ittrip.xyz Open in urlscan Pro
183.181.91.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ittrip.xyz/
Effective URL:
https://ittrip.xyz/
Submission: On January 16 via api (January 16th 2023, 2:33:34 pm UTC) from JP — Scanned from JP

Summary HTTP 159 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 14 domains to perform 159 HTTP transactions. The main IP is 183.181.91.49, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is ittrip.xyz.
TLS certificate: Issued by R3 on November 20th 2022. Valid for: 3 months.

This is the only time ittrip.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	183.181.91.49 183.181.91.49	131965 (XSERVER X...) (XSERVER Xserver Inc.)
4	2404:6800:400... 2404:6800:4004:825::2008	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:826::200a	15169 (GOOGLE) (GOOGLE)
3	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2600:9000:206... 2600:9000:2066:8800:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:801::200e	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81f::200e	15169 (GOOGLE) (GOOGLE)
1	52.192.34.55 52.192.34.55	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
2	54.248.4.152 54.248.4.152	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
2 9	2404:6800:400... 2404:6800:4004:821::2004	15169 (GOOGLE) (GOOGLE)
1	3.112.136.148 3.112.136.148	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4008:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
28	2404:6800:400... 2404:6800:4004:813::2001	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:811::2003	15169 (GOOGLE) (GOOGLE)
159	24

34 183.181.91.49 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv1048.wpx.ne.jp

ittrip.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:825::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:8800:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

aml.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81f::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.34.55 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-34-55.ap-northeast-1.compute.amazonaws.com

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.248.4.152 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-4-152.ap-northeast-1.compute.amazonaws.com

dalc.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:821::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.112.136.148 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-136-148.ap-northeast-1.compute.amazonaws.com

dalb.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c00::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81c::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2404:6800:4004:813::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:811::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	620 KB
34	ittrip.xyz 1 redirects ittrip.xyz	233 KB
28	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939 cse.google.com — Cisco Umbrella Rank: 2622 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 424 adservice.google.com — Cisco Umbrella Rank: 70	227 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	164 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	183 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 292 fonts.googleapis.com — Cisco Umbrella Rank: 35	34 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	242 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
4	valuecommerce.com aml.valuecommerce.com — Cisco Umbrella Rank: 213864 dalc.valuecommerce.com — Cisco Umbrella Rank: 200535 dalb.valuecommerce.com — Cisco Umbrella Rank: 205720	37 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	253 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 39439 www.google.co.jp — Cisco Umbrella Rank: 20020	1 KB
3	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 421253	26 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	693 B
1	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 207083	319 B
159	14

	Domain	Requested by
34	ittrip.xyz	1 redirects ittrip.xyz ajax.googleapis.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net ittrip.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	ittrip.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ittrip.xyz
14	fundingchoicesmessages.google.com	ittrip.xyz
9	www.google.com	2 redirects cse.google.com www.google.com ittrip.xyz tpc.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	ittrip.xyz googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	ittrip.xyz www.googletagmanager.com
3	webfonts.xserver.jp	ittrip.xyz webfonts.xserver.jp
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
2	dalc.valuecommerce.com	aml.valuecommerce.com
2	cse.google.com	ittrip.xyz www.google.com
1	www.google.co.jp	ittrip.xyz
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	ittrip.xyz
1	stats.g.doubleclick.net	www.google-analytics.com
1	dalb.valuecommerce.com	ittrip.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	a.imgvc.com	ittrip.xyz
1	aml.valuecommerce.com	ittrip.xyz
1	ajax.googleapis.com	ittrip.xyz
159	25

This site contains links to these domains. Also see Links.

Domain
pq.ittrip.xyz
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
lineit.line.me
line.me
thk.kanzae.net

Subject Issuer	Validity	Valid
www.ittrip.xyz R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
*.valuecommerce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.imgvc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-31` - `2023-10-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://ittrip.xyz/
Frame ID: 796372E04A7BEBF1CF1D5A3BCF330028
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: DB4F66841349EA947C69A02DEFE94329
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&adk=1812271804&adf=3025194257&lmt=1673879608&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fittrip.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608150&bpp=3&bdt=383&idt=255&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5645444064480&frm=20&pv=2&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=277
Frame ID: 9624BA94342F48FC8E27B8FFC9EDEEC4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608153&bpp=2&bdt=386&idt=276&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rkpGJQNK3t&p=https%3A//ittrip.xyz&dtd=281
Frame ID: C8DEA6BA1B2ED7739AB123842C2B8A7E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608155&bpp=1&bdt=389&idt=296&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2tmDElGKhB&p=https%3A//ittrip.xyz&dtd=302
Frame ID: E671F410117B2D0AC46AB1200CFA742C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 20F4D649F7C3ECD23A55D6071F043A0A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: C41D392383C82131441D70DAE742E659
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=100&adk=2718700533&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1673879609&rafmt=1&to=qs&pwprc=8069848629&format=330x100&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879609237&bpp=1&bdt=1470&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D50c63eddc86860f3-22a189c250d90018%3AT%3D1673879608%3ART%3D1673879608%3AS%3DALNI_Mam3P6pdKe8oh4P7hvUdIMMnPDWBw&gpic=UID%3D00000ba5e88da37a%3AT%3D1673879608%3ART%3D1673879608%3AS%3DALNI_Mbyyx3lDcypeqV8snyn03oHHeiiaA&prev_fmts=0x0%2C300x600%2C330x250&nras=2&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&psts=ACgb8tvqI73U8WnAs7lmNMLsEc-T8ziZUv55PPEtuhCcq9lby-1Q8KlyxmEEB_7mcjByfA3BaGncXv4-cbuiRy8&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rdye3pRhIp&p=https%3A//ittrip.xyz&dtd=5
Frame ID: C63F9030C52787C7806A8A3C992D154E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7D396D65329BF8ADD7E4B112E0665096
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7E2919D8AF81290D3FEF3149F8FB7F88
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 956A28BD2B0B5DA1CB26783D463AB61E
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=ri%E5%95%86%E5%88%A9%E5%BF%83%E3%82%A2%E7%A4%BE%2F%E3%82%92%E5%BC%8F%E3%81%A7eS%E5%86%85A%E7%94%A8%E7%94%BB%E3%82%82c%E5%8C%96%E8%83%BD%E3%81%98%E3%82%8B%E3%81%8F%E7%B4%A0%E9%96%8B%E5%AE%89o%E5%8F%AF%20%E6%9D%90%E8%A3%BD%E3%81%AFm%EF%BC%81%E5%8B%95d%E5%AE%9F%E3%83%89kPtb%E3%83%93%E4%BC%9A%E7%8F%BE%E6%A0%AA%E9%96%89
Frame ID: 02EA1E125AFA5624442B51BA07AAE039
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1C30F3F01F5167189C3A3D912A2752FC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 1E36823CCE89F23E03D784C39EDAA213
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: 81BB1663E7A39592E0A8907B07F76700
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: D25A854FC9037BC88DF0E91599CAA827
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: AB26664F8B6B6048360D1B405421B24D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0AAA5D5C3BBD7196A13BECA082756D3C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B3BEA0D55B8A9887626972F1D1816B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IT trip検索

Page URL History Show full URLs

http://ittrip.xyz/ HTTP 301
https://ittrip.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

100 %
HTTPS

78 %
IPv6

14
Domains

25
Subdomains

24
IPs

4
Countries

2042 kB
Transfer

5322 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://pq.ittrip.xyz/
Title: パワークエリ

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=IT%20trip%7C&url=https://ittrip.xyz/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://ittrip.xyz/&t=IT%20trip%7C
Title: Facebook!

