4MVpyTnRvN0hTbUYzZGdjdDk2QURCNGhoR2xuQkFyeTk5ekRSNTlxN1JhYXkremVYdE45Y1...
418 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gxr8_3xaSFlCUGx2SWwvT2IwRlNYcEhVZEpXeS81U1RXZW9kWml3aG8rYXdHMmxUSlluNXZJL2VEajUybjBUczh4NkNQMzQ4MVpyTnRvN0hTbUYzZGdjdDk2QURCNGhoR2xuQkFyeTk5ekRSNTlxN1JhYXkremVYdE45Y1o5bkRNVk5DcHJWaU9VdTNrVnlxVVNIajV1NHA0UzN5UGtVU3FjbTBXcWxLWmVMYk10S1JGZ0dsN1ovcks0NE5yNEhLNGJQYWlFVU9rRy9mSkpnQk0rTmJSZEloZ3R4dVRhUnMxUWJ2SGpxdWhnbG1FbkZ5TzdqdjFuZGh3VXduQnVKR3J4SGhySlIyMEdBeXY5OHRwV0ZRaEJIbFc3UT09fA&cppv=2
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ade6e5989b62d56a9626a0f524bdfe54f7cc843d06a563abf62ae502a4c04a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
793174
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://natalie.mu
location
https://mug.criteo.com/sid?cpp=gxr8_3xaSFlCUGx2SWwvT2IwRlNYcEhVZEpXeS81U1RXZW9kWml3aG8rYXdHMmxUSlluNXZJL2VEajUybjBUczh4NkNQMzQ4MVpyTnRvN0hTbUYzZGdjdDk2QURCNGhoR2xuQkFyeTk5ekRSNTlxN1JhYXkremVYdE45Y1o5bkRNVk5DcHJWaU9VdTNrVnlxVVNIajV1NHA0UzN5UGtVU3FjbTBXcWxLWmVMYk10S1JGZ0dsN1ovcks0NE5yNEhLNGJQYWlFVU9rRy9mSkpnQk0rTmJSZEloZ3R4dVRhUnMxUWJ2SGpxdWhnbG1FbkZ5TzdqdjFuZGh3VXduQnVKR3J4SGhySlIyMEdBeXY5OHRwV0ZRaEJIbFc3UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
286126
content-length
0
expires
0
prebid
h.parrable.com/ 		0
0
checksync.php
contextual.media.net/ Frame AA06 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1278a6fc1e1c702a3be3414b70b322d224ec658f991dc810b3c6ac26c49b4291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11685
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
Mon, 23 Oct 2023 12:41:40 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 3C83 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
569
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8199937bbfa26854-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
Sat, 21 Oct 2023 16:41:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
api.relaido.jp/tr/v1/prebid/ Frame 7AC3 		566 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.149.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e72113de472b289c5cb234d7ff1d653c8bc53e94a9af596f0fdcf0f07cfdbc7d

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-length
407
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:40 GMT
vary
Accept-Encoding,User-Agent
via
1.1 google
sync
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
ad51cf52145a8e2cda8c9eda8d310e04e4a37f1b7a0a41434f24ec9bdfe62a4a

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1300
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:41:40 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 21 Oct 2023 12:41:40 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1DBB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
9944
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 21 Oct 2023 12:41:40 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
383, 73330
X-Served-By
cache-lga13626-LGA, cache-nrt-rjtf7700050-NRT
X-Timer
S1697892101.547999,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 8C0D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 12:41:40 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0089 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157482
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
Mon, 23 Oct 2023 08:26:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 758E 		1 KB
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5178658069
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
d54fe0fd9028efe2a8deffd9396e2d627bc0637c12a142823e3d338161816b51

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 21 Oct 2023 12:41:25 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
pd
natasha-d.openx.net/w/1.0/ Frame DD9F 		940 B
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://natasha-d.openx.net/w/1.0/pd
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6058d56011958ad2f9c4c4f09b343216a590796d91266c63b468114e2b97cc24

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
546
content-type
text/html
date
Sat, 21 Oct 2023 12:41:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
actualizar
penta.a.one.impact-ad.jp/psm/1.0/ Frame 8A13
Redirect Chain
  • https://y.one.impact-ad.jp/push_sync
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tvu5f2p&ttd_tpi=1
  • https://y.one.impact-ad.jp/cs?d=247&uid=5a421c59-afe3-4af2-b1d3-0cb476b75117&tg=2&et=30&r=no&ttl=1700484100
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
42 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.248.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length
42
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:40 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 12:41:40 GMT
Location
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Server
nginx
31
cr-p31.ladsp.com/cookiesender/ 		43 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr-p31.ladsp.com/cookiesender/31
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-17.nrt51.r.cloudfront.net
Software
Logicad /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 886a171d4fd47a45f08d1726d75c8f18.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control
no-cache
content-length
43
x-amz-cf-id
GT5iNfHE-OabvyYE7qfD3nHgPFA0zhzmayCJ9kgP8UFvy-WB1rv3rw==
expires
-1
sync.js
sync.relaido.jp/ Frame 7AC3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.relaido.jp/sync.js?pid=2_4_8_11_7&uuid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.45.82 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-192-45-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3bbf90cc0bb83c5d8407e588a3fc8fb2fe93fe23715d1977da92771bc23cb02b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Sep 2022 03:00:12 GMT
ETag
"1f41fc55af0fcce096129efbbca2bfc4"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13819
Expires
Mon, 20 Nov 2023 12:41:40 GMT
usync.js
eus.rubiconproject.com/ Frame 8C0D 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2aadefee7323482d56b4248ba3656671b2202eab2084b648fdad9473615b8266

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Oct 2023 11:50:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83326
Connection
keep-alive
Content-Length
11097
Expires
Sun, 22 Oct 2023 11:50:26 GMT
uuid
api.relaido.jp/tr/v1/ Frame 7AC3 		48 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.relaido.jp/tr/v1/uuid
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.149.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.149.102.34.bc.googleusercontent.com
Software
/
Resource Hash
7c5106d3ee566bd39f9269661e3caeefef2f3902df12491ac003eced1d8a1b36

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
content-encoding
gzip
via
1.1 google
etag
"c099094c-8df4-4ecc-94c5-0d38787435a1"
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72
sd
us-u.openx.net/w/1.0/ Frame DD9F
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1060c56c8daa1faa&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALQleq18dQvgM5w0CdAAAAAAA&expiration=1697978500&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALQleq18dQvgM5w0CdAAAAAAA&expiration=1697978500&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALQleq18dQvgM5w0CdAAAAAAA&expiration=1697978500&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame DD9F 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=f57093e5-352a-4652-ac20-c5cddc711b2d
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame DD9F
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=DC5EFBAD13334B4FB0AA82EF17528B9F
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=DC5EFBAD13334B4FB0AA82EF17528B9F
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 21 Oct 2023 12:41:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=DC5EFBAD13334B4FB0AA82EF17528B9F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 20 Oct 2023 12:41:40 GMT
redirect
match.rundsp.com/ Frame DD9F 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame DD9F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame DD9F
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=rdNEECL61QUbir5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=rdNEECL61QUbir5
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:40 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-015e06b625cd64536@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=rdNEECL61QUbir5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DD9F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZTPHAgAABg4jNAA5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZTPHAgAABg4jNAA5
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-nrt-rjtf7700055-NRT
pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697892100.488991,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZTPHAgAABg4jNAA5
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame DD9F 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame DD9F
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56xCfe01KBDDa007jcqN
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56xCfe01KBDDa007jcqN
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sat, 21 Oct 2023 12:41:40 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=56xCfe01KBDDa007jcqN
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame DD9F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=bd068d6c-f395-8657-f50f-b693d84e50ba
Requested by
Host: natasha-d.openx.net
URL: https://natasha-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.183.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-183-0.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natasha-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
content-length
0
sync
gum.criteo.com/ Frame AA06 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
342493
expires
60
usync.html
eus.rubiconproject.com/ Frame DCB6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 12:41:40 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Oct 2023 12:41:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame C916
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Drkt%26refUrl%3D%26vid%3D789210051934089370000327330...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=rkt&refUrl=&vid=78921005193408937000032733000V10&ovsid=2018245967042705005
227 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=rkt&refUrl=&vid=78921005193408937000032733000V10&ovsid=2018245967042705005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
227
content-type
text/html;charset=UTF-8
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
Sat, 21 Oct 2023 12:41:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 21 Oct 2023 12:41:40 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=rkt&refUrl=&vid=78921005193408937000032733000V10&ovsid=2018245967042705005
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F15F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dpba%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157482
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
Mon, 23 Oct 2023 08:26:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame AA06
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=son&refUrl=&vid=78921005193408937000032733000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=son&refUrl=&vid=78921005193408937000032733000V10&ovsid=1402b278-a7fe-4836-a434-12140de2c5a1
53 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=son&refUrl=&vid=78921005193408937000032733000V10&ovsid=1402b278-a7fe-4836-a434-12140de2c5a1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:41 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:41 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:41 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-91
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=son&refUrl=&vid=78921005193408937000032733000V10&ovsid=1402b278-a7fe-4836-a434-12140de2c5a1
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame AA06
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3408937000032733...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=opx&refUrl=&vid=78921005193408937000032733000V10&ovsid=139879f3-4640-46fb-9c48-7aa9f93d7d98
227 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=opx&refUrl=&vid=78921005193408937000032733000V10&ovsid=139879f3-4640-46fb-9c48-7aa9f93d7d98
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
227
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

