urlscan.io logo urlscan.io
SecurityTrails logo

natalie.mu Open in urlscan Pro
52.198.81.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://natalie.mu/
Effective URL: https://natalie.mu/
Submission: On December 12 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 158 IPs in 14 countries across 134 domains to perform 749 HTTP transactions. The main IP is 52.198.81.56, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is natalie.mu.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 13th 2023. Valid for: a year.
This is the only time natalie.mu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.198.126.9 16509 (AMAZON-02)
5 52.198.81.56 16509 (AMAZON-02)
1 13.249.160.61 16509 (AMAZON-02)
14 2404:6800:400... 15169 (GOOGLE)
43 2600:140b:1c0... 20940 (AKAMAI-ASN1)
2 2404:6800:400... 15169 (GOOGLE)
3 18.65.221.214 16509 (AMAZON-02)
20 2404:6800:400... 15169 (GOOGLE)
2 18.172.52.109 16509 (AMAZON-02)
3 2a04:4e42:600... 54113 (FASTLY)
1 65.9.42.6 16509 (AMAZON-02)
4 18.172.51.32 16509 (AMAZON-02)
5 23.193.119.42 20940 (AKAMAI-ASN1)
10 34.160.89.38 396982 (GOOGLE-CL...)
7 13.32.50.70 16509 (AMAZON-02)
2 2620:1ec:46::46 8075 (MICROSOFT...)
1 203.114.55.135 2519 (VECTANT A...)
106 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 18.179.188.160 16509 (AMAZON-02)
10 74.118.186.106 6336 (TURN-US-ASN)
5 54.199.91.241 16509 (AMAZON-02)
3 23.106.127.49 59253 (LEASEWEB-...)
1 23.40.149.101 16625 (AKAMAI-AS)
1 207.65.34.76 62713 (AS-PUBMATIC)
1 2406:2600:4::12 55569 (CRITEO-AS...)
4 13 172.64.151.101 13335 (CLOUDFLAR...)
5 18.172.31.69 16509 (AMAZON-02)
3 211.120.53.201 4694 (IDCF IDC ...)
1 13.251.173.5 16509 (AMAZON-02)
17 29 103.43.90.19 29990 (ASN-APPNEX)
1 3 35.227.252.103 396982 (GOOGLE-CL...)
3 6 34.102.149.137 396982 (GOOGLE-CL...)
4 34.120.63.153 396982 (GOOGLE-CL...)
5 103.253.24.65 6939 (HURRICANE)
1 6 13.112.217.108 16509 (AMAZON-02)
4 103.132.192.30 138552 (RTBHOUSE-...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
5 202.233.84.2 131957 (MICROAD M...)
2 2602:803:c006... 26667 (RUBICONPR...)
5 11 35.213.109.249 15169 (GOOGLE)
6 30 209.191.163.209 32475 (SINGLEHOP...)
3 2404:6800:400... 15169 (GOOGLE)
4 35.166.98.197 16509 (AMAZON-02)
1 122.220.195.253 17506 (UCOM ARTE...)
12 35.244.159.8 396982 (GOOGLE-CL...)
2 6 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
1 2600:9000:26a... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:21e... 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2406:2600:4::1 55569 (CRITEO-AS...)
1 34.96.70.87 396982 (GOOGLE-CL...)
7 13.35.49.117 16509 (AMAZON-02)
2 19 52.46.130.91 16509 (AMAZON-02)
1 13.227.62.39 16509 (AMAZON-02)
1 20.10.16.51 8075 (MICROSOFT...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 14 54.179.210.192 16509 (AMAZON-02)
2 4 23.106.127.53 59253 (LEASEWEB-...)
1 3 64.120.110.136 59253 (LEASEWEB-...)
16 18 74.118.186.107 6336 (TURN-US-ASN)
5 5 2001:df2:a300... 6336 (TURN-US-ASN)
13 34.149.40.38 15169 (GOOGLE)
1 35.190.39.111 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
3 13 23.106.127.170 59253 (LEASEWEB-...)
2 46.137.237.145 16509 (AMAZON-02)
1 2 195.244.31.11 63140 (IGUANA-WO...)
8 8 185.84.60.20 198622 (ADFORM)
3 4 151.101.130.49 54113 (FASTLY)
2 198.206.157.241 399668 (E-PLANNING-)
1 64.120.110.138 59253 (LEASEWEB-...)
17 19 35.213.12.39 15169 (GOOGLE)
22 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
3 3 23.208.233.60 16625 (AKAMAI-AS)
10 23.40.149.60 16625 (AKAMAI-AS)
4 2001:4860:480... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 142.250.157.154 15169 (GOOGLE)
10 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
8 16 162.19.138.117 16276 (OVH)
16 16 15.197.193.217 16509 (AMAZON-02)
1 4 23.219.68.21 16625 (AKAMAI-AS)
5 5 64.202.112.191 22075 (AS-OUTBRAIN)
5 5 124.146.153.162 2514 (INFOSPHER...)
10 23.45.56.240 20940 (AKAMAI-ASN1)
14 13.112.54.241 16509 (AMAZON-02)
4 4 54.157.109.0 14618 (AMAZON-AES)
5 6 2406:da18:929... 16509 (AMAZON-02)
2 2 54.162.155.223 14618 (AMAZON-AES)
2 169.197.150.8 398989 (DEEPINTENT)
2 2 74.214.196.131 19189 (PULSEPOINT)
19 35 142.250.196.98 15169 (GOOGLE)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
3 3 35.169.223.36 14618 (AMAZON-AES)
2 2 3.163.125.14 16509 (AMAZON-02)
3 3 198.8.71.130 54312 (ROCKETFUEL)
3 4 35.244.154.8 15169 (GOOGLE)
3 3 2620:116:800e... 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2 35.79.210.119 16509 (AMAZON-02)
5 207.65.34.81 62713 (AS-PUBMATIC)
1 1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
7 2404:6800:400... 15169 (GOOGLE)
2 51.79.154.29 16276 (OVH)
3 4 99.84.133.64 16509 (AMAZON-02)
21 207.65.34.80 62713 (AS-PUBMATIC)
2 2 52.197.36.57 16509 (AMAZON-02)
5 7 34.111.113.62 396982 (GOOGLE-CL...)