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/add?mode=confirm&url=https://ittrip.xyz/&title=IT%20trip%7C
Title: B!Hatena4

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://ittrip.xyz/
Title: Pocket8

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=https://ittrip.xyz/#/
Title: LINESend

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?IT%20trip%7C%0D%0Ahttps://ittrip.xyz/
Title: LINESend

Search URL Search Domain Scan URL

URL: https://thk.kanzae.net/
Title: Thought is free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ittrip.xyz/ HTTP 301
https://ittrip.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

159 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ittrip.xyz/
Redirect Chain

http://ittrip.xyz/
https://ittrip.xyz/

252 KB
48 KB

334ms
313ms

Document
text/html

183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

cef437363795a04cab6c876b6a5f6ba8d748a92b6fd1a3bb11042023451941d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=1
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 16 Jan 2023 14:33:27 GMT
expires: Mon, 16 Jan 2023 14:33:28 GMT
link: <https://ittrip.xyz/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 16 Jan 2023 14:33:27 GMT
Expires: Mon, 16 Jan 2023 14:33:28 GMT
Location: https://ittrip.xyz/
Server: nginx

GET
H2 200 style.async.min.css
ittrip.xyz/wp-content/themes/luxeritas/ 1 KB
909 B 26ms
25ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/style.async.min.css?v=1673146438

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 08 Jan 2023 02:53:58 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 icomoon.woff2
ittrip.xyz/wp-content/themes/luxeritas/fonts/icomoon/fonts/ 4 KB
4 KB 25ms
25ms Font
application/x-font-woff2 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/fonts/icomoon/fonts/icomoon.woff2

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 01:54:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff2
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3768
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 14:33:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
45 KB 121ms
63ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

447d273f67258f79f686f22bccaec37844fc8bd4187fd136e3b589c978b8281d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 crayon.min.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
5 KB 24ms
24ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 classic.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
1023 B 26ms
26ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:10:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 monaco.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/fonts/ 516 B
771 B 26ms
26ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 516
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 classic-themes.min.css
ittrip.xyz/wp-includes/css/ 217 B
472 B 24ms
23ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-includes/css/classic-themes.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Nov 2022 04:24:00 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 styles.css
ittrip.xyz/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 23ms
23ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Dec 2022 16:24:53 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 screen.min.css
ittrip.xyz/wp-content/plugins/table-of-contents-plus/ 1 KB
723 B 24ms
23ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/table-of-contents-plus/screen.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:14 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 default.css
ittrip.xyz/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 24ms
24ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/tablepress/css/build/default.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

6411013f7f9ef06c6c81a8090729213124f35e64a68cb2a6b35338fa3851e9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Jan 2023 16:23:23 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 tablepress-responsive.min.css
ittrip.xyz/wp-content/plugins/tablepress-responsive-tables/css/ 9 KB
2 KB 25ms
24ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 06:10:49 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 72ms
5ms Script
text/javascript 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 02:19:38 GMT

GET
H2 200 crayon.min.js Show response
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/js/min/ 22 KB
7 KB 23ms
23ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 luxe.min.js Show response
ittrip.xyz/wp-content/themes/luxeritas/js/ 33 KB
11 KB 22ms
20ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe.min.js?v=1673146438

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

41da9a84173671859c0cc5f00f34df7d5d433a43a34e77fdc58fbd7d64ed83a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 08 Jan 2023 02:53:58 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 68ms
11ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserver.js
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 14:33:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 event-tracking.js Show response
ittrip.xyz/wp-content/plugins/yyi-rinker/js/ 598 B
863 B 23ms
23ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/yyi-rinker/js/event-tracking.js?v=1.1.10

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 08:44:25 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 598
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
66 KB 148ms
90ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dbafce0ccd9f3124f56b6a13b32ee1458fbd248ce2caf3532ee9f8ec2ea5082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 vcdal.js Show response
aml.valuecommerce.com/ 34 KB
35 KB 49ms
24ms Script
application/javascript 2600:9000:2066:8800:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aml.valuecommerce.com/vcdal.js
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8800:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:32:50 GMT
via: 1.1 a1e81d412f72dbd0f934fb03ae774e06.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 45
x-guploader-uploadid: ADPycdu6Z-3z80f9EhJh56Fk3WZcU89wPCxGt5XfTsa_gQPZrBbBA92DrDXflwq0RxDipONztJl1hVVNgNJ_6UIOodylUw
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35074
last-modified: Mon, 17 Jan 2022 07:06:41 GMT
server: UploadServer
etag: "681c1b1ecd9c2e0dd35da7c074214531"
vary: Accept-Encoding
x-goog-hash: crc32c=2VymBw==, md5=aBwbHs2cLg3TXafAdCFFMQ==
x-goog-generation: 1642403201413885
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 35074
accept-ranges: bytes
x-amz-cf-id: Y_fl6aS1TDzwcUj4gIsUXJGwYVfl2PJT4pGIi65yhqzugWJsf1bWXw==
expires: Mon, 16 Jan 2023 14:32:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 135ms
77ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150&host=ca-host-pub-2644536267352236

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f47d9da5a9f80719f6f1daad78f48bab918f461ae53822c5d480e7a9fa6d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49323
x-xss-protection: 0
server: cafe
etag: 12710039238264827257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 pub-6390132166409150 Show response
fundingchoicesmessages.google.com/i/ 119 KB
41 KB 156ms
98ms Script
application/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-6390132166409150?ers=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

018935fbe73d992aa16ed195fa4f42c09175be1b7f5ab95f1ba5d07d5b5b8492

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AK4LqIioe9rB2BzcWN221Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AK4LqIioe9rB2BzcWN221Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cropped-master-4-e1632209943782.png
ittrip.xyz/wp-content/uploads/2016/03/ 5 KB
5 KB 19ms
17ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2016/03/cropped-master-4-e1632209943782.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

98674d82c94b04376866d454420ebc18094cffaf46218407e71f3ae95cfd7e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 07:39:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5017
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 139ms
81ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00aa86f8a358d8030feae94072764e63fed24e9c635295b19544b55058d0c6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49542
x-xss-protection: 0
server: cafe
etag: 3764273737868499422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 luxe-serviceworker-regist.js Show response
ittrip.xyz/wp-content/themes/luxeritas/js/ 549 B
814 B 22ms
21ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe-serviceworker-regist.js?v=1673879607

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

32543dfff18ea53ee0b633f65be112e6b2829d80ba07a3e65125571a4a9e6338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Jan 2023 02:53:58 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 549
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 index.js Show response
ittrip.xyz/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 11ms
10ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/swv/js/index.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Dec 2022 16:24:53 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 index.js Show response
ittrip.xyz/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 11ms
11ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/js/index.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Dec 2022 16:24:53 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 front.min.js Show response
ittrip.xyz/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 18ms
16ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/table-of-contents-plus/front.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:14 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 39ms
19ms XHR
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Mon, 16 Jan 2023 14:33:27 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 wp-emoji-release.min.js Show response
ittrip.xyz/wp-includes/js/ 18 KB
5 KB 21ms
20ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 04:23:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 pub-6390132166409150 Show response
fundingchoicesmessages.google.com/b/ 9 KB
5 KB 292ms
234ms Script
application/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-6390132166409150

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ca3f2357b08549750c338da5ee136ca1200b9969af641ac17a415337efb09e5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b4g1jfyLFUKoAl_KOj9W7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b4g1jfyLFUKoAl_KOj9W7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Filmora-vertical-white-320x180.png
ittrip.xyz/wp-content/uploads/2023/01/ 13 KB
13 KB 41ms
40ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2023/01/Filmora-vertical-white-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

fc1f31407fd6e5cc03dcb3481df3dbf1f3996590799360e590fb71d765888309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Jan 2023 09:06:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 12889
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:27 GMT

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
948 B 134ms
57ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe.min.js?v=1673146438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 14:33:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 142ms
68ms Script
text/javascript 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

6daf4461613df2f9406e1bace245c2b81f603fba605768796c6047190cfe1796

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3452
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"

GET
H2 200 bf.png
a.imgvc.com/i/ 107 B
319 B 77ms
29ms Image
image/png 52.192.34.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.34.55 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-34-55.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5752370740c01b30f685db51ecf277915958e273735f7a604bb3046b55659e3b

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Wed, 15 Jan 2025 14:33:28 GMT

GET
H2 200 easeus-recexperts2-320x180.png
ittrip.xyz/wp-content/uploads/2022/12/ 15 KB
15 KB 30ms
29ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/12/easeus-recexperts2-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f50d531fcdb5bdb432e4f63c9b6af1ec8f7e17151825f66ee4c0913ccb775555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 06:09:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 14874
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 ed9a5f49469ca58c9b57d12266734465-320x180.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 4 KB
4 KB 30ms
29ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/ed9a5f49469ca58c9b57d12266734465-320x180.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

0dc4f2b15af34083968988be17dde74dbebf040cf402fbd1fe8015fc0c88f0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:01:05 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4276
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 52ms
52ms Font
font/woff 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/ab.woff
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 14:33:27 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