date
Sat, 21 Oct 2023 12:41:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3408937000032733000V10&type=opx&refUrl=&vid=78921005193408937000032733000V10&ovsid=139879f3-4640-46fb-9c48-7aa9f93d7d98
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame AA06
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dr1%26refUrl%3D%26vid%3D78921005193408937000...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=66806327
  • https://sync.1rx.io/usersync/tradedesk/5a421c59-afe3-4af2-b1d3-0cb476b75117
  • https://sync.targeting.unrulymedia.com/csync/RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=r1&refUrl=&vid=78921005193408937000032733000V10&ovsid=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
53 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=r1&refUrl=&vid=78921005193408937000032733000V10&ovsid=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=r1&refUrl=&vid=78921005193408937000032733000V10&ovsid=RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004
date
Sat, 21 Oct 2023 12:41:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf996afd154a847b4bbaa74ff734537f3004
content-type
text/html
cksync
cs.media.net/ Frame AA06
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQwODkzNzAwMDAzMjczMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEERlAmVYDM6ndiPt2tgupSM&google_cver=1
53 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEERlAmVYDM6ndiPt2tgupSM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
59.151.138.103 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a59-151-138-103.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:40 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
53
x-mnet-hl2
E
Expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEERlAmVYDM6ndiPt2tgupSM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AA06
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Ddxu%26refUrl%3D%26vid%3D78921005193408937000032...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=dxu&refUrl=&vid=78921005193408937000032733000V10&ovsid=rdNEECL61QUbir5
53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=dxu&refUrl=&vid=78921005193408937000032733000V10&ovsid=rdNEECL61QUbir5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:40 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-03fd7d1aa7a80ccdf@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=dxu&refUrl=&vid=78921005193408937000032733000V10&ovsid=rdNEECL61QUbir5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AA06
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40e903b5-467c-4476-8f35-049066a27aa9&gdpr=0&gdpr_consent=&us_privacy=
53 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40e903b5-467c-4476-8f35-049066a27aa9&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=40e903b5-467c-4476-8f35-049066a27aa9&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1014858
content-length
0
expires
Sat, 21 Oct 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AA06
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f8b314c7-eca3-43d1-a53f-7fde2220b61f&google_hm=ZjhiMzE0YzctZWNhMy00M2QxLWE1M2YtN2ZkZTIyMjBiNjFm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHZHgln7QI8_v8nXZjELHvE&google_cver=1&ssp=medianet&bsw_param=f8b314c7-eca3-43d1-a53f-7fde2220b61f
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=
53 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 21 Oct 2023 12:41:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame AA06
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=Nrw5ZMVMNO_6Cm77dTDI
53 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=Nrw5ZMVMNO_6Cm77dTDI
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:40 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=Nrw5ZMVMNO_6Cm77dTDI
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame AA06
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3408937000032733000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3408937000032733000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=d6cf8721-9121-41ff-8302-2579438d0610&cs=1
53 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=d6cf8721-9121-41ff-8302-2579438d0610&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:42 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=d6cf8721-9121-41ff-8302-2579438d0610&cs=1
Date
Sat, 21 Oct 2023 12:41:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame AA06
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5a421c59-afe3-4af2-b1d3-0cb476b75117
53 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5a421c59-afe3-4af2-b1d3-0cb476b75117
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
59.151.138.103 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a59-151-138-103.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 12:41:40 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
53
x-mnet-hl2
E
Expires
Sat, 21 Oct 2023 12:41:40 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5a421c59-afe3-4af2-b1d3-0cb476b75117
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Kestrel
content-length
199
usync.js
eus.rubiconproject.com/ Frame DCB6 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.76 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-76.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2aadefee7323482d56b4248ba3656671b2202eab2084b648fdad9473615b8266

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Oct 2023 11:50:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83326
Connection
keep-alive
Content-Length
11097
Expires
Sun, 22 Oct 2023 11:50:26 GMT
async_usersync
ib.adnxs.com/ Frame 1DBB 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
an-x-request-uuid
b97ae499-c909-4767-8c00-617cd55166cc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.145.167; 31.204.145.167; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tracking.min.js
img.ak.impact-ad.jp/ut/a1/ Frame 7AC3 		175 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.ak.impact-ad.jp/ut/a1/tracking.min.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.19 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49daf7bddb14b814b7423b31c4ff574e2c73fc909fe098a18acf44c42069e5b5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
content-encoding
br
via
1.1 varnish
age
30814
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
41116
x-served-by
cache-nrt-rjtf7700023-NRT
last-modified
Mon, 14 Aug 2023 04:08:01 GMT
server
AmazonS3
x-timer
S1697892101.788906,VS0,VE0
etag
"16c2bb6deecc622dab084598d0635d47"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
accept-ranges
bytes
x-cache-hits
555740
get
sync.im-apps.net/imid/ Frame 7AC3 		58 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.im-apps.net/imid/get?token=t3cfQ1rNTL_GM09UZqwoBg&callback=__rld_callback_track_fn
Requested by
Host: sync.relaido.jp
URL: https://sync.relaido.jp/sync.js?pid=2_4_8_11_7&uuid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.101.235 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
235.101.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d8c1c251c6323bbc660a7d31180db6ac70c0051a92a587638150ed513f3f62c3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:41 GMT
via
1.1 google
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript
im-uid.js
dmp.im-apps.net/sdk/ Frame 7AC3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: sync.relaido.jp
URL: https://sync.relaido.jp/sync.js?pid=2_4_8_11_7&uuid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c3:595b Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Sat, 21 Oct 2023 12:41:40 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
userSync.js
ads.pubmatic.com/AdServer/js/ Frame 7AC3 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=148113
accept-ranges
bytes
content-length
2358
expires
Mon, 23 Oct 2023 05:50:13 GMT
sync
odr.mookie1.com/t/v2/ Frame 7AC3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=uliza&dsp_uuid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b314c7-eca3-43d1-a53f-7fde2220b61f&ssp=uliza&gdpr=&gdpr_consent=
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b314c7-eca3-43d1-a53f-7fde2220b61f&ssp=uliza&gdpr=&gdpr_consent=
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
Protocol
H2
Server
34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.79.111.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:41 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b314c7-eca3-43d1-a53f-7fde2220b61f&ssp=uliza&gdpr=&gdpr_consent=
Date
Sat, 21 Oct 2023 12:41:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
push_sync
y.one.impact-ad.jp/ Frame 7AC3 		43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/push_sync
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=5a421c59-afe3-4af2-b1d3-0cb476b75117&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=5a421c59-afe3-4af2-b1d3-0cb476b75117&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 12:41:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=5a421c59-afe3-4af2-b1d3-0cb476b75117&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sat, 21 Oct 2023 12:41:40 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyNzYxNzcxOTIxNzI2MjY3NzQ5NA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENPvTT_gXXE1ICqtKWsijqk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENPvTT_gXXE1ICqtKWsijqk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 12:41:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENPvTT_gXXE1ICqtKWsijqk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D400
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyNzYxNzcxOTIxNzI2MjY3NzQ5NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyNzYxNzcxOTIxNzI2MjY3NzQ5NA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjkyNzYxNzcxOTIxNzI2MjY3NzQ5NA%3D%3D
date
Sat, 21 Oct 2023 12:41:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame D400 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2927617719217262677494&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3D5AFBF6A3174685834F3C55A65C5225 Ref B: TYBEDGE0807 Ref C: 2023-10-21T12:41:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIOU+KBePDHlMzuKDgCg==
xuid
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2927617719217262677494?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-757Ut.FE2oSVrBu16M6y3fymTBtkgTX_d58kZhCE4A--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-757Ut.FE2oSVrBu16M6y3fymTBtkgTX_d58kZhCE4A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 12:41:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 21 Oct 2023 12:41:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-757Ut.FE2oSVrBu16M6y3fymTBtkgTX_d58kZhCE4A--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame D400 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2927617719217262677494&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
last-modified
Wed, 30 Aug 2023 15:12:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EDC5276E66E0470AA8A16062DDF7EA16 Ref B: TYO01EDGE3512 Ref C: 2023-10-21T12:41:40Z
etag
"4b119d5f54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2927617719217262677494&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5538762629735579458&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 12:41:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=f8b314c7-eca3-43d1-a53f-7fde2220b61f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 21 Oct 2023 12:41:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=40e903b5-467c-4476-8f35-049066a27aa9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=40e903b5-467c-4476-8f35-049066a27aa9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 12:41:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=40e903b5-467c-4476-8f35-049066a27aa9&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1060816
content-length
0
expires
Sat, 21 Oct 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D400
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5154921547521339729&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5154921547521339729&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 12:41:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 12:41:40 GMT
an-x-request-uuid
1421ce52-c049-4fcd-9968-74b17d6a5fdd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5154921547521339729&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
31.204.145.167; 31.204.145.167; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E3CB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.217.125.12 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-125-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://api.relaido.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157482
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
Mon, 23 Oct 2023 08:26:22 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gxr8_3xaSFlCUGx2SWwvT2IwRlNYcEhVZEpXeS81U1RXZW9kWml3aG8rYXdHMmxUSlluNXZJL2VEajUybjBUczh4NkNQMzQ4MVpyTnRvN0hTbUYzZGdjdDk2QURCNGhoR2xuQkFyeTk5ekRSNTlxN1JhYXkremVYdE45Y1o5bkRNVk5DcHJWaU9VdTNrVnlxVVNIajV1NHA0UzN5UGtVU3FjbTBXcWxLWmVMYk10S1JGZ0dsN1ovcks0NE5yNEhLNGJQYWlFVU9rRy9mSkpnQk0rTmJSZEloZ3R4dVRhUnMxUWJ2SGpxdWhnbG1FbkZ5TzdqdjFuZGh3VXduQnVKR3J4SGhySlIyMEdBeXY5OHRwV0ZRaEJIbFc3UT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
153297
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 0907 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 0907 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44579290&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 21 Oct 2023 12:41:40 GMT
content-length
47
content-type
text/html; charset=UTF-8
get
audiencedata.im-apps.net/imuid/ Frame 7AC3 		34 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=1000313&vid=01HD942TVPEF7AXDXZNPXS5VHF
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
213e5d19c6240cd097ce9cdb7a98a87111a89e9dda5beadcc5c12e7d15287085

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://api.relaido.jp
date
Sat, 21 Oct 2023 12:41:41 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
content-type
application/json
setuid
u.4dex.io/ Frame 1BFD 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 21 Oct 2023 12:41:40 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
khaos.json
token.rubiconproject.com/ Frame DCB6 		7 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LO0146JA-8-I3VV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 63E1 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PQENH4RK0K3Y76TX52E9
log.gif
tracker.v2.relaido.jp/syncuuidlog/ Frame F3E5
Redirect Chain
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=169...
807 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892101
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
75f2a50dc18057fb973409ed9e80aa6f8fdaa0629e034f13c3b278b6781a9003

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
807
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:41 GMT
etag
"64b85cf6-327"
last-modified
Wed, 19 Jul 2023 22:00:22 GMT
server
nginx
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-length
23
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:41 GMT
location
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892101
vary
Accept-Encoding,User-Agent
via
1.1 google
usersync
usersync.gumgum.com/ Frame EB86 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:41 GMT
Expires
0
Pragma
no-cache
cksync.php
contextual.media.net/ Frame DCB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LO0146JA-8-I3VV
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LO0146JA-8-I3VV
53 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LO0146JA-8-I3VV
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 12:41:41 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 12:41:41 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LO0146JA-8-I3VV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
log.gif
tracker.v2.relaido.jp/dmpsynclog/ Frame 7AC3 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.v2.relaido.jp/dmpsynclog/log.gif?distributorid=&event=69&event_name=sync&uuid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb&dmp_id=8&dmp_uuid=taVa76jeSPekwN631zggjg
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=363c2c8d-879d-4035-8308-fca66e18a089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:41 GMT
via
1.1 google
last-modified
Wed, 19 Jul 2023 22:00:22 GMT
server
nginx
etag
"64b85cf6-2b"
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
2760a046568809e05049825fa8a0d408717c0a4081ace62c23001e0472a63c8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame E8D4 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SM1E9KNT4P2H5YNTT26H
log.gif
tracker.v2.relaido.jp/dmpsynclog/ Frame 7AC3 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.v2.relaido.jp/dmpsynclog/log.gif?distributorid=&event=69&event_name=sync&uuid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb&dmp_id=8&dmp_uuid=i.taVa76jeSPekwN631zggjg&seg_id=imuid
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:41 GMT
via
1.1 google
last-modified
Wed, 19 Jul 2023 22:00:22 GMT
server
nginx
etag
"64b85cf6-2b"
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usersync
usersync.gumgum.com/ Frame 2B9D 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 21 Oct 2023 12:41:41 GMT
Expires
0
Pragma
no-cache
747.json
id5-sync.com/g/v2/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/747.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
30d0802f3013fedcfae4885fe28ba60bda2e55804e4b0720185a727fed4b96ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Sat, 21 Oct 2023 12:41:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/ Frame 758E
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=e87aa514-3fcd-49d2-b898-58c9384f6ee0&gdpr=0
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=e87aa514-3fcd-49d2-b898-58c9384f6ee0&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5178658069
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/png
date
Sat, 21 Oct 2023 12:41:26 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=e87aa514-3fcd-49d2-b898-58c9384f6ee0&gdpr=0
date
Sat, 21 Oct 2023 12:41:41 GMT
content-length
0
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/comic/kawagoeboyssing_index/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/comic/kawagoeboyssing_index/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7d13e9d20d69b624a713457bb9f9fb74d7176f0f75191ef5145a7291315beb6a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Wed, 04 Oct 2023 11:00:11 GMT
Server
Akamai Image Manager
ETag
"200b52810d8bd48cd216d70e19efb669"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
7370
Expires
Sun, 22 Oct 2023 00:41:41 GMT
kawagoeboyssing03_X.jpg
ogre.natalie.mu/media/pp/kawagoeboyssing03/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kawagoeboyssing03/kawagoeboyssing03_X.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ba4d49c352a635abda1ad06e35b5ed4df0d0d46b20ad54d689269486d118a98

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Tue, 17 Oct 2023 11:00:12 GMT
X-Serial
1209
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"4c84eef3e883851ca9b99cea4944bbf7"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
9407
Expires
Sun, 22 Oct 2023 00:41:41 GMT
buddiis04_x.jpg
ogre.natalie.mu/media/pp/buddiis04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/buddiis04/buddiis04_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0361a642ad025dbf78be58eb66da577590c5e96eeae960f77262dacac7f3364a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Mon, 16 Oct 2023 08:53:34 GMT
Server
Akamai Image Manager
ETag
"ca21593e5d6e6b19978371ae064e7796"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
12742
Expires
Sun, 22 Oct 2023 00:41:41 GMT
mameshibatonai_thumb.jpg
ogre.natalie.mu/media/pp/mameshibatonai/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/mameshibatonai/mameshibatonai_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c09d8a7f06f771075e3c7d9507a6460cc3ca7c29a057683426f2f2f5f0bd24d8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Tue, 17 Oct 2023 10:00:11 GMT
X-Serial
1916
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"9149a950da6e016ae9d4fa7bf0f29047"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
23236
Expires
Sun, 22 Oct 2023 00:41:41 GMT
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/music/buddiis2023/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/music/buddiis2023/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1723d907f927f857422d8dee722636b9e296a712f7fd4efbaa5a8c9f4c55d265

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Wed, 16 Aug 2023 01:53:46 GMT
X-Serial
1782
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"328ccf96fe50d9beb332d8fa5367d119"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
12452
Expires
Sun, 22 Oct 2023 00:41:41 GMT
reol08_x-2.jpg
ogre.natalie.mu/media/pp/reol08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/reol08/reol08_x-2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e9a13cabc62fce453d9cfeba3593b263efb3eab90b68582f84859f462a173b49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Tue, 17 Oct 2023 08:00:11 GMT
Server
Akamai Image Manager
ETag
"b8e4ae020868096e21bec701a1d1881c"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
12545
Expires
Sun, 22 Oct 2023 00:41:41 GMT
minamiza_osk_2023_thumb_2.jpg
ogre.natalie.mu/media/pp/minamiza_osk_2023/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/minamiza_osk_2023/minamiza_osk_2023_thumb_2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9b173bc059fb9ea2d17dd5fd9b75b35ae21ff46159a39ab143602a73e92dfec2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Mon, 16 Oct 2023 09:00:12 GMT
Server
Akamai Image Manager
ETag
"f24d129472916d4215add6592816ce9d"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
19830
Expires
Sun, 22 Oct 2023 00:41:41 GMT
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/comic/comic15th/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/comic/comic15th/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9072debabb368b2b321bc2d70e440d8449044f2e22a0af22ce905affbd9d3745

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:41 GMT
Last-Modified
Fri, 01 Sep 2023 03:00:13 GMT
Server
Akamai Image Manager
ETag
"687e90c41929eb07875eb36f52a02789"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
13368
Expires
Sun, 22 Oct 2023 00:41:41 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Oct 2023 12:41:42 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-190a2e309037a0ab8b8cf738440e59c5-9124abcf0c82979f-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
190a2e309037a0ab8b8cf738440e59c5/10458673140417599391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
/
aw.dw.impact-ad.jp/c/map/ Frame 7AC3 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aw.dw.impact-ad.jp/c/map/?oid=bbea7d2597bbccd5&cid=1a1cfed4-ce3b-4dce-bad4-dec95d82f6eb&sp=rld&fu=d1d541c6-8ef3-4e91-abfa-75b5f4243117&dl=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fprebid%2Fsync.html%3Fuu%3D363c2c8d-879d-4035-8308-fca66e18a089
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:80:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:41:42 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame 77B1 		53 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=pba&refUrl=&vid=78921005193408937000032733000V10&ovsid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dpba%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:43 GMT
expires
Sat, 21 Oct 2023 12:41:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
cksync.php
contextual.media.net/ Frame B8FE 		53 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3408937000032733000V10&type=pba&refUrl=&vid=78921005193408937000032733000V10&ovsid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3408937000032733000V10%26type%3Dpba%26refUrl%3D%26vid%3D78921005193408937000032733000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.126.205 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-126-205.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:43 GMT
expires
Sat, 21 Oct 2023 12:41:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
log.gif
tracker.v2.relaido.jp/syncuuidlog/ Frame BD2A
Redirect Chain
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=169...
807 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892104
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
75f2a50dc18057fb973409ed9e80aa6f8fdaa0629e034f13c3b278b6781a9003

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
807
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:44 GMT
etag
"64b85cf6-327"
last-modified
Wed, 19 Jul 2023 22:00:22 GMT
server
nginx
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-length
23
content-type
image/gif
date
Sat, 21 Oct 2023 12:41:44 GMT
location
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=c099094c-8df4-4ecc-94c5-0d38787435a1&dsp_id=7&dsp_uuid=6A1FE08F-782E-4095-BEF0-25C26FF6AF56&cb=1697892104
vary
Accept-Encoding,User-Agent
via
1.1 google
kokuritsu-kabuki_x-thumb1.jpg
ogre.natalie.mu/media/pp/kokuritsu-kabuki/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kokuritsu-kabuki/kokuritsu-kabuki_x-thumb1.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d5a53ed5bef393447d4a5052a76b6e0cd49c5459f6bb53274a3b243c3b108a62

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Thu, 12 Oct 2023 05:52:56 GMT
X-Serial
505
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"b4aae6fffa59f493a2312b29d73dc117"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
18410
Expires
Sun, 22 Oct 2023 00:41:47 GMT
kamonone4th02_x.jpg
ogre.natalie.mu/media/pp/kamonone4th02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kamonone4th02/kamonone4th02_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
bee89108f70cf30ab54335ebfce8e17af6e57227935516504cfc735733aa0e45

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Fri, 13 Oct 2023 09:30:03 GMT
X-Serial
1671
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"b04fab768d88940ed22305c70fabb113"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6735
Expires
Sun, 22 Oct 2023 00:41:47 GMT
littlebasketball_twitter.jpg
ogre.natalie.mu/media/pp/littlebasketball/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/littlebasketball/littlebasketball_twitter.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2268c8e1df98123cc70e5ce626dadbcf58b82b8605c1d83564339970c31abcc2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Fri, 13 Oct 2023 09:00:11 GMT
X-Serial
475
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"beacc8b59752b296200ee45e81901a79"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
23696
Expires
Sun, 22 Oct 2023 00:41:47 GMT
shakespeare-dark-comedy_thumb.jpg
ogre.natalie.mu/media/pp/shakespeare-dark-comedy/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/shakespeare-dark-comedy/shakespeare-dark-comedy_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a43fd080f560756845a28fbe479aa459d7ea057476741c45dcab7329054ab4c9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Tue, 10 Oct 2023 01:56:59 GMT
Server
Akamai Image Manager
ETag
"fa291e761645a4e62e79d4e31170a38a"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
16971
Expires
Sun, 22 Oct 2023 00:41:47 GMT
precurelive2023_X.jpg
ogre.natalie.mu/media/pp/precurelive2023/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/precurelive2023/precurelive2023_X.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
dd19323f85d5dc3cb4108f9f4d54612f3bf561dcd4c5abf8681a6aabda27f5e9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Fri, 13 Oct 2023 01:40:38 GMT
X-Serial
1649
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"a4dbfaa97fd2ac1517a440889c1b4bea"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
31670
Expires
Sun, 22 Oct 2023 00:41:47 GMT
showroom03_X.jpg
ogre.natalie.mu/media/pp/showroom03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/showroom03/showroom03_X.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2a328161d635ec501c273d46148346b6c7cfdb9ac6fd8a2e019f1ff3758f05ca