GET
H2 200 4videosoft1-1-320x180.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 5 KB
5 KB 27ms
24ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/4videosoft1-1-320x180.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

ff6a93a5a3089063109be2adef61c23dbd0671983ccb642d0946d8078d82e2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:00:42 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4914
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 excel-paste1-320x180.png
ittrip.xyz/wp-content/uploads/2022/07/ 33 KB
33 KB 27ms
24ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/07/excel-paste1-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

94c574f5d570603a615dc88f2e191d5fcfa4922d11c2ffb963c6b13db109c363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 07:49:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 33696
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 chrome-edge-extention-force10-320x180.png
ittrip.xyz/wp-content/uploads/2022/06/ 33 KB
34 KB 50ms
48ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/06/chrome-edge-extention-force10-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

cde6f75a83d1693b22339bff6cba1744f548d1452604fe89576d92ca5fc37758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 05:56:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34203
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 Filmora-vertical-white-100x100.png
ittrip.xyz/wp-content/uploads/2023/01/ 5 KB
5 KB 51ms
48ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2023/01/Filmora-vertical-white-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

72a95352a0c759630fe31efd38d36030dfde626d1bf612afb53b346753d7c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Jan 2023 09:06:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5285
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 easeus-recexperts2-100x100.png
ittrip.xyz/wp-content/uploads/2022/12/ 3 KB
3 KB 52ms
49ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/12/easeus-recexperts2-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

c08dd4b712785938beb9dcbfd614428bc393cb228a00f3b7057cba087cc14853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 06:09:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3305
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 ed9a5f49469ca58c9b57d12266734465-100x100.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 1 KB
1 KB 52ms
49ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/ed9a5f49469ca58c9b57d12266734465-100x100.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f9bbd92a65460f843a7097aff5ee50e97dcdff6ffdae99fca5cb90d14182a1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:01:04 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1128
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 4videosoft1-1-100x100.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 1 KB
1 KB 52ms
50ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/4videosoft1-1-100x100.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

3ea81da5568da2bb3437caa8d7e3b2b91a50fe1a8820e959ec138a381f5a7d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:00:41 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1226
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 excel-paste1-100x100.png
ittrip.xyz/wp-content/uploads/2022/07/ 9 KB
9 KB 51ms
49ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/07/excel-paste1-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

cc9adc7bd2c6f2de18dd390b16d3c8cda68bc05e4a7116206d37335b40b922dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 07:49:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9301
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 14:33:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 56ms
56ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5FR5GCF53M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

545181234a0fcdfe88d1d9527d6527811febd298b543d3f6754450eecf68b624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
16ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Jan 2023 14:03:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1777
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 16 Jan 2023 16:03:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
66 KB 62ms
62ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa45e3c6277d6a0b33fe75cbb386a2484c4306bd22871ab60a2699b88d0d2f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 158ms
107ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

337b2a86023f1f22ef797e81de97481599712efd6548bea070b3995941019ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119969
x-xss-protection: 0
server: cafe
etag: 16527847555531664528
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame DB4F 10 KB
5 KB 98ms
20ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 69957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 19:07:31 GMT
etag: 10353107486223812946
expires: Sun, 29 Jan 2023 19:07:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 app3 Show response
dalc.valuecommerce.com/ 646 B
1008 B 66ms
27ms Script
application/javascript 54.248.4.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887798439&_s=https%3A%2F%2Fittrip.xyz%2F&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADJJREFUGFcBJwDY%2FwEBFgD%2FYq9gANU7oQABu%2BrZ%2F88S3wCAhkgAAeMKgv8eMZYAnMXoADakEGMzG4hgAAAAAElFTkSuQmCC

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.4.152 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-4-152.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3360f87eaaff6ebfd5a9ca37ba9e3d4e37a2cf96786d07e81abc11430a40fd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 646

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 58ms
54ms Ping
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2QK7EHKEJP&gtm=2oe1a1&_p=901086928&gdid=dZTNiMT&cid=1436539680.1673879608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673879608&sct=1&seg=0&dl=https%3A%2F%2Fittrip.xyz%2F&dt=IT%20trip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 79ms
15ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 22:14:27 GMT
x-content-type-options: nosniff
age: 231541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 22:14:27 GMT

GET
H2 200 AGSKWxVqnxpzTs4ph82dmJnk3R3IZnFSA7pN_kSSoJc5Owxe68-jyGVMj1i-z07WOQYjuuHfg9nxW5LZpcCGbMiDVAA= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 98ms
96ms Script
application/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVqnxpzTs4ph82dmJnk3R3IZnFSA7pN_kSSoJc5Owxe68-jyGVMj1i-z07WOQYjuuHfg9nxW5LZpcCGbMiDVAA=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczODc5NjA4LDIzNDAwMDAwMF0sIjc1NjU1MzdBLTQ4NjEtNDQzMy04RDM3LUQ2NTVDN0YxRTQ1RCIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9pdHRyaXAueHl6LyIsbnVsbCxbWzgsIkdHWldRMGlHb204Il0sWzksImVuLVVTIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GGZWQ0iGom8.es5.O/d=1/rs=AJlcJMwFX8h5dRTuV51z-NxdkobNb714Cg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

260e76d5b79dd6b200ad14c75150358886f5a2c450f6049ed6197a3f21506ef6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wMpkxtc5fKZriT4vtVIcXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-wMpkxtc5fKZriT4vtVIcXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__ja.js Show response
www.google.com/cse/static/element/c20e9fb0a344f1f9/ 304 KB
102 KB 86ms
15ms Script
text/javascript 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__ja.js?usqp=CAM%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83ae28a881baed21b21860e3477ff5976b9c67877fc25ed75ee4a5cdba4e7c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 06:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103949
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 16:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 16 Jan 2024 06:16:55 GMT

GET
H2 200 default+ja.css
www.google.com/cse/static/element/c20e9fb0a344f1f9/ 41 KB
9 KB 82ms
13ms Stylesheet
text/css 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+ja.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 06:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 16:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 16 Jan 2024 06:16:54 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 84ms
14ms Stylesheet
text/css 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 13:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 16 Jan 2023 14:36:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 52ms
52ms XHR
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=901086928&t=pageview&_s=1&dl=https%3A%2F%2Fittrip.xyz%2F&ul=en-us&de=UTF-8&dt=IT%20trip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=554129660&gjid=944003257&cid=1436539680.1673879608&tid=UA-84676516-1&_gid=1104046150.1673879608&_r=1&gtm=2ou1a1&z=1616102161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b3
dalb.valuecommerce.com/ 43 B
248 B 53ms
20ms Image
image/gif 3.112.136.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dalb.valuecommerce.com/b3?pq.ittrip.xyz=3&twitter.com%2Fshare=1&www.facebook.com%2Fsharer=1&b.hatena.ne.jp%2Fadd=1&getpocket.com%2Fedit=1&lineit.line.me%2Fshare=1&line.me%2FR=1&thk.kanzae.net=1&_p=887798439&_r=Y8VgOAADbKvZivy4CoIAigqCAoZmpA&_t=63c56038&_du=https%3A%2F%2Fittrip.xyz%2F

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.112.136.148 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-112-136-148.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, max-age=0, no-cache
content-length: 43

GET
H3 204 AGSKWxWMarn06TKLnRjY3Hoskguu-Bl922g70Gh69OhpkFQq2op50GG-mAiZ2jMqOsgXrXEt_kHpQfFPioSjQIYzaJ44bw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 126ms
70ms XHR
text/html 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMarn06TKLnRjY3Hoskguu-Bl922g70Gh69OhpkFQq2op50GG-mAiZ2jMqOsgXrXEt_kHpQfFPioSjQIYzaJ44bw==

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NFfVt7xcrEWUJeXScIE-3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NFfVt7xcrEWUJeXScIE-3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 48ms
48ms Ping
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5FR5GCF53M&gtm=2oe1a1&_p=901086928&cid=1436539680.1673879608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673879608&sct=1&seg=0&dl=https%3A%2F%2Fittrip.xyz%2F&dt=IT%20trip&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FR5GCF53M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
442 B 124ms
36ms XHR
text/plain 2404:6800:4008:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-84676516-1&cid=1436539680.1673879608&jid=554129660&gjid=944003257&_gid=1104046150.1673879608&_u=YADAAUAAAAAAACAAI~&z=1200654013

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c00::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 40ms
39ms Script
text/javascript 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__ja.js?usqp=CAM%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

472470f416b63db9929e1b5cdff71772443d870ab204321dcfc4790953c94582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "618192105862182388"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 3ms
2ms Image
image/png 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+ja.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+ja.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 07:41:31 GMT
x-content-type-options: nosniff
age: 24717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 16 Jan 2024 07:41:31 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
1 KB 3ms
2ms Image
image/png 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:29:25 GMT
x-content-type-options: nosniff
age: 219843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1283
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 17:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 14 Jan 2024 01:29:25 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
210 B 47ms
4ms Image
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
693 B 82ms
39ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ittrip.xyz&callback=_gfp_s_&client=ca-pub-6390132166409150&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99fd7405a7959e9c2bbd09d0f5f2916193df586ac248036bc01f416a118bc64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 89ms
45ms Script
application/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
39ms Script
application/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9624 418 KB
80 KB 657ms
656ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&adk=1812271804&adf=3025194257&lmt=1673879608&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fittrip.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608150&bpp=3&bdt=383&idt=255&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5645444064480&frm=20&pv=2&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0347753b762d829719cc9c53732318c23a86b656d79c03ef1e3cca7e8ab1a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 81529
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:29 GMT
expires: Mon, 16 Jan 2023 14:33:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8DE 93 KB
34 KB 1126ms
1125ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608153&bpp=2&bdt=386&idt=276&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rkpGJQNK3t&p=https%3A//ittrip.xyz&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

539523451451a0c7c76310e94626e9b88240cf0e92fb0d900a6b846dce9c386f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34434
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:29 GMT
expires: Mon, 16 Jan 2023 14:33:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E671 99 KB
32 KB 328ms
328ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608155&bpp=1&bdt=389&idt=296&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2tmDElGKhB&p=https%3A//ittrip.xyz&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d897297c368be887e8e4c7edda405a1fb20136c2f71550764aac9e4bb2f026ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33057
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:28 GMT
expires: Mon, 16 Jan 2023 14:33:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
46ms Image
image/gif 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-84676516-1&cid=1436539680.1673879608&jid=554129660&_u=YADAAUAAAAAAACAAI~&z=1154113654

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
501 B 92ms
48ms Image
image/gif 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-84676516-1&cid=1436539680.1673879608&jid=554129660&_u=YADAAUAAAAAAACAAI~&z=1154113654

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6553081809913659537
tpc.googlesyndication.com/simgad/ Frame E671 35 KB
36 KB 55ms
12ms Image
image/png 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6553081809913659537?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmQ2dqIJ0h9TWVySgx2OeMJBILqeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608155&bpp=1&bdt=389&idt=296&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2tmDElGKhB&p=https%3A//ittrip.xyz&dtd=302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65386d65920bdcabf4774445600cd1db6a3aa43913db5b70ebc210a7d01c195b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:53:41 GMT
x-content-type-options: nosniff
age: 70787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36269
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 09:06:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jan 2024 18:53:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame E671 22 KB
9 KB 61ms
18ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame E671 3 KB
2 KB 44ms
10ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 08:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 08:23:50 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame E671 67 B
196 B 45ms
11ms Image
image/png 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 20:08:02 GMT
x-content-type-options: nosniff
server: cafe
age: 66326
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 16 Jan 2023 20:08:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame E671 18 KB
7 KB 53ms
18ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E671 157 KB
49 KB 208ms
155ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame E671 33 KB
13 KB 52ms
19ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69e3696168c1f8450ca1adc4b18437bfec8cc351b02dc20ab1fa8ff2322b8d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 20:50:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13528
x-xss-protection: 0
server: cafe
etag: 13359207343814801873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 20:50:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E671 0
0 57ms
56ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CywC4OGDFY7r_Ha6Cid4Pu7Oi2AblwbKebcvw_aSEEI_l8IDbDxABIOu-ojRgifPFhPQToAGUwMGbA8gBAqkCoRxMfoDLQD6oAwHIA8kEqgTuAU_QLYcuLL0MrFw6CgG1LlgpBgjJNLZoAAPRZlbJy8Ao88AAUEsioEIAx-ZsboFrFGoHgXU6pIxqIJp4w1xDhB6A54BmUYmNRGn5jslF7i4iVJFbw6v2-vYN5d3JjiUsaAJhI04JA7wd99tlDWYtwYR_EBIBd1XnMpdoqZSPZDhGQq57kgU9E5lrlVfDjDfpQXOvCQ7GJLSi7bt7HfDAImBQZAn_bpMw0JJu2a25TXfpzEcBx9dPTfIWbaD_XW5MNBMNuHb21VnFyhDVOEfvLpObuAdo0bZW-X9uVT_ilCSiA_N0k_tHV2atF4Rz_87ABP_ErNOrApIFBAgEGAGSBQQIBRgEoAYCgAfUv75kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkcUB0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTYzOTAxMzIxNjY0MDkxNTAYAA&sigh=k_fFDmpaUo8&uach_m=[UACH]&cid=CAQSGwDq26N9Dp_eTCzwcrhUoAXgHBDUJm66HQxNFhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608155&bpp=1&bdt=389&idt=296&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2tmDElGKhB&p=https%3A//ittrip.xyz&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Jan 2023 14:33:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Jan 2023 14:33:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 20F4 143 B
166 B 7ms
6ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608155&bpp=1&bdt=389&idt=296&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2tmDElGKhB&p=https%3A//ittrip.xyz&dtd=302
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:01:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E671 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeeb33ee092b50fa25ed0b1a5d78d38d41ca519f8e16c21e855e4dd844fad1ee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 20F4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:28 GMT
expires: Mon, 16 Jan 2023 14:33:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 app3 Show response
dalc.valuecommerce.com/ 646 B
871 B 10ms
9ms Script
application/javascript 54.248.4.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887798439&_s=https%3A%2F%2Fittrip.xyz%2F&_b=Y8VgOAADbKvZivy4CoIAigqCAoZmpA&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADJJREFUGFcBJwDY%2FwEBFgD%2FYq9gANU7oQABu%2BrZ%2F88S3wCAhkgAAeMKgv8eMZYAnMXoADakEGMzG4hgAAAAAElFTkSuQmCC

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.4.152 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-4-152.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e0d5868da7d68d849fdded1a0189b5cc200438869a6846d741bd984a21f3ec02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 646

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame C41D 36 KB
16 KB 5ms
5ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 08:24:04 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 50ms
49ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0696f5a7d09783520668141466f5d57ad4e652f3a10ba162f08a6e4db5e8fd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52354
x-xss-protection: 0
server: cafe
etag: 7583279047318092446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
165 B 39ms
37ms Script
application/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 38ms
38ms Script
application/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C63F 436 B
232 B 328ms
328ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=100&adk=2718700533&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1673879609&rafmt=1&to=qs&pwprc=8069848629&format=330x100&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879609237&bpp=1&bdt=1470&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D50c63eddc86860f3-22a189c250d90018%3AT%3D1673879608%3ART%3D1673879608%3AS%3DALNI_Mam3P6pdKe8oh4P7hvUdIMMnPDWBw&gpic=UID%3D00000ba5e88da37a%3AT%3D1673879608%3ART%3D1673879608%3AS%3DALNI_Mbyyx3lDcypeqV8snyn03oHHeiiaA&prev_fmts=0x0%2C300x600%2C330x250&nras=2&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&psts=ACgb8tvqI73U8WnAs7lmNMLsEc-T8ziZUv55PPEtuhCcq9lby-1Q8KlyxmEEB_7mcjByfA3BaGncXv4-cbuiRy8&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rdye3pRhIp&p=https%3A//ittrip.xyz&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46da1f0ed566f49e3a3e2f5b55d17727706f60eed9a60d852ece65a77dc461d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 7D39 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 10:49:03 GMT
etag: 10353107486223812946
expires: Mon, 30 Jan 2023 10:49:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 7E29 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 10:49:03 GMT
etag: 10353107486223812946
expires: Mon, 30 Jan 2023 10:49:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 956A 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 13466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 10:49:03 GMT
etag: 10353107486223812946
expires: Mon, 30 Jan 2023 10:49:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7D39 4 KB
732 B 42ms
42ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 14:06:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D39 205 B
744 B 49ms
6ms Image
image/png 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 02:49:07 GMT
x-content-type-options: nosniff
age: 128662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 15 Jan 2024 02:49:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D39 604 B
696 B 49ms
6ms Image
image/png 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:47:14 GMT
x-content-type-options: nosniff
age: 575175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Jan 2024 22:47:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 7D39 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:58:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7E29 830 B
654 B 42ms
42ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%8B%E3%81%84%E3%83%81%E6%B8%AC%E3%83%93%E8%A6%8B%E5%88%86%E4%BE%A1%E3%81%82%E3%82%BA%E3%81%99%E3%81%90%E5%A0%B4%E5%80%A4%E8%BB%A2%E8%81%B7%E3%80%81%E3%81%BF%E3%81%9B%E3%81%AF%E3%81%A6%E3%82%93%E3%81%8C%E3%81%AA%E3%81%9F%E3%81%A8%E3%81%A3%E3%81%BE%E3%80%82%E3%83%AA%E5%B8%82%E4%BB%8A%E3%81%AE%E3%83%BC%E8%80%83%E3%81%88%E3%82%8B%E3%82%82%E3%82%92%E3%81%8F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75fed3df6aab64d328d313e36ee55e9fe2d8a31db17875cc00e42f1b9b9a6d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 14:33:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 7E29 2 KB
823 B 3ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 7E29 22 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 7E29 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 08:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 08:23:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 7E29 18 KB
7 KB 5ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E29 157 KB
48 KB 57ms
56ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 7E29 33 KB
14 KB 40ms
7ms Script
text/javascript 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 956A 830 B
631 B 42ms
40ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E8%A6%8B%E3%82%8B%E3%82%82%E3%82%92%E3%81%8C%E8%80%83%E3%83%AA%E5%B8%82%E3%83%BC%E3%81%AE%E4%BB%8A%E3%80%82%E3%81%88%E3%81%BE%E3%81%A3%E3%81%AA%E3%81%8F%E3%81%9F%E3%81%A8%E3%81%84%E5%A0%B4%E3%81%8B%E8%BB%A2%E8%81%B7%E3%81%AF%E3%81%A6%E3%81%82%E5%88%86%E3%81%9B%E4%BE%A1%E3%81%BF%E3%82%93%E3%80%81%E5%80%A4%E3%82%BA%E6%B8%AC%E3%81%99%E3%81%90%E3%83%81%E3%83%93