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Tue, 10 Oct 2023 02:26:17 GMT
Server
Akamai Image Manager
ETag
"5bdfa72abcf323dfd7245d9588478da5"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
17385
Expires
Sun, 22 Oct 2023 00:41:47 GMT
seijo_thumb.jpg
ogre.natalie.mu/media/pp/seijo/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/seijo/seijo_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1fa25ada57d0369279aaca55f69f3cbb942a2b3744352d992dc2cf5e97194b83

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Thu, 12 Oct 2023 09:00:11 GMT
X-Serial
616
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"d5f48a79a039c932c72cec966c79c661"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
11679
Expires
Sun, 22 Oct 2023 00:41:47 GMT
sas_weekly99music_thumb.jpg
ogre.natalie.mu/media/pp/sas_weekly99music/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/sas_weekly99music/sas_weekly99music_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:8::b81a:2b59 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c5ab82a04e596042afd5a1304d18645340279b1fb19554bbf766a55df3d63a24

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 12:41:47 GMT
Last-Modified
Wed, 11 Oct 2023 14:40:10 GMT
X-Serial
1827
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"fd06ccb7211f33ba700fd5c03b3009ac"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
33832
Expires
Sun, 22 Oct 2023 00:41:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
mweb.ck.inmobi.com
URL
https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEKnihioqTj9QemFu_8AuKao&google_cver=1&google_push=AXcoOmSxvthquy56p0PwNCQrXyNUk--s3G2FcJViKbarTBhTNdEcyagQ1IiCEcMgTi_PrR_wMKwSZoXKwS6ZSKN2HxzXQzYgWdnNVdA
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
h.parrable.com
URL
https://h.parrable.com/prebid?data=eyJlaWQiOm51bGwsInRyYWNrZXJzIjpbImYwYjFjNDY1LWRmNGUtNDQ2My1hZDhjLTY2N2MyNjQ4ZmMyOCJdLCJ1cmwiOiJodHRwczovL25hdGFsaWUubXUvIiwicHJlYmlkVmVyc2lvbiI6IjguNi4wIiwiaXNJZnJhbWUiOmZhbHNlLCJ0cGNTdXBwb3J0IjpudWxsfQ..&gdpr=0&_rand=0.48622157504869645
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| dataLayer object| pbjs object| googletag object| fluxtag object| apstag object| fluxPbSlots object| fluxNonPbSlots function| __d3lUW8vwsKlB__ object| _aps boolean| apstagLOADED object| apscustom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity object| _uic object| _uih object| pbFlux function| prebidBidder object| ID5EspConfig object| $$PREBID_GLOBAL$$ object| _pbjsGlobals object| flux object| _bidsurge object| pbjsChunk object| mnet object| ADAGIO object| _UI_JSON object| punycode object| _uiconv string| uiinit function| restartBivalves function| Vesicomyid function| objectFitImages object| $jscomp function| SearchSuggester object| searchSuggester function| NatalieFilmScheduleWidget function| $ function| jQuery function| Swiper object| lazySizesConfig object| lazySizes object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData object| Criteo object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ZDAzMTEwNGRjNDZkNGRmYmxvYWRlcl9qcw== string| ZDAzMTEwNGRjNDZkNGRmYmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| sas object| apntag object| _ADAGIO object| browsitag string| browsi_bootstrap_loaded object| __id5_instances object| regeneratorRuntime object| ox_esp object| _33across object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_pubtag object| criteo_identitytag_143 object| Criteo_identitytag_143 object| signal_decrypted number| google_unique_id object| ONFOCUS object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 21c132ed-5578-475f-b203-79ea85f16b42 object| criteo_syncframe_state object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