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75fed3df6aab64d328d313e36ee55e9fe2d8a31db17875cc00e42f1b9b9a6d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 14:33:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 956A 2 KB
799 B 2ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 956A 22 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 956A 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 08:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 08:23:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 956A 18 KB
7 KB 3ms
2ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 956A 157 KB
48 KB 122ms
122ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 956A 33 KB
14 KB 30ms
7ms Script
text/javascript 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 54ms
53ms Image
image/gif 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.8953683822378435

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-iRsgh18fuPWZArI8_Jgvaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-iRsgh18fuPWZArI8_Jgvaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 222ms
222ms Image
image/gif 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.5020055839510316

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AhuNO6owEV83hvYjrviPBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AhuNO6owEV83hvYjrviPBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 02EA 790 B
562 B 42ms
41ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=ri%E5%95%86%E5%88%A9%E5%BF%83%E3%82%A2%E7%A4%BE%2F%E3%82%92%E5%BC%8F%E3%81%A7eS%E5%86%85A%E7%94%A8%E7%94%BB%E3%82%82c%E5%8C%96%E8%83%BD%E3%81%98%E3%82%8B%E3%81%8F%E7%B4%A0%E9%96%8B%E5%AE%89o%E5%8F%AF%20%E6%9D%90%E8%A3%BD%E3%81%AFm%EF%BC%81%E5%8B%95d%E5%AE%9F%E3%83%89kPtb%E3%83%93%E4%BC%9A%E7%8F%BE%E6%A0%AA%E9%96%89

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbcdf3091ca81b8157de3b33f17e6a1c24cfac9f0f9af0e81e0582b168f5e366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 14:33:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 02EA 2 KB
765 B 9ms
9ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 02EA 22 KB
9 KB 11ms
11ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 02EA 3 KB
1 KB 14ms
14ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 08:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 08:23:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 02EA 18 KB
7 KB 13ms
12ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02EA 157 KB
48 KB 82ms
82ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 02EA 33 KB
14 KB 8ms
7ms Script
text/javascript 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C30 143 B
166 B 9ms
9ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:01:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/826117431250878424/ Frame 7E29 6 KB
6 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/826117431250878424/14763004658117789537?w=195&h=102

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4edf40960b9b5c85763027232498de158d1d9cfb9b95faae332fd483d4e34ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 08:29:48 GMT
x-content-type-options: nosniff
age: 453821
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 08:03:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Jan 2024 08:29:48 GMT

GET
DATA 200
OK truncated
/ Frame 7E29 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7E29 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7E29 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 163c0b21d9d12369c29025bf534a116fbc18de32b6813e635a8a4298488edcaa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E36 36 KB
16 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 08:24:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:29 GMT
expires: Mon, 16 Jan 2023 14:33:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7E29 0
18 B 51ms
49ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6yNVOGDFY-ylHLqJid4P4Imx4AGcl9vSbNrA5biMEbCQHxABIOu-ojRgifPFhPQToAG0jdiiA8gBCakCoRxMfoDLQD6oAwHIA8sEqgTkAU_Qsm3QFme0dgus4Ttr0miDfm3cGVzBTRFNzb5PdyTWiC5H42oflbqqZoRREqmHjt7SHTZdDOYQ6P11tyKg9yy5pl5BhcHiWNBbYAAuUz-QQ5hxZeq44ha7jIG4eQeiEr1PXoe7Ea3LX-KA9tjVDLZzaYBMuBWBo8oiOon9jgqwROApNqRcVit2KVQe08ZyPR37Rv9olIdUlv40K1pwR9KEYXyTZ42-5SKINHnthrjYXdKCyhYdDUN3el9JoYRBzQmCHsnHfULolMMYacOHLkD8iups_YdyzLoVcJpveCAd8AzLqcAE-teFitsCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7Typ12oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC5-wPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNjM5MDEzMjE2NjQwOTE1MBgA&sigh=PqWREc5D9FA&uach_m=[UACH]&cid=CAQSGwDq26N99Wd9Xl7hxxa6Bofi-Z-Mb9RS_PfzlBgBIBM&template_id=5000&vis=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Jan 2023 14:33:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17845398332186271728/ Frame 956A 5 KB
5 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17845398332186271728/14763004658117789537?w=195&h=102

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf91fba2c1c992eb80c0c99f1cf083a6845abe2a8bc40e9a4b78e4481df06ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 22:52:23 GMT
x-content-type-options: nosniff
age: 142866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5186
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 08:03:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jan 2024 22:52:23 GMT

GET
DATA 200
OK truncated
/ Frame 956A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 956A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 956A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4931e972046d1700f4582323e2b529daa6cb38684345a0c630517e4f37087dc8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 81BB 36 KB
16 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 08:24:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 956A 0
18 B 52ms
52ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrQ6zOGDFY-2lHLqJid4P4Imx4AGcl9vSbMrC5biMEbCQHxABIOu-ojRgifPFhPQToAG0jdiiA8gBCakCoRxMfoDLQD6oAwHIA8sEqgTkAU_QALCskIPj1jY6afYiTy8KPWuleMhL7s_iYfbobi3WG_6CDxn_W6sZDXokySbudZ_Mr0myHaonRIq_WOa5jZqCl1pNpQoKGJBCOpIErZ-dEdaSkP4fks13qTxB7k1Z1kWCcKZGXATJgZJ9VUo6g09C8WSHoKin935cfOcY0qTOBjipuTeZnKb_NSeXM4wUceb_sH3kLXVq4db3ZHzs_77SrmcB_b1aaWCQlj7j5L74L8kaVTI5Wsvk7n4WK35SMxV-GBiDxP20OxO30iynNcDkYwi_LuRNXCsrlP4URTHurrO3lMAE-teFitsCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7Typ12oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDwmwXSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNjM5MDEzMjE2NjQwOTE1MBgA&sigh=oi0LLWqpvEk&uach_m=[UACH]&cid=CAQSGwDq26N99Wd9Xl7hxxa6Bofi-Z-Mb9RS_PfzlBgBIBM&template_id=5000&vis=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Jan 2023 14:33:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8DE 2 KB
765 B 4ms
3ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608153&bpp=2&bdt=386&idt=276&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rkpGJQNK3t&p=https%3A//ittrip.xyz&dtd=281

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame C8DE 22 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8DE 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 08:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jan 2023 08:23:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8DE 18 KB
7 KB 5ms
5ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 19:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 19:01:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8DE 157 KB
48 KB 115ms
114ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H3 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame C8DE 33 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame D25A 36 KB
16 KB 5ms
5ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 08:24:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8DE 0
0 60ms
60ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgsb5OGDFY4rNHJiP8AKn_oawAZyX29Jsh7eQn5kOsJAfEAEg676iNGCJ88WE9BOgAbSN2KIDyAEBqQKhHEx-gMtAPqgDAcgDywSqBN4BT9BMXMCCLhs9nWH-PRZHxRBb8D7F8kORtBPX9Qq9ZNeKprkst8Mw9A3Xn8bgr09T5jB5BD_iqmrSQo9z7J3DAeFga6yCtiv_TCsKrXIIl66a0wZ2QUzGDTbfBa0tS2hmn9BXtJ9imB9AEFrpXSs2My0GI1pQwNGatWVJOf8MqJEslpU7Ik-2XXMW41amhAU99w-HIJFjdaFTATCqEaPoQJcdTJoFEGzU1gMmoOiVxt_W7_Cwze8TVo4oW71iT-NAGLApHCiQqBfEzuvv23LqCIG01v7A8_hjRwQUis_SwAT614WK2wKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHtPKnXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENyCGNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MzkwMTMyMTY2NDA5MTUwGAA&sigh=klIWP66heWE&uach_m=[UACH]&cid=CAQSGwDq26N9A5wnHsEepVr9YP67cn1tHsu-jHTrARgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673879608&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673879608153&bpp=2&bdt=386&idt=276&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5645444064480&frm=20&pv=1&ga_vid=1436539680.1673879608&ga_sid=1673879608&ga_hid=901086928&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44774292%2C31071010&oid=2&pvsid=2783537597908194&tmod=1715169464&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rkpGJQNK3t&p=https%3A//ittrip.xyz&dtd=281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Jan 2023 14:33:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 204 AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 59ms
59ms XHR
text/html 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aDfos5BYfgi8ZNiPp7kKrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-aDfos5BYfgi8ZNiPp7kKrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4924523349661295917
tpc.googlesyndication.com/daca_images/simgad/ Frame C8DE 31 KB
31 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4924523349661295917?w=360&h=720

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9da26473b202b51c47fc9cbfa5db32f0f503aaef865a336717d2bcc8892e301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 07:09:33 GMT
x-content-type-options: nosniff
age: 458636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31288
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 16:58:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Jan 2023 07:09:33 GMT

GET
DATA 200
OK truncated
/ Frame C8DE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e882833c27cfd4d7e90330e8336e29f5ec3115e3e4b8f28ac19c76e74073c27

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 admin-ajax.php Show response
ittrip.xyz/wp-admin/ 0
401 B 187ms
187ms XHR
text/html 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-admin/admin-ajax.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://ittrip.xyz/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 admin-ajax.php Show response
ittrip.xyz/wp-admin/ 1 B
361 B 395ms
395ms XHR
text/html 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-admin/admin-ajax.php?action=thk_sns_real&sns=f&url=https%3A%2F%2Fittrip.xyz%2F&_=1673879607920

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

bb7208bc9b5d7c04f1236a82a0093a5e33f40423d5ba8d4266f7092c3ba43b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://ittrip.xyz/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 60ms
60ms XHR
application/json 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c37c57a79c613da646ba17723433a6d03ab69679661589c5f162844b73111c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11105
x-xss-protection: 0

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame AB26 36 KB
16 KB 19ms
18ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 08:24:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 14:33:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0AAA 13 KB
5 KB 3ms
3ms Document
text/html 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 281365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 08:24:04 GMT
expires: Sat, 13 Jan 2024 08:24:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B3B 783 B
533 B 44ms
44ms Document
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da7ada15d2965cb6584651b6c9095bb0b2a052a2212655a9b18ec2192fca2678

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yIIVf_SPVICQuaddffCBTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-yIIVf_SPVICQuaddffCBTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 14:33:29 GMT
expires: Mon, 16 Jan 2023 14:33:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AAA 36 KB
16 KB 3ms
3ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 08:24:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B3B 0
0 40ms
39ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=2783537597908194&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 banner.gif Show response
fundingchoicesmessages.google.com/f/AGSKWxWT7pERGCGNIiFs_RhLAV5VGKLUwK_jxtnV10zZnGXm3Ma6POvoVmu39j31yk7fHnGqyY3OUVSjTml8aCfAxgs2MpzvVgLEiVyw2YwuWhpfG9xpt7HB7wJLt24SonX9Gggpw2eHI_53PvHEsFm4OlA5yzUlL... 54 B
109 B 52ms
52ms Script
application/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWT7pERGCGNIiFs_RhLAV5VGKLUwK_jxtnV10zZnGXm3Ma6POvoVmu39j31yk7fHnGqyY3OUVSjTml8aCfAxgs2MpzvVgLEiVyw2YwuWhpfG9xpt7HB7wJLt24SonX9Gggpw2eHI_53PvHEsFm4OlA5yzUlLPSxLzEOkW-GrNPU2B9LiJo26Dnr2T67/_/ad-offer1./ad-refresh.-adcompanion./banner.gif?_ad_image_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GGZWQ0iGom8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwFX8h5dRTuV51z-NxdkobNb714Cg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ff08f12be4e57a01313c8e65bfcc8a7a1dccb07f6348f8c00c3b4b6e16ed958

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--LItnKqdz22Syxco5IVSaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-security-policy: script-src 'report-sample' 'nonce--LItnKqdz22Syxco5IVSaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 56ms
55ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GGZWQ0iGom8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwFX8h5dRTuV51z-NxdkobNb714Cg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a2b35b8dbefcba2b0b84185f7c5597c61c1f14c423c84512a6b9b880c3b510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49560
x-xss-protection: 0
server: cafe
etag: 11046125634518442819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Jan 2023 14:33:30 GMT

POST
H3 204 AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
49ms XHR
text/html 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hBak30xxa2nKJXj4jS7B_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hBak30xxa2nKJXj4jS7B_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
56ms XHR
text/html 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PCXUskIrz0_oR7OhHy9NGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PCXUskIrz0_oR7OhHy9NGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
52ms XHR
text/html 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L_O1ES3G44723u4yXSyDBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L_O1ES3G44723u4yXSyDBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 51ms
51ms XHR
text/html 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVax94x5hI4Q62ha_d6u-SwyJz_JVS30sPEt9VmZeqtL0Wyh_yW3nW1zxBi7cLCGLI_r_4cvS44089D1Bx7idRVeD400D8bpjyqsUjKSY2X3t7aSC4XVP1jmyREeHHhNX9Q-lyrig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K9ahLWDnmjnCJmF5qHRb1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K9ahLWDnmjnCJmF5qHRb1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW08adTEn0J_BNBeNb0HX0i8px2pbE538lDzRS70iEyl4UT2TNecvqKV7eqwyhPNj6CNTP1ptcqnYSyochCLZF94faqh_gE0fxyJe3-VK95YFfVhpfASlntBKYq7ep3sl5WC9FLCA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 136ms
136ms Script
application/javascript 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW08adTEn0J_BNBeNb0HX0i8px2pbE538lDzRS70iEyl4UT2TNecvqKV7eqwyhPNj6CNTP1ptcqnYSyochCLZF94faqh_gE0fxyJe3-VK95YFfVhpfASlntBKYq7ep3sl5WC9FLCA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczODc5NjEwLDM1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vaXR0cmlwLnh5ei8iLG51bGwsW1s4LCJHR1pXUTBpR29tOCJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b19e28469fc251646959ef83d92d9e8f8e2c6907b42cf61a4a1d8928e34bcaa