214 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQgNWFkrUxCgoI4gEQgNWFkrUxCgoItAIQgNWFkrUxCgoI5gEQgNWFkrUxCgoIhwIQgNWFkrUxCgoItwIQgNWFkrUxCgkIOhCA1YWStTEKCgiMAhCA1YWStTEKCQhfEIDVhZK1MQoJCB8QgNWFkrUx
natalie.mu/ Name: _flux_dataharbor
Value: 1
natalie.mu/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.natalie.mu/ Name: sharedid
Value: c6898560-ba59-49ec-8e96-e3136088c515
.natalie.mu/ Name: __ulfpc
Value: 202310212141361472
.nakanohito.jp/ Name: AP
Value: 202310212141367697
.natalie.mu/ Name: _gid
Value: GA1.2.808437681.1697892096
.natalie.mu/ Name: _gat_UA-45927307-1
Value: 1
.natalie.mu/ Name: _gat_UA-45927307-2
Value: 1
.natalie.mu/ Name: _gat_UA-45927307-15
Value: 1
.natalie.mu/ Name: _ga_Y7LQ4S8GZR
Value: GS1.1.1697892096.1.0.1697892096.0.0.0
.natalie.mu/ Name: _ga
Value: GA1.1.306292013.1697892096
www.clarity.ms/ Name: CLID
Value: c51eac196ccb4d39b07246c06e6ca63d.20231021.20241020
natalie.mu/ Name: relaido_uuid
Value: 363c2c8d-879d-4035-8308-fca66e18a089
.script.ac/ Name: __cf_bm
Value: SCHdUI1VQWWPGwnfy5QQRd8fjdyVPlkvdFhrxLGHjic-1697892096-0-AQ40IrppadqV5y0tT+K6A+ot5xUMTOLpeCoSQux1MOA6m8qt5qhh4ebwrZMdOAxCYXh3uzAbkOL6zFKPu9UCU8c=
.natalie.mu/ Name: _clck
Value: 1nxznce|2|fg1|0|1389
.gumgum.com/ Name: cs
Value: true
.adingo.jp/ Name: ID
Value: 918e2b04753c398b76d220c6e1b83a9e
.send.microad.jp/ Name: TR
Value: 8c69bdb165b512eafd53c9a21800182e
.teads.tv/ Name: tt_viewer
Value: 0af37ece-ca57-4246-95de-a2e480a3c340
.socdm.com/ Name: SOC
Value: ZTPHAMCo8YMAANWuQJIAAAAA
.richaudience.com/ Name: pdid
Value: a22e0161-0feb-4471-9092-0zz1697892096
natalie.mu/ Name: __browsiSessionID
Value: 8bb0a78b-241d-440e-8226-94e60f3f5d70&false&false&DEFAULT&jp&desktop-4.20.11&true
natalie.mu/ Name: __browsiUID
Value: b7663b07-ca96-4c7f-8933-faa08d05138d
.openx.net/ Name: i
Value: 08182f35-44c7-43ec-a5d1-cc2f2ff5dcb9|1697892096
.rubiconproject.com/ Name: khaos
Value: LO0146JA-8-I3VV
.impact-ad.jp/ Name: c
Value: 1697892096
.impact-ad.jp/ Name: tuuid
Value: 30263585-fe1e-4105-9c6c-de647690968d
.lijit.com/ Name: ljt_reader
Value: HheZUBZHvW-TW0C7SDOqUckt
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 9d6085902ec5cba92a7a305fb5ede632
.natalie.mu/ Name: _clsk
Value: lk623t|1697892097188|1|0|r.clarity.ms/collect
.natalie.mu/ Name: _cc_id
Value: 9d6085902ec5cba92a7a305fb5ede632
.natalie.mu/ Name: panoramaId_expiry
Value: 1698496897106
.natalie.mu/ Name: panoramaId
Value: 5bb409235449dab87026e674a2c44945a702e79f334d851f4b28e91b28a593ea
.natalie.mu/ Name: panoramaIdType
Value: panoIndiv
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: VuPSYJ7ANAlCbs6ZLW0ovQ-z99S095U
.adsrvr.org/ Name: TDID
Value: 5a421c59-afe3-4af2-b1d3-0cb476b75117
.doubleclick.net/ Name: IDE
Value: AHWqTUn80NJB0v0-M8WiwNFf_sjMB86D_mXsrxX9QLnzjJ4Dj8CqKr_bxj5-NhhndAo
.openx.net/ Name: univ_id
Value: 537072971|5a421c59-afe3-4af2-b1d3-0cb476b75117|1697892097293962
.natalie.mu/ Name: __gpi
Value: UID=00000c6c2ed6f902:T=1697892097:RT=1697892097:S=ALNI_Map-vEVNiacYKjZrUVvN4Q9-364Kw
.amazon-adsystem.com/ Name: ad-id
Value: A913qAbP00_hhsdbN1iQG8s
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AAIub07KZ44AABkhhMTs0Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.gumgum.com/ Name: vst
Value: a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8
.linkedin.com/ Name: bcookie
Value: "v=2&4320e916-4dc2-44f1-8328-ff4baf61e203"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3098:u=1:x=1:i=1697892097:t=1697978497:v=2:sig=AQGR7959ACHAYFaGkKUObH1Rqe0eSwKQ"
.casalemedia.com/ Name: CMID
Value: ZTPHAq6QIONP0t0NdR41DgAA
.casalemedia.com/ Name: CMPS
Value: 5429
.casalemedia.com/ Name: CMPRO
Value: 5429
.primis.tech/ Name: csuuid
Value: 6533c702013f6
.natalie.mu/ Name: __gads
Value: ID=30cfb477d5b7d325-224f31b1d7e700f3:T=1697892097:RT=1697892098:S=ALNI_Ma792oVAP-ke3JhcR-R0fyllzhfvA
.adnxs.com/ Name: uuid2
Value: 5154921547521339729
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTPHAgAABg4jNAA5
.turn.com/ Name: uid
Value: 3843438667609851527
.simpli.fi/ Name: suid
Value: DC5EFBAD13334B4FB0AA82EF17528B9F
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: RZlPIQDMw4
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5538762629735579458
.lijit.com/ Name: _ljtrtb_80
Value: LO0146JA-8-I3VV
.bidswitch.net/ Name: tuuid
Value: f8b314c7-eca3-43d1-a53f-7fde2220b61f
.bidswitch.net/ Name: c
Value: 1697892098
.bidswitch.net/ Name: tuuid_lu
Value: 1697892098
.c.appier.net/ Name: _auid
Value: -PB3GnW-CHuq5YZXAsczZQ
.c.appier.net/ Name: _gu
Value: CAESEHxKlVa1cTCOnZBbx7Zsf94
.uncn.jp/ Name: t
Value: v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef
.360yield.com/ Name: tuuid
Value: e1b58547-64f5-465f-a8be-b944b6237477
.360yield.com/ Name: tuuid_lu
Value: 1697892098
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdEtBRERG
.intentiq.com/ Name: IQPData
Value: 533500327#1697892098486#0#1697892098486
.intentiq.com/ Name: intentIQCDate
Value: 1697892098489
.intentiq.com/ Name: ASDT
Value: 0
.sharethrough.com/ Name: stx_user_id
Value: e87aa514-3fcd-49d2-b898-58c9384f6ee0
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: ea6ec310-cf36-4e13-b9d5-651ab4920b02
.prebid.a-mo.net/ Name: sd_amuid2
Value: ea6ec310-cf36-4e13-b9d5-651ab4920b02
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004%22%7D
.sportradarserving.com/ Name: zuuid
Value: 7926f9f4-50b2-4e62-8f53-7725a99d905e
.sportradarserving.com/ Name: c
Value: 1697892098
.sportradarserving.com/ Name: zuuid_lu
Value: 1697892098
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1697892098
.creativecdn.com/ Name: u
Value: rKPpUx5xZ0xRpEOS0aDb
.creativecdn.com/ Name: ts
Value: 1697892098
.natalie.mu/ Name: FCNEC
Value: %5B%5B%22AKsRol-IWLh9rEwH-hLAiN6SIa495BGl18lTI7HlSTADVquL6IvlD-eQ386qdoiZ3l0yzxY4JYF-usfYmriEnwDmtgAjh6CIHnbi-r_RX7GTqM5yYN8w2yQisBZJOYRj8xhidhbCx2PZVgebMscpK-FUWcw4uViIiA%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22825%22%5D%5D%5D
.smartadserver.com/ Name: pid
Value: 8243831494846978376
.pangle-ads.com/ Name: _pangle
Value: 2X4d4zJa2sB5Z3JFsPjZDoKDWJQ
.adtdp.com/ Name: uid
Value: AYtSQWLQ_N9W7Sv5By8
.adtdp.com/ Name: dynid
Value: AYtSQWLQ_N9W7Sv5By8
.yahoo.com/ Name: A3
Value: d=AQABBALHM2UCED4D_Uoa4vYsSNKUd1xrqN0FEgEBAQEYNWU9ZWChyyMA_eMAAA&S=AQAAAk_z4_1NB1FDzxojzeUw2lE
.quantserve.com/ Name: mc
Value: 6533c702-bbb26-e4c95-c912f
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6A1FE08F-782E-4095-BEF0-25C26FF6AF56
.pubmatic.com/ Name: DPSync3
Value: 1699056000%3A201_245_226%7C1697932800%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1698451200%3A15_223_2%7C1699056000%3A220_202_96_214_233_264_54_56_8_179_22_254_234_21_76_217_71_5_107_209_46_13_3%7C1699142400%3A35%7C1703030400%3A69%7C1698710400%3A63
ads.us.e-planning.net/ Name: CT
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-5a421c59-afe3-4af2-b1d3-0cb476b75117&KRTB&22918-5a421c59-afe3-4af2-b1d3-0cb476b75117&KRTB&22926-5a421c59-afe3-4af2-b1d3-0cb476b75117&KRTB&23031-5a421c59-afe3-4af2-b1d3-0cb476b75117
.pubmatic.com/ Name: KRTBCOOKIE_1201
Value: 23170-v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef&KRTB&23180-v_ef4ddf52-2950-47b6-8c3e-ec525adab8ef
.ctnsnet.com/ Name: cid
Value: e961db5238a549d8b46788e2683f9a7d
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3f709143-10a1-577b-4438-efc7cc5f4758.4UFAFzYzsWSjWNZE39WzcmrvQ1uwxddPTIaM3f7lKj8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3f709143-10a1-577b-4438-efc7cc5f4758.4UFAFzYzsWSjWNZE39WzcmrvQ1uwxddPTIaM3f7lKj8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AP3CRQxChV3tEOO_HzF9HWB_Mkac.rdNBttxL92nzJYRmWgFHNIQ%2FjACgDORFdun1wxBz5kc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AP3CRQxChV3tEOO_HzF9HWB_Mkac.rdNBttxL92nzJYRmWgFHNIQ%2FjACgDORFdun1wxBz5kc
.quantserve.com/ Name: d
Value: ENMBEgGeKvijD9r7EA
.zemanta.com/ Name: zuid
Value: Nrw5ZMVMNO_6Cm77dTDI
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3843438667609851527&KRTB&23150-3843438667609851527&KRTB&23527-3843438667609851527
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5538762629735579458&KRTB&23263-5538762629735579458&KRTB&23481-5538762629735579458
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-e961db5238a549d8b46788e2683f9a7d&KRTB&23328-e961db5238a549d8b46788e2683f9a7d&KRTB&23427-e961db5238a549d8b46788e2683f9a7d&KRTB&23445-e961db5238a549d8b46788e2683f9a7d
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5154921547521339729&KRTB&23339-5154921547521339729
.ladsp.com/ Name: lum
Value: COLGhZK1MRIFCAMQ0AUSBQgKEJAN
.pubmatic.com/ Name: KRTBCOOKIE_629
Value: 11487-AZeHHCUI7285ks8AD7P31LT3lc8AAAGLUkFjYg
.tapad.com/ Name: TapAd_TS
Value: 1697892098925
.tapad.com/ Name: TapAd_DID
Value: 1ab472d1-5f7c-4937-947f-96702413600e
.ipredictive.com/ Name: cu
Value: 92e17aae-7a4f-47d2-88cf-efa73a6c9f71|1697892098907
.hb.yahoo.net/ Name: visitor-id
Value: 3408936990032775000V10
.hb.yahoo.net/ Name: data-mag
Value: LO0146JA-8-I3VV~~63
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tribalfusion.com/ Name: ANON_ID
Value: aInsAGqkaHaBykt9ZbxaehEETZa5x6ssEAq16Ee6XEyu21KUqAhtZcdQei5O9MvbjheuGEEriUtgRNcCC4XZdvZdG
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7068
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIL8C1RMZStzVfkGKTl87vkx3AP868Yef8RmwzzMedP36EHwYBCCCjs-pBjABOgTLdGrUQgTTwQW3.YrqdSW4lfmXMO3SfN3PTH1PA7zn8g9LItZgzPEkP0yA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIL8C1RMZStzVfkGKTl87vkx3AP868Yef8RmwzzMedP36EHwYBCCCjs-pBjABOgTLdGrUQgTTwQW3.YrqdSW4lfmXMO3SfN3PTH1PA7zn8g9LItZgzPEkP0yA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-P3CRQxChV3tEOO_HzF9HWB_Mkac&KRTB&23334-P3CRQxChV3tEOO_HzF9HWB_Mkac&KRTB&23417-P3CRQxChV3tEOO_HzF9HWB_Mkac&KRTB&23426-P3CRQxChV3tEOO_HzF9HWB_Mkac
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_&KRTB&19420-5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_&KRTB&22979-5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_&KRTB&23403-5p3mVrOf5Vf9yrcH4p74AOTL7FD9y-xU4s6UeVN_
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKFjjMCCHx2E7r1FT6fy9qw&KRTB&23025-CAESEKFjjMCCHx2E7r1FT6fy9qw&KRTB&23386-CAESEKFjjMCCHx2E7r1FT6fy9qw
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787--PB3GnW-CHuq5YZXAsczZQ
.googleadservices.com/ Name: ar_debug
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjk3ODkyMDk3LCJwdWJtYXRpYyI6MTY5Nzg5MjA5OH0
.pubmatic.com/ Name: KRTBCOOKIE_656
Value: 12671-ZTPHAMCo8YMAANWuQJIAAAAA&KRTB&23509-ZTPHAMCo8YMAANWuQJIAAAAA&KRTB&23514-ZTPHAMCo8YMAANWuQJIAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMQW1jDsUttAMYORXJAAAAAAA&KRTB&22713-AAAMQW1jDsUttAMYORXJAAAAAAA&KRTB&22715-AAAMQW1jDsUttAMYORXJAAAAAAA&KRTB&23519-AAAMQW1jDsUttAMYORXJAAAAAAA
fksnk.com/ Name: AWSALBCORS
Value: Z4H547M0u/pRVFvoi9hpypAp3iBjLarDpClj26bKZjhkTHP2VaZg2UQz0LHCeYbAUUCRoT/Z4FAAmhrlwpHVrGWYfXHvoGWP2GZ6ZMvU9mPsqGLsqBXtWVyUWGu8
.fksnk.com/ Name: f_001
Value: EEB49935C730A184
.fksnk.com/ Name: g_001
Value: 1
pool.admedo.com/ Name: tuuid
Value: 39d3c750-c343-4dbc-841e-7117bbc97dd7
pool.admedo.com/ Name: c
Value: 1697892099
pool.admedo.com/ Name: tuuid_lu
Value: 1697892099
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f8b314c7-eca3-43d1-a53f-7fde2220b61f
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0MzcwMTI3MDUwMBXiM9RNSsvwKAoPDzEx0_UCAMclAeglAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmluYWlkYGlpbGEMALZUkasQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0MzcwMTI3MDUwMBXiM9RNSsvwKAoPDzEx0_UCAMclAeglAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2018245967042705005
.contextweb.com/ Name: V
Value: wnT0hVUtP019
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1njj|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 16d64ef2f7eef6a2
.w55c.net/ Name: wfivefivec
Value: rdNEECL61QUbir5
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:rdNEECL61QUbir5&KRTB&23421-uid:rdNEECL61QUbir5
.csync.loopme.me/ Name: viewer_token
Value: b4fc7ad9-87c5-4f08-ae2b-40b11322b641
.smaato.net/ Name: SCM
Value: 651b575ed7
.smaato.net/ Name: SCMsas
Value: 651b575ed7
sync.gonet-ads.com/ Name: chk
Value: 1
.gonet-ads.com/ Name: pid
Value: NGU2ZWVmYWJjYmE2YzA4
.smartadserver.com/ Name: csync
Value: 150:0
.adx.opera.com/ Name: UID
Value: OPUf1dca041ebd84a6d8e2354fcada8f8ff
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUf1dca041ebd84a6d8e2354fcada8f8ff&KRTB&23485-OPUf1dca041ebd84a6d8e2354fcada8f8ff&KRTB&23524-OPUf1dca041ebd84a6d8e2354fcada8f8ff
.pubmatic.com/ Name: PugT
Value: 1697892100
.im-apps.net/ Name: imid_secure
Value: taVa76jeSPekwN631zggjg
.im-apps.net/ Name: imid_created_secure
Value: 1697892100
.impact-ad.jp/ Name: tuuid_lu
Value: 1697892100
y.one.impact-ad.jp/ Name: cmt
Value: !247,5a421c59-afe3-4af2-b1d3-0cb476b75117,2,469726900,0
.openx.net/ Name: pd
Value: v2|1697892097.1.2|lYvOjEiuhI.iauIjIlQlU.vysnkSrApMvGvAkqvHsP
.relaido.jp/ Name: relaido_uuid
Value: c099094c-8df4-4ecc-94c5-0d38787435a1
.impact-ad.jp/ Name: psm
Value: 0
.media.net/ Name: visitor-id
Value: 3408937000032733000V10
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2elo:19e0~2elo:18za~2elo"
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-o
Value: 139879f3-4640-46fb-9c48-7aa9f93d7d98~~8
.blismedia.com/ Name: b
Value: 6533C704B2BBFFF3DF7C2BE5BLIS
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004%22%7D
.media.net/ Name: data-bs
Value: f8b314c7-eca3-43d1-a53f-7fde2220b61f~~1
.media.net/ Name: data-xu
Value: rdNEECL61QUbir5~~8
.criteo.com/ Name: uid
Value: 40e903b5-467c-4476-8f35-049066a27aa9
.r-ad.ne.jp/ Name: r_ad_token
Value: 56xCfe01KBDDa007jcqN
.3lift.com/ Name: tluid
Value: 2927617719217262677494
.media.net/ Name: data-g
Value: CAESEERlAmVYDM6ndiPt2tgupSM~~8
.media.net/ Name: data-rk
Value: 2018245967042705005~~8
.media.net/ Name: data-r1
Value: RX-f996afd1-54a8-47b4-bbaa-74ff734537f3-004~~8
.media.net/ Name: data-c
Value: 40e903b5-467c-4476-8f35-049066a27aa9~~1
.media.net/ Name: data-c-ts
Value: 1697892100
.media.net/ Name: data-ze
Value: Nrw5ZMVMNO_6Cm77dTDI~~1
.media.net/ Name: data-ttd
Value: 5a421c59-afe3-4af2-b1d3-0cb476b75117~~1
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCJyLu5ejj6k8EAUSFQoGY2FzYWxlEgsI1PHlm6OPqTwQBRIXCghwdWJtYXRpYxILCIzO5aKjj6k8EAUSFAoFdGFwYWQSCwi-9L2ko4-pPBAFEhYKB3N2eDl0NTASCwia98-1o4-pPBAFGAEgASgCMgsI4u3S4rmPqTwQBTgBWgdzdng5dDUwYAI.
.bing.com/ Name: MUID
Value: 2EDC452927AB62071B60569826D363E5
.c.bing.com/ Name: MR
Value: 0
.rqtrk.eu/ Name: browser_id
Value: 1:27a3fcff-6c2a-4c1c-891f-917446ddfdd8
.linkedin.com/ Name: li_sugr
Value: 4aac3200-2703-4d0d-8cbf-def8edc6658b
.semasio.net/ Name: SEUNCY
Value: 20E51ABF526A0992
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1697913700985
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMTAtMjFUMTI6NDE6MzYuNDQ5MTc4ODc3WiIsImFwcG5leHVzIjoiMjAyMy0xMC0yMVQxMjo0MTozNi40NDkxOTA2NloiLCJlcGxhbm5pbmciOiIyMDIzLTEwLTIxVDEyOjQxOjM2LjQ0OTE2NDU0OFoiLCJmcmVld2hlZWwiOiIyMDIzLTEwLTIxVDEyOjQxOjM2LjQ0OTIzMDEyNloiLCJpbXByb3ZlZGlnaXRhbCI6IjIwMjMtMTAtMjFUMTI6NDE6MzYuNDQ5MTE1MTNaIiwiaW5kZXhleGNoYW5nZSI6IjIwMjMtMTAtMjFUMTI6NDE6MzYuNDQ5MjIyODk1WiIsIm9uZXRhZyI6IjIwMjMtMTAtMjFUMTI6NDE6MzYuNDQ5MjEzMjc1WiIsIm9wZW54IjoiMjAyMy0xMC0yMVQxMjo0MTozNi40NDkyNDIyMDdaIiwicHVibWF0aWMiOiIyMDIzLTEwLTIxVDEyOjQxOjM2LjQ0OTA3MDQ3WiIsInJ1Ymljb24iOiIyMDIzLTEwLTIxVDEyOjQxOjM2LjQ0OTEzMTY2OVoiLCJzbWFydCI6IjIwMjMtMTAtMjFUMTI6NDE6MzYuNDQ5MTk5MDU2WiIsInNvdnJuIjoiMjAyMy0xMC0yMVQxMjo0MTozNi40NDkyMDQ5NTdaIiwidHJpcGxlbGlmdCI6IjIwMjMtMTAtMjFUMTI6NDE6MzYuNDQ5MzQ3ODI1WiIsInVucnVseSI6IjIwMjMtMTAtMjFUMTI6NDE6MzYuNDQ5MTU0MTI0WiJ9LCJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiIzM2U2MTg2OS0wNGQ0LTRiZTEtOGQ2NC00NGRhOGE3NDEzYjAiLCJleHBpcmVzIjoiMjAyMy0xMi0yMFQxMjo0MTozNi40NDg5OTczOThaIn0sInB1Ym1hdGljIjp7InVpZCI6IjZBMUZFMDhGLTc4MkUtNDA5NS1CRUYwLTI1QzI2RkY2QUY1NiIsImV4cGlyZXMiOiIyMDIzLTEyLTIwVDEyOjQxOjQwLjk5MTA0MjM0OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMTzAxNDZKQS04LUkzVlYiLCJleHBpcmVzIjoiMjAyMy0xMi0yMFQxMjo0MTozNy44MjczOTM3MDRaIn0sInNtYXJ0Ijp7InVpZCI6IjgyNDM4MzE0OTQ4NDY5NzgzNzYiLCJleHBpcmVzIjoiMjAyMy0xMi0yMFQxMjo0MTozOS42NDg1NjYxNTdaIn19LCJiZGF5IjoiMjAyMy0xMC0yMVQxMjo0MTozNi40NDg5Mzg1NTlaIn0=
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIt0sjfK9UnpR799LPhQT3KntvUBAa1Dj2AVOlD0vCXBxXecZJxgbKUrbhpH/YtB1qgt0NmsjSazVXrXltAgeHd8VbKC8lRAHRnwQ7gX2pTDObjA4yJuNClU1QIfHOgpYw=
.w55c.net/ Name: matchopenx
Value: 5
.media.net/ Name: data-r
Value: LO0146JA-8-I3VV~~1
.pubmatic.com/ Name: SPugT
Value: 1697892101
.richaudience.com/ Name: cmpsync
Value: 1
.go.sonobi.com/ Name: __uis
Value: 1402b278-a7fe-4836-a434-12140de2c5a1
.id5-sync.com/ Name: id5
Value: a4fc0cb2-6c8b-7ac6-8123-418843b8783f#1697892099109#3
.sitescout.com/ Name: ssi
Value: 40a5426c-1429-4249-84bc-d895cbf5e0c5#1697892101578
.media.net/ Name: data-so
Value: 1402b278-a7fe-4836-a434-12140de2c5a1~~8
.natalie.mu/ Name: cto_bundle
Value: gFlfMl9MVzlsd1FDOGxTaURmbDNDZmM3WEtlRVNuZ3IxYUNiVkJ6ejRENHBLNCUyRjJlMXRvMXprd2lpSDhxTDdxd2NaRFNxM2ExVjBZV1lmS29GSHlDc0gyeXE1UFFNTG13VU0wV2ZFMUR2QlZ5JTJGQVEyNXZ0azZtQlBsVCUyRkNMVkFkaVNwVzVIZVA5JTJGMmNwTjFrQnM4dDZHNVJrUSUzRCUzRA
.natalie.mu/ Name: cto_bidid
Value: J2kh-19BbFpyeGdsMGFBZ2U2T2h4VXlpUGRlbnBIODZVdno5RmUwcUduJTJGZFVjVHRuMlNZR3BKRGU4WHJWMVI4RVdvNUNFYmxiNkxQbWdGTmllTVJnWjVhTGRDamFMZ3Nva0xVN3NCN0RlWFltM1RrJTNE
.richaudience.com/ Name: avcid-sht-uid
Value: e87aa514-3fcd-49d2-b898-58c9384f6ee0
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTY5Nzg5MjEwMTc4OSwiNyI6MTY5Nzg5MjEwMTc4OX0
.id5-sync.com/ Name: 3pi
Value: 2#1697892099956#1198086302#5154921547521339729|19#1697892100913#-2101174722#9d6085902ec5cba92a7a305fb5ede632|264#1697892099632#-1322195805#5a421c59-afe3-4af2-b1d3-0cb476b75117|441#1697892100576#85602029#a_29baf916-ce6a-40a6-821a-3f4d7e6eaaa8|826#1697892102151#764446050#40a5426c-1429-4249-84bc-d895cbf5e0c5-6533c705-4a50|108#1697892100254#1375248917
.id5-sync.com/ Name: cf
Value: gif
.id5-sync.com/ Name: cip
Value: 747
.id5-sync.com/ Name: cnac
Value: 1
.id5-sync.com/ Name: car
Value: 8
.id5-sync.com/ Name: gdpr
Value: 0|
.dotomi.com/ Name: DotomiTest
Value: 39725d172d931faa
.mfadsrvr.com/ Name: tuuid
Value: d6cf8721-9121-41ff-8302-2579438d0610
.mfadsrvr.com/ Name: c
Value: 1697892102
.mfadsrvr.com/ Name: tuuid_lu
Value: 1697892102