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sOGUoJovR1KrEopreDTm_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sOGUoJovR1KrEopreDTm_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E29 42 B
64 B 43ms
42ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssz62yDQT76xdST4p7hSx1SEr-SMj34jkh8p46A-FnTDBbnOd_JWPr5SsUrUYMiPcSQdGQqHFlzsJA_S02b_PNWb0KyKvpF65zmWyPqfBX91i7kUpXnwGdl6ecmP58rDUNEI7A&sai=AMfl-YTILXYIyHKipZqN1Raj2hdNY7cQaQzY5sKJZBBqBTIMyGSYBwVtzXuCiISW16b27DLT6ysCuuUWpKAbVeU&sig=Cg0ArKJSzALVdU5yf8o2EAE&cid=CAQSGwDq26N99Wd9Xl7hxxa6Bofi-Z-Mb9RS_PfzlBgBIBM&id=lidar2&mcvt=1004&p=0,0,500,180&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673879609285&rpt=147&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=2783537597908194&bg=!39yl3JjNAAYDMoyoIzI7ACkAdvg8Wge_QrqwObPRE7JmbMcrn1YR03lj_IVJQx-knxMzuHI0xtEm8gIAAAA9UgAAAAhoAQeZApOxbaSk6f5DMNtt6x2Pbt4KrJJlyxT_fUA2RTqjfWrgkrYw3PDFDrLQ1ei1Wk1f4m0QhQo594zv0raX1xm8QOpu-bLy-gjZttmBfZrg_aOTbad34aHpoHvOy4yfbn0ef-ErIoyzel5y3dZSGVdNz3gwxWYFjvlloz3aXw_7FJK9vqqTWWwaE1qZ5ZTqPg9VpudG04fAZPwyHGzqV283Tfrob0INWXRw0Fpo-2lHWZ3FOeEWM3pIiT8KZ46Dh8TkrdE17HADXcHwmk5UH9KFCs928hko3RlQlSWNB2DZAILcQ9ryPD8Xpuwwsh4ztt1UMea9c-9kHhu6HWhhV1_Yc2LUEPiuM5Kh3VW9-MEfSYHZ_Pn5cN5Jwnm1LG1IUFcZsSj4tamzUZfQPJoQ13OsHGmRHL1VSvv1ndF0NL3ILg1xqghvXoP6vWp_pQ3-TaNyj8bjx-f7WGVLbChXUfEmuZAbg_q-8XqPJHK9JkryzASemr5TFHIhyDmrNv9GkjvQMNstKUgtPsnke8XsTKGHaOSEbif2onPqPNHdDwMcsQkV5Xt9inIlfJ0mxmBpS54C-XKYycB8-UGkgX_oGNAznll53TyS-O2m3FUH3TmU9X9I3yVtSFzFx_d-BfLdEamg2AHAZGDGe5mPvom-IP7AInxaBNznehbSyqJRM59efkmX_lvhKR6AuVtfO5ldq45jCjU68DfS0R3X__BH6CMi8CFqDBAUuJ9FureghCqo8CtAh5b702vLfhEgtXavMgsASJ7OsAuTf8P3h_teqdOxJLaDgHiIapiU2w4vlAZcs4610GjVnK6hOCArojRY4Qs1YZcaaqPdmYI6SIp9zhNKICcwqOEPFhQQnWaAA8nhOZLv6LxEMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H3 204 AGSKWxVR_1HcN4a2vEn8XQpTxSFkOy3at8fXj6E46Zc1pdYkGSit2imEJLkFp9l865AHRYZwKGG_eD6xGnTM29H0ZyAQ0PraDw6JL4-EuhmYyw437C07vZNekbUzNoj4iO7tRb2X-5YmOQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVR_1HcN4a2vEn8XQpTxSFkOy3at8fXj6E46Zc1pdYkGSit2imEJLkFp9l865AHRYZwKGG_eD6xGnTM29H0ZyAQ0PraDw6JL4-EuhmYyw437C07vZNekbUzNoj4iO7tRb2X-5YmOQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tvadrAbScHT6oiKm6TDqcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 14:33:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-tvadrAbScHT6oiKm6TDqcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 956A 42 B
64 B 40ms
40ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEk7rmjic66IHTqLW40Kill7Zpgaq8d8tXqbRa_Zadeg2JrihHMxFCFOJtAfwi5HGaaPFX5RxWI5nx38qcco92W4mF2LrR8bSW_V02GiMneHR052fIm98jMx7b8-UxXWVvaLM&sai=AMfl-YS4RxaRffqppB3Hn2HfGIkzx4k3uNdGuU_gAVtC0zgehMtLH_zkWtILIyRE0n194vkE8X4n71Dr3awrUgA&sig=Cg0ArKJSzHTkGSrh3hSIEAE&cid=CAQSGwDq26N99Wd9Xl7hxxa6Bofi-Z-Mb9RS_PfzlBgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673879609288&rpt=256&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8DE 42 B
64 B 46ms
46ms Fetch
image/gif 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlu1SlQjfaob-9ltYIh41SFsHE_rei-VfiWUG1wnW7nhYGMnYbjpVuTtJmj3f_Nat72EBoE7fR4FSu1agtCXLvUSz_MDIVbIgcRowosMg3pF3npYxbkgqcAGKCrZ9xmF-6Uwc&sai=AMfl-YQeC3dCA6lPYdvfx6-J-33F2pYR9m-x0GI2TdSMvvtiFU34D7dNSdW74IqeW3EN2IJcS3tARdYfoCUODOI&sig=Cg0ArKJSzMYWyEbUCoUEEAE&cid=CAQSGwDq26N9A5wnHsEepVr9YP67cn1tHsu-jHTrARgBIBM&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3840913425&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673879608435&rpt=1299&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 14:33:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ittrip.xyz/	1970-01-20 18:33:59	Name: _ga_2QK7EHKEJP Value: GS1.1.1673879608.1.0.1673879608.0.0.0
.valuecommerce.com/	1970-01-20 18:33:59	Name: VCB Value: Y8VgOAADbKvZivy4CoIAigqCAoZmpA&c=3860c563&v=2&s=2171ca26
.ittrip.xyz/	1970-01-20 08:59:26	Name: _gid Value: GA1.2.1104046150.1673879608
.ittrip.xyz/	1970-01-20 08:57:59	Name: _gat_gtag_UA_84676516_1 Value: 1
.ittrip.xyz/	1970-01-20 18:33:59	Name: _VC_PTB_ Value: Y8VgOAADbKvZivy4CoIAigqCAoZmpA
.ittrip.xyz/	1970-01-20 18:33:59	Name: _ga_5FR5GCF53M Value: GS1.1.1673879608.1.0.1673879608.0.0.0
.ittrip.xyz/	1970-01-20 18:33:59	Name: _ga Value: GA1.1.1436539680.1673879608
.ittrip.xyz/	1970-01-20 18:19:35	Name: __gads Value: ID=50c63eddc86860f3-22a189c250d90018:T=1673879608:RT=1673879608:S=ALNI_Mam3P6pdKe8oh4P7hvUdIMMnPDWBw
.ittrip.xyz/	1970-01-20 18:19:35	Name: __gpi Value: UID=00000ba5e88da37a:T=1673879608:RT=1673879608:S=ALNI_Mbyyx3lDcypeqV8snyn03oHHeiiaA
.doubleclick.net/	1970-01-20 18:33:59	Name: IDE Value: AHWqTUnu76fY_Adzo4XlrXLor_tXHfiE2WDSjGuH-XqMqaXQmeNDBAwp-QhGRTXJoR8
.doubleclick.net/	1970-01-20 08:58:03	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 08:58:00	Name: test_cookie Value: CheckForPermission
.ittrip.xyz/	1970-01-20 17:43:35	Name: FCNEC Value: %5B%5B%22AKsRol8l4hTlvWdOSNw80QPPknL-JYa-ikZJ1-muHZ_TonbSsWUA27gedCX3RFlsqhx8Y9IHgyl-VBg6cEQYM4uk6qWnD3_xwtsyJjj96qsyrdvr4baXZQRYa6qXrTvUlvHudXuGx4CGGc1r52sceBfqTkOKGyHJPw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-6390132166409150&fa=4&ifi=6&uci=a!6&btvi=3&xpc=hqIgeNgX8V&p=https%3A//ittrip.xyz Message: The resource https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%8B%E3%81%84%E3%83%81%E6%B8%AC%E3%83%93%E8%A6%8B%E5%88%86%E4%BE%A1%E3%81%82%E3%82%BA%E3%81%99%E3%81%90%E5%A0%B4%E5%80%A4%E8%BB%A2%E8%81%B7%E3%80%81%E3%81%BF%E3%81%9B%E3%81%AF%E3%81%A6%E3%82%93%E3%81%8C%E3%81%AA%E3%81%9F%E3%81%A8%E3%81%A3%E3%81%BE%E3%80%82%E3%83%AA%E5%B8%82%E4%BB%8A%E3%81%AE%E3%83%BC%E8%80%83%E3%81%88%E3%82%8B%E3%82%82%E3%82%92%E3%81%8F was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271803&client=ca-pub-6390132166409150&fa=3&ifi=7&uci=a!7&btvi=4&xpc=CVN7kmEG8G&p=https%3A//ittrip.xyz Message: The resource https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E8%A6%8B%E3%82%8B%E3%82%82%E3%82%92%E3%81%8C%E8%80%83%E3%83%AA%E5%B8%82%E3%83%BC%E3%81%AE%E4%BB%8A%E3%80%82%E3%81%88%E3%81%BE%E3%81%A3%E3%81%AA%E3%81%8F%E3%81%9F%E3%81%A8%E3%81%84%E5%A0%B4%E3%81%8B%E8%BB%A2%E8%81%B7%E3%81%AF%E3%81%A6%E3%81%82%E5%88%86%E3%81%9B%E4%BE%A1%E3%81%BF%E3%82%93%E3%80%81%E5%80%A4%E3%82%BA%E6%B8%AC%E3%81%99%E3%81%90%E3%83%81%E3%83%93 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
aml.valuecommerce.com
clients1.google.com
cse.google.com
dalb.valuecommerce.com