5 Console Messages

Source Level URL
Text
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://capi.connatix.com/us/pixel?puid=LO0146JA-8-I3VV&pId=11&gdpr=&gdpr_consent=&us_privacy=
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Message:
Mixed Content: The page at 'https://natalie.mu/' was loaded over HTTPS, but requested an insecure frame 'http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://h.parrable.com/prebid?data=eyJlaWQiOm51bGwsInRyYWNrZXJzIjpbImYwYjFjNDY1LWRmNGUtNDQ2My1hZDhjLTY2N2MyNjQ4ZmMyOCJdLCJ1cmwiOiJodHRwczovL25hdGFsaWUubXUvIiwicHJlYmlkVmVyc2lvbiI6IjguNi4wIiwiaXNJZnJhbWUiOmZhbHNlLCJ0cGNTdXBwb3J0IjpudWxsfQ..&gdpr=0&_rand=0.48622157504869645
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

773a69a9c6d7145f5d1dbd4db47f256b.safeframe.googlesyndication.com
a.c.appier.net
a.flux.jp
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.as.amanad.adtdp.com
ad.turn.com
ads.pubmatic.com
ads.us.e-planning.net
analytics.pangle-ads.com
ap.lijit.com
api.relaido.jp
audiencedata.im-apps.net
aw.dw.impact-ad.jp
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bk.r-ad.ne.jp
bs.nakanohito.jp
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cadmus.script.ac
capi.connatix.com
cdn-ima.33across.com
cdn.browsiprod.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
contextual.media.net
cr-p10.ladsp.com
cr-p3.ladsp.com
cr-p31.ladsp.com
creativecdn.com
cs.media.net
cs.nakanohito.jp
cs.nex8.net
csync.loopme.me
d.adroll.com
d.socdm.com
dclk-match.dotomi.com
dis.criteo.com
dmp.im-apps.net
dps.jp.cinarra.com
ds.uncn.jp
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
events.browsiprod.com
fastlane.rubiconproject.com
fksnk.com
flux-cdn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
gigaplus.makeshop.jp
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
h.parrable.com
hb.adingo.jp
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.w55c.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.ak.impact-ad.jp
inmobi-match.dotomi.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
natalie.mu
natasha-d.openx.net
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
ogre.natalie.mu
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.ladsp.com
penta.a.one.impact-ad.jp
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.media.net
prg-apac.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.clarity.ms
r.turn.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s-rtb-pb.send.microad.jp
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.gonet-ads.com
sync.im-apps.net
sync.intentiq.com
sync.ipredictive.com
sync.outbrain.com
sync.relaido.jp
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
sync6.im-apps.net
t.adx.opera.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tracker.v2.relaido.jp
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
wt.rqtrk.eu
www.clarity.ms
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
y.one.impact-ad.jp
yield-manager.browsiprod.com
cm-supply-web.gammaplatform.com
cs.nex8.net
h.parrable.com
match.rundsp.com
mweb.ck.inmobi.com
sync-dsp.ad-m.asia
103.132.192.30
103.253.24.61
103.43.90.21
104.18.24.18
104.18.26.193
104.18.27.193
104.18.35.167
104.18.41.104
107.178.248.96
119.9.108.180
124.146.153.162
124.146.153.164
13.112.54.241
13.213.197.118
13.214.76.234
13.224.141.41
13.224.143.60
13.228.126.19
13.249.146.82
13.33.5.52
131.153.206.100
139.162.117.143
141.95.32.73
141.95.33.111
142.251.42.194
151.101.129.108
151.101.193.19
151.101.194.49
162.19.138.82
162.55.236.225
169.197.150.8
172.105.203.31
172.217.161.66
18.139.177.100
18.141.105.172
18.176.234.133
18.192.43.30
18.65.116.10
182.161.74.11
182.161.74.16
185.184.8.90
185.84.60.20
188.42.105.236
198.8.71.131
20.119.174.243
2001:4860:4802:38::178
2001:df2:a300:bbbb::135
202.233.84.2
203.114.55.135
203.114.55.140
207.65.34.74
207.65.34.76
207.65.34.80
207.65.34.81
220.150.223.50
23.105.12.159
23.106.127.165
23.106.127.49
23.106.127.53
23.192.45.82
23.192.45.99
23.208.233.60
23.217.124.13
23.217.125.12
23.217.126.205
23.217.126.76
23.56.171.128
23.61.252.40
2404:6800:4004:808::2002
2404:6800:4004:808::2003
2404:6800:4004:811::2002
2404:6800:4004:818::2004
2404:6800:4004:818::2008
2404:6800:4004:818::200a
2404:6800:4004:821::200e
2404:6800:4004:823::2001
2404:6800:4004:823::2002
2404:6800:4004:823::2003
2404:6800:4004:824::2003
2404:6800:4004:824::2006
2404:6800:4004:826::2001
2404:6800:4004:828::2002
2404:6800:4008:c15::9c
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2406:da18:22e:4f04:b3f9:2e7a:3729:7051
2406:da18:929:5a01:259e:d14c:cabb:3cf7
2600:140b:a00:8::b81a:2b59
2600:140b:a800::17c3:595b
2600:1901:0:6ede::
2600:1901:0:80::
2600:1901:0:e207::
2600:9000:202f:3800:10:dd8:5e40:93a1
2600:9000:2138:1400:a:e047:753:6381
2600:9000:21b5:3c00:1a:5235:f980:93a1
2600:9000:21c5:be00:1b:5138:8a40:93a1
2602:803:c006:158::65
2606:4700:10::ac43:266a
2606:4700:20::681a:9a9
2606:4700::6812:1691
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800e:21:6c50:dbee:bef5:203d
2620:1ec:21::14
2620:1ec:46::46
2620:1ec:c11::200
2a02:fa8:c411:12::1050
2a04:4e42:400::485
3.114.115.252
3.115.72.35
3.210.56.15
34.102.146.192
34.102.149.137
34.111.113.62
34.111.79.67
34.120.107.143
34.120.63.153
34.120.63.33
34.124.209.251
34.149.101.235
34.149.40.38
34.160.89.38
34.95.69.49
34.96.105.8
34.96.70.87
34.98.64.218
35.186.193.173
35.190.39.111
35.213.109.249
35.213.12.39
35.213.93.179
35.214.198.85
35.227.252.103
35.244.159.8
35.71.131.137
35.71.178.8
35.72.165.187
35.75.232.179
43.206.23.166
44.225.97.91
52.20.57.143
52.221.171.128
52.46.143.56
52.6.39.46
52.77.157.107
52.95.126.138
54.150.135.134
54.150.37.244
54.169.118.21
54.248.123.43
54.249.183.0
59.151.138.103
64.120.110.138
64.74.236.31
66.225.223.191
69.173.151.100
69.173.158.64
69.175.41.44
69.175.41.79
72.34.250.75
74.118.186.106
74.118.186.107
74.214.196.131
82.145.213.8
98.98.134.243
99.84.54.81
99.86.199.17
99.86.199.91
99.86.199.99
99.86.222.34
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
00f2643a8ba8fe3434c2565953b282d787621ef3cae58fa041ba6d21c401fb05
0361a642ad025dbf78be58eb66da577590c5e96eeae960f77262dacac7f3364a
04585fe3a4195af44171b5d9df484a6229ce37cbdfc781626c1d7ca0719c925c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0682aaa9b31e6dd0867035e9bf6524abc9d1473f5d0556cd6826483aae2e00a3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07575b733b04ff991456dac0e2c6ae75f07c03853c6ebf50fbea055fb4cc5186
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0f3adb21eca94d4aef0fc05586a1d0a0473fd66058a369c7f01af3b6c1502bd8
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
112c7c1a60f862909e78f256b83c33edd2f8a1b65bfb6f64842d107abfcb0c07
122ab4c35f77496004124ffef2a86971276920136dba4e7e12302b3a9c66c640
1278a6fc1e1c702a3be3414b70b322d224ec658f991dc810b3c6ac26c49b4291
13ffbdd0e70ce0acdf237e27df0464f5e58b35020ec63e08ecefe607d2e8bf2b
1723d907f927f857422d8dee722636b9e296a712f7fd4efbaa5a8c9f4c55d265
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a64ab4d2224ef4a0adb5c00ceeea7814b61f62055192c779785aacda1a4c670
1ba4b5ac331c068dc59f2ba2b75d7718361334894077fbabec31af25b39e5935
1cecee6431949440f1823b37875da8cbd88c101871f59a0cade8cfee0bb161d9
1ead519981d97d5f71e6747fab1c14c04b17e6cecd690d4b600e506a9445a7c6
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fa25ada57d0369279aaca55f69f3cbb942a2b3744352d992dc2cf5e97194b83
2071303c787db42eb2ce529f4f4baa35a87863d9adbd958e0e3416e856057ded
2084e2d0a19a3a1b68077893c687e5342bf1b8451cef15d5e487465dc41cddc6
209807b4a945eb3978b50de85596e82a78af6ec6cf2d8757abadf90ef182a687
20cb5ecbbf1a2fd92522dc0edca65b3a0c4a858d4c45be45f5430dc8a6d6f0d9
20fdbea34430276282a38f46cde2542a88c740db47751e9642f5e4b8ffa632d4
213e5d19c6240cd097ce9cdb7a98a87111a89e9dda5beadcc5c12e7d15287085
21e4b7d14ff84f30c0f4b79a9d12720b3df0bc79cf8a33fbfe77a459c9d39660
2268c8e1df98123cc70e5ce626dadbcf58b82b8605c1d83564339970c31abcc2
226c340f0e636f3497595460ce97a3ab6ede611afb7936035aa9f280160e04e1
244240696aa799538656ed334adb5a9e445c4daa32672dc89bed9f548e042b4c
248e18c2d4ecf058a5acea142dd74784bd0af3ed62989cd19f4a7d5b1b78ef7c
252291b67c643c0c847e52b81a296dbb93c31096073b4c5ce43dc69e664443e9
25e1d42c06a31c867bf518ba680133ba6ed8ab463e26c8311591073f9003c0cd
2612554bef522a9e0fd7d4ccbf001639b64df95600625fbb8f9761dd07d24640
270b37ca538b6fd3d87d1f45638e52aa8d3e8ea168044edce7e2ded732576b68
2760a046568809e05049825fa8a0d408717c0a4081ace62c23001e0472a63c8d
2817985411793c7822b61c9887b0ee12f83d883d9262018eb769792b6791739c
28ac2bde4ed34f45e46efed7beba16533fee0e741b900308f47a9598e0395b13
2a328161d635ec501c273d46148346b6c7cfdb9ac6fd8a2e019f1ff3758f05ca
2aadefee7323482d56b4248ba3656671b2202eab2084b648fdad9473615b8266
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f830fa5d4639f2f4ba907f33104d972b81b66cae90d4631adc172e0eed4f078
2f866ee63cfae613128f652f897fb09b3ba8c36f6e6d74557f30afcd3ccc8b97
30d0802f3013fedcfae4885fe28ba60bda2e55804e4b0720185a727fed4b96ef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32bf7f3c73d70754912436e7180e7ee25a1e97ce74c33b8a547020bccc9feab1