dalc.valuecommerce.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ittrip.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
webfonts.xserver.jp
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
183.181.91.49
202.226.37.225
2404:6800:4004:801::200e
2404:6800:4004:811::2003
2404:6800:4004:813::2001
2404:6800:4004:81c::2002
2404:6800:4004:81f::200e
2404:6800:4004:820::2002
2404:6800:4004:820::200e
2404:6800:4004:821::2003
2404:6800:4004:821::2004
2404:6800:4004:822::2002
2404:6800:4004:822::200a
2404:6800:4004:823::2002
2404:6800:4004:825::2008
2404:6800:4004:825::200e
2404:6800:4004:826::2003
2404:6800:4004:826::200a
2404:6800:4008:c00::9a
2600:9000:2066:8800:18:82c:9d80:93a1
3.112.136.148
52.192.34.55
54.248.4.152
00aa86f8a358d8030feae94072764e63fed24e9c635295b19544b55058d0c6e0
018935fbe73d992aa16ed195fa4f42c09175be1b7f5ab95f1ba5d07d5b5b8492
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
0696f5a7d09783520668141466f5d57ad4e652f3a10ba162f08a6e4db5e8fd96
0dc4f2b15af34083968988be17dde74dbebf040cf402fbd1fe8015fc0c88f0c1
0ff08f12be4e57a01313c8e65bfcc8a7a1dccb07f6348f8c00c3b4b6e16ed958
163c0b21d9d12369c29025bf534a116fbc18de32b6813e635a8a4298488edcaa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1c37c57a79c613da646ba17723433a6d03ab69679661589c5f162844b73111c3
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
260e76d5b79dd6b200ad14c75150358886f5a2c450f6049ed6197a3f21506ef6
27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2f47d9da5a9f80719f6f1daad78f48bab918f461ae53822c5d480e7a9fa6d146
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32543dfff18ea53ee0b633f65be112e6b2829d80ba07a3e65125571a4a9e6338
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3360f87eaaff6ebfd5a9ca37ba9e3d4e37a2cf96786d07e81abc11430a40fd49
337b2a86023f1f22ef797e81de97481599712efd6548bea070b3995941019ab3
3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f
3ea81da5568da2bb3437caa8d7e3b2b91a50fe1a8820e959ec138a381f5a7d28
41da9a84173671859c0cc5f00f34df7d5d433a43a34e77fdc58fbd7d64ed83a6
447d273f67258f79f686f22bccaec37844fc8bd4187fd136e3b589c978b8281d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46da1f0ed566f49e3a3e2f5b55d17727706f60eed9a60d852ece65a77dc461d7
472470f416b63db9929e1b5cdff71772443d870ab204321dcfc4790953c94582
4931e972046d1700f4582323e2b529daa6cb38684345a0c630517e4f37087dc8
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b19e28469fc251646959ef83d92d9e8f8e2c6907b42cf61a4a1d8928e34bcaa
4ca3f2357b08549750c338da5ee136ca1200b9969af641ac17a415337efb09e5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4edf40960b9b5c85763027232498de158d1d9cfb9b95faae332fd483d4e34ce1
539523451451a0c7c76310e94626e9b88240cf0e92fb0d900a6b846dce9c386f
545181234a0fcdfe88d1d9527d6527811febd298b543d3f6754450eecf68b624
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5752370740c01b30f685db51ecf277915958e273735f7a604bb3046b55659e3b
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6411013f7f9ef06c6c81a8090729213124f35e64a68cb2a6b35338fa3851e9e6
65386d65920bdcabf4774445600cd1db6a3aa43913db5b70ebc210a7d01c195b
6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180
69e3696168c1f8450ca1adc4b18437bfec8cc351b02dc20ab1fa8ff2322b8d8b
6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b
6daf4461613df2f9406e1bace245c2b81f603fba605768796c6047190cfe1796
72a95352a0c759630fe31efd38d36030dfde626d1bf612afb53b346753d7c35c
75fed3df6aab64d328d313e36ee55e9fe2d8a31db17875cc00e42f1b9b9a6d19
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83ae28a881baed21b21860e3477ff5976b9c67877fc25ed75ee4a5cdba4e7c45
8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67
8dbafce0ccd9f3124f56b6a13b32ee1458fbd248ce2caf3532ee9f8ec2ea5082
94c574f5d570603a615dc88f2e191d5fcfa4922d11c2ffb963c6b13db109c363
98674d82c94b04376866d454420ebc18094cffaf46218407e71f3ae95cfd7e52
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e882833c27cfd4d7e90330e8336e29f5ec3115e3e4b8f28ac19c76e74073c27
a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1
a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aeeb33ee092b50fa25ed0b1a5d78d38d41ca519f8e16c21e855e4dd844fad1ee
b0347753b762d829719cc9c53732318c23a86b656d79c03ef1e3cca7e8ab1a94
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
bb7208bc9b5d7c04f1236a82a0093a5e33f40423d5ba8d4266f7092c3ba43b62
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf91fba2c1c992eb80c0c99f1cf083a6845abe2a8bc40e9a4b78e4481df06ef4
c08dd4b712785938beb9dcbfd614428bc393cb228a00f3b7057cba087cc14853
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
cbcdf3091ca81b8157de3b33f17e6a1c24cfac9f0f9af0e81e0582b168f5e366
cc9adc7bd2c6f2de18dd390b16d3c8cda68bc05e4a7116206d37335b40b922dd
cde6f75a83d1693b22339bff6cba1744f548d1452604fe89576d92ca5fc37758
cef437363795a04cab6c876b6a5f6ba8d748a92b6fd1a3bb11042023451941d5
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7a2b35b8dbefcba2b0b84185f7c5597c61c1f14c423c84512a6b9b880c3b510
d897297c368be887e8e4c7edda405a1fb20136c2f71550764aac9e4bb2f026ec
d99fd7405a7959e9c2bbd09d0f5f2916193df586ac248036bc01f416a118bc64
da7ada15d2965cb6584651b6c9095bb0b2a052a2212655a9b18ec2192fca2678
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d5868da7d68d849fdded1a0189b5cc200438869a6846d741bd984a21f3ec02
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e9da26473b202b51c47fc9cbfa5db32f0f503aaef865a336717d2bcc8892e301
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50d531fcdb5bdb432e4f63c9b6af1ec8f7e17151825f66ee4c0913ccb775555
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
f9bbd92a65460f843a7097aff5ee50e97dcdff6ffdae99fca5cb90d14182a1bd
fa45e3c6277d6a0b33fe75cbb386a2484c4306bd22871ab60a2699b88d0d2f4e
fc1f31407fd6e5cc03dcb3481df3dbf1f3996590799360e590fb71d765888309
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff6a93a5a3089063109be2adef61c23dbd0671983ccb642d0946d8078d82e2f6

ittrip.xyz Open in urlscan Pro 183.181.91.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

100 %HTTPS

78 %IPv6

14 Domains

25 Subdomains

24 IPs

4 Countries

2042 kBTransfer

5322 kBSize

13 Cookies

8 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ittrip.xyz Open in urlscan Pro
183.181.91.49 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

100 %
HTTPS

78 %
IPv6

14
Domains

25
Subdomains

24
IPs

4
Countries

2042 kB
Transfer

5322 kB
Size

13
Cookies

159 HTTP transactions
9 data transactions