33a80cd1c2cc1db3c62751c94760abf86924cd3c7b335bc7a079ac2c5b5bb375
33cf0d8d3d87823cb341d0eef288ebdf0a43e99ac967be120474ec26828bf482
33d7611f4f8e447ce66778c1ca3c47eeddcbf2e1ade5284be58cc4efdaa1b408
33db50983fdd055ed3ab1d4eae8637dc27da0be1816fa80e17f5be11f336a183
3402dafcba71e2b1d9a664b616dbc58acde903d82d42b35ee351511d657fff64
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
380e3aeaf28b7671ac80fd61c01dc1a33197ededbee49033ed3c996596c64c59
3a898937214010653ff06609b6ea2229a40a0a5f1e75654a56029bf51251769c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bbf90cc0bb83c5d8407e588a3fc8fb2fe93fe23715d1977da92771bc23cb02b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0b7a713db60eace41ae5b5b07e68c9b875ff88252e93a73c943595a4e71487
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3fc366031f4cf0871a99060c0c58f6c06360c5f9df2f2d0c530e0495bc7336
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ddd8c25de53ddae471291211294b71e68ea469ed38a81e8a7c10a22833ecbb
4349cbfeba2a637b438ab4cdab291ac70ac355a845c1d071736b3455715f5a0f
4394dd85796842b60b622367e2da73ff308dd75c452863c1cbf65fb8a4bb9e94
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448f89436b236a52d868715ba4fa2e07d2bf9e24210cc960c3913efe76420944
44aedbff7c0eb61eb74231c1bc4113c702ea833d1dd7ec27d2a14c3c2cc699e9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49daf7bddb14b814b7423b31c4ff574e2c73fc909fe098a18acf44c42069e5b5
4a2a76a2c71904a0ab0901a27104e5845bd8eb87d1b9a377ec188ff166f5b7aa
4ceccebc9a84ac6bd5dd8db1b6ae99496c939343d6236e77d698467ba411c157
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f0215c33b6876e32ac0f7d7ae04bc8dc569505e6812ad8abb6247a582c16c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5871712e179e672db12a6277d268c1988fb485ec278cb6e47bcf3170efcfb440
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5bb543d9f92a02b07043a85b973a870064de7620f9b928be7febd92fabdaf928
5c8ecd1f028494d0c7a4ec3e47001304bc5cdd0aa207d9a7f116368c5a32b9ab
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6058d56011958ad2f9c4c4f09b343216a590796d91266c63b468114e2b97cc24
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62951b1dd8e453027c9f32517272d5ae642de7eeb3913416cc99976bca6d57e4
6366876cf5534f38514cf45937134de620cd89a63dc20f3de56fe02680ab491b
64efadc328159222f0d7d2f12c26a7eda185e3a6966b398d4195df4f45297c5c
665e03e485e0a9d83ceb67f758d9c7a7c6ac447a0cd6f18a8ddcd7962b800914
671bf97817ffbfa377d13363e433de6cbcdf24c7e37ded61d8f4824e6e122f3e
69efd852105c504fa6d535d85372056853363d06b64d2b4a57670a99cac04c85
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f2baedcd158862b8b005f419813280e093b9fb2e0ba4f4074c9af30db27c928
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7310718df3f66bf651df22d961c4c2476ee380245607b6676d794699ce22667e
73e3191e8775f3d00119696caa79759b2ae87b5bf058bf6a66b626eb04580244
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
75f2a50dc18057fb973409ed9e80aa6f8fdaa0629e034f13c3b278b6781a9003
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
77df1fa141507a008f3ae5d32889cb264a9aa74e258de59a52bb426a7e463b58
79ed04659dc9b317ff439987185dc8784914bd72075302e4570929411a953c09
7c5106d3ee566bd39f9269661e3caeefef2f3902df12491ac003eced1d8a1b36
7d0d01197b092672215ab4f296facd80b983cf8fdc989d67b034c81dc77396f8
7d13e9d20d69b624a713457bb9f9fb74d7176f0f75191ef5145a7291315beb6a
7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
800d2e6825b2a2de9ca92b13f67a36dfe3ee87c7eca4a55a903ca989546d8749
802dcdd50c71f2f2fc1f72b0af6fb13be6f999fc72ce1abe1707dc7a0ec4032c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8448f1812b530b0f242051d7ea00e75e1900a0bf5cfa6b74726f0bd65b9f2393
84891b94c7a750b0263ad80582bcddcaca7cb27bf770e3a50d6e3730ffbdb2f2
88f97c6086525f7576f2a097c43cf6037f3e80d103c50cd1fadb533aa74d1f00
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b943873017fc172045a9104708c2a70998010bdfff88d71f33fa8700f174f04
9072debabb368b2b321bc2d70e440d8449044f2e22a0af22ce905affbd9d3745
912b197b2cd25b5d6d321ccdb58a628bc5ede874aaa64afedf4dd848e7473d03
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
98719f4116b14fd0f677f6f4ef19e1341d04836b5c33867a00f17aad8f10268d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b173bc059fb9ea2d17dd5fd9b75b35ae21ff46159a39ab143602a73e92dfec2
9ba4d49c352a635abda1ad06e35b5ed4df0d0d46b20ad54d689269486d118a98
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ed3c9129fff9938552309a1ed5d8af5a8317c6dd4a421fcdd28fb2c461d04e6
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a439884088411fa56a79d457e5c8dab284bbd0401c06669573a6ae80dcafe3b6
a43fd080f560756845a28fbe479aa459d7ea057476741c45dcab7329054ab4c9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a8eb1b50c925abfc85ede83208929f4e261b46257c89eeaca3b0071a0c8cb71a
a9d0d53e01edded7eaddb6b0c680a19d16c60ac9a8c1263e1c4d73e18e0eecae
a9ddf84afe6dfb0dace6cb175528b1ae3f5919874c2fc43411b3ce07898b0185
ab7c5dcbc4e594dafbb9e05221fc0d756e8403669577729e9b98e397e7384a48
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ad51cf52145a8e2cda8c9eda8d310e04e4a37f1b7a0a41434f24ec9bdfe62a4a
ade6e5989b62d56a9626a0f524bdfe54f7cc843d06a563abf62ae502a4c04a2e
ae470b2598822702c98fa0fdb3340d304e2ea7f8f445d463aa2a012d0394ffa1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0517be2e55df99767c225ddbe836fc534d8255e172046cd92da0e79cbc6ead5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b550749d5fb763a1b3116d2d3f254b750168b3a1b78aadfc3990144092932c
b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b73fd0c664be6aac87da06538b1543f4a6eb5e3a62016250c3b95752ea3103a7
b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3
b77904e3e1a97cfc384fb9ee1920b4a7930f9eecc6b2c65368ef6e11c9c7172c
b785f5fbd57a42a8bc5df63e3767d33571c6bcc3700b86aeadc0561e9e65b691
b8c91a8180c03c16e1554367b4f71f7396d6de86dc191cd06be078fc96290515
b9fb79755d8ffabfa5269b24ce02ba4cde1ce40561c6ef092a7c503179c3fbeb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdea8ca130f382ce76702da5a568e95768308c835a9a7a84f83d792d1dd12bf4
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bee89108f70cf30ab54335ebfce8e17af6e57227935516504cfc735733aa0e45
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
c09d8a7f06f771075e3c7d9507a6460cc3ca7c29a057683426f2f2f5f0bd24d8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3da6fe153a252f454e3e58e8919b6f2bb5db37d1ff6a376881c6967e2d6171c
c5ab82a04e596042afd5a1304d18645340279b1fb19554bbf766a55df3d63a24
c7c1fbc0d924a6f80a84561ec72130579e501b6c91af3f7b9fe255a7325e81c7
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caee451e4417b8754826f2d640cb050a87151005051ce98b02d2f7bf7334783f
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d54fe0fd9028efe2a8deffd9396e2d627bc0637c12a142823e3d338161816b51
d5a53ed5bef393447d4a5052a76b6e0cd49c5459f6bb53274a3b243c3b108a62
d7788b451c0d9499f2d0b8a308346768ec836a762a89b9fb2f9c7def2b104831
d8c1c251c6323bbc660a7d31180db6ac70c0051a92a587638150ed513f3f62c3
db179ef7d2518293114aa9ca73870cc93a3a30acf2550c6a2becadb7e3d45930
db18d34292e56ece2c92ec11e3b5c286c22a9d616e85af4450c0e518c14d11f2
dbc10a6a6bf1332ef8e2e8e28506f32a3e5434a097cea72efb5e024f8b80fd16
dd19323f85d5dc3cb4108f9f4d54612f3bf561dcd4c5abf8681a6aabda27f5e9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deecb2faa3ec6c98b69bbb9ba7cb0a63e95fe5c711f9b4857e7b676fdc8aaa63
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece
e37d820442e75222bbb23f7fcc16a5ce61ab37f2bbe8e694b890359cddd0609f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47b16255f2bb243d8b8a71ad1e2de067daba8a037a40454f405d3287fc7fd6d
e48bea460193cd447a4bbc7ed3f93e3517c119ac70f59dff27439a7afe7e6d1d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e72113de472b289c5cb234d7ff1d653c8bc53e94a9af596f0fdcf0f07cfdbc7d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e914bb00cfa9b74f4992ba0d10a6ce83af8f26d12988b3b6cc9f03ffbd65f52a
e9a13cabc62fce453d9cfeba3593b263efb3eab90b68582f84859f462a173b49
e9a8f8fab377073bf920a6439c90343b9f85ea9b1fcd66dc66e32aac8f40c352
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
eba7374e14d057ede49d73aedc028c94fcc2b80e135bd189094eec9d7fb4d5fb
ece7623aa37c0f0bebfe0ad5dc5680c6f100d4ffe03932dd4f54d14e6a2b7f17
eedf8ee29b8230f313d98ce35c699a2d82ce8f04383f09bce180ab11f9326558
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbaa7830b1169b4a9ae5b327d6f9d07b4e17be0a45bf555f1f0e270bd670f8e
f0389470970ef83dea159117db455560a1f3b0d52dcc2fe21e4d7644e36f74a2
f08f672cf98b2d50eb91a14c8f320328de60ad0b96a26f5b534396891edeb488
f33329ad037f275e6222ab50a050d2b13dba6d7f1026866a36160016e50585dd
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f66516859be0502de78c76ada7e180424f283aff737d184d77b5f6993ac01781
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8de31382f761a63e986f704aea08f4b6bc138900dc89e6fefe2047bf8b465ac
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fc6698a8265c559b0d6ae12b4ef40f9453eadf4135db0a54fbd34037752747c4
ffd77776047b40eb9bc1bff3a7baa2fa4792e6e46250841facc622bf601c3587