1 2 119.9.108.191 45187 (RACKSPACE...)
4 5 34.126.167.117 396982 (GOOGLE-CL...)
8 13 8.39.36.142 26667 (RUBICONPR...)
4 182.22.31.252 23816 (YAHOO Yah...)
1 23.40.192.176 16625 (AKAMAI-AS)
2 151.101.1.108 54113 (FASTLY)
1 104.17.215.204 13335 (CLOUDFLAR...)
1 54.168.29.35 16509 (AMAZON-02)
1 1 69.173.158.64 26667 (RUBICONPR...)
2 2 69.173.151.100 26667 (RUBICONPR...)
24 38 8.39.36.141 26667 (RUBICONPR...)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 54.239.33.159 16509 (AMAZON-02)
3 4 13.115.153.230 16509 (AMAZON-02)
5 5 18.143.106.89 16509 (AMAZON-02)
2 23.192.45.97 20940 (AKAMAI-ASN1)
1 131.153.206.100 59210 (PHOENIXNA...)
1 1 2600:9000:221... 16509 (AMAZON-02)
1 2 18.65.185.129 16509 (AMAZON-02)
1 1 202.233.84.8 131957 (MICROAD M...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
6 6 182.161.74.16 55569 (CRITEO-AS...)
2 2 64.38.119.44 19151 (BBO-1)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 54.183.183.27 16509 (AMAZON-02)
1 52.38.45.160 16509 (AMAZON-02)
1 1 67.202.105.21 32748 (STEADFAST)
1 34.117.239.71 396982 (GOOGLE-CL...)
1 34.215.54.7 16509 (AMAZON-02)
1 38.133.127.31 22075 (AS-OUTBRAIN)
3 98.98.134.242 21859 (ZEN-ECN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 52.74.118.249 16509 (AMAZON-02)
6 6 2a02:fa8:c411... 399104 (CNVR-APAC)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
1 13.250.150.236 16509 (AMAZON-02)
1 99.84.133.72 16509 (AMAZON-02)
1 96.46.186.182 7979 (SERVERS-COM)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 151.101.2.133 54113 (FASTLY)
2 142.250.196.130 15169 (GOOGLE)
3 23.32.225.214 16625 (AKAMAI-AS)
1 18.136.139.8 16509 (AMAZON-02)
1 13.249.160.37 16509 (AMAZON-02)
2 2 35.213.93.179 15169 (GOOGLE)
4 5 54.246.67.235 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 20.242.10.199 8075 (MICROSOFT...)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
2 2 35.214.250.125 15169 (GOOGLE)
2 2 18.176.247.126 16509 (AMAZON-02)
1 23.36.17.70 16625 (AKAMAI-AS)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 139.99.123.150 16276 (OVH)
4 20 52.223.2.229 16509 (AMAZON-02)
5 207.65.34.74 62713 (AS-PUBMATIC)
1 3 2406:2600:4::b 55569 (CRITEO-AS...)
2 182.161.74.11 55569 (CRITEO-AS...)
1 2600:1901:0:6... 15169 (GOOGLE)
1 107.178.248.96 15169 (GOOGLE)
1 172.64.149.180 13335 (CLOUDFLAR...)
11 23.195.84.29 20940 (AKAMAI-ASN1)
1 6 138.201.8.249 24940 (HETZNER-AS)
1 1 80.77.87.163 46636 (NATCOWEB)
1 1 13.114.175.238 16509 (AMAZON-02)
1 220.150.223.50 4686 (BEKKOAME ...)
1 151.101.193.19 54113 (FASTLY)
1 34.149.101.235 15169 (GOOGLE)
1 2600:140b:1a0... 20940 (AKAMAI-ASN1)
5 34.120.63.33 396982 (GOOGLE-CL...)
1 2404:6800:400... 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
1 1 8.2.110.134 46636 (NATCOWEB)
2 2 82.145.213.8 39832 (NO-OPERA)
1 1 213.19.162.90 26667 (RUBICONPR...)
2 2 18.178.8.168 16509 (AMAZON-02)
4 4 3.121.129.13 16509 (AMAZON-02)
1 1 54.183.254.196 16509 (AMAZON-02)
1 1 72.34.250.75 27630 (AS-XFERNET)
4 4 13.251.160.207 16509 (AMAZON-02)
1 2600:1901:0:e... 15169 (GOOGLE)
1 54.168.163.54 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 172.105.235.90 63949 (AKAMAI-LI...)
1 2600:1901:0:80:: 15169 (GOOGLE)
1 1 23.106.127.56 59253 (LEASEWEB-...)
749 158
1    52.198.126.9 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-126-9.ap-northeast-1.compute.amazonaws.com
natalie.mu
5    52.198.81.56 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-81-56.ap-northeast-1.compute.amazonaws.com
natalie.mu
1    13.249.160.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-160-61.nrt12.r.cloudfront.net
flux-cdn.com
14    2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
43    2600:140b:1c00:1d::17d5:b8b6 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
ogre.natalie.mu
2    2404:6800:4004:822::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    18.65.221.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-221-214.nrt57.r.cloudfront.net
c.amazon-adsystem.com
20    2404:6800:4004:827::200e (Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
www.google-analytics.com
2    18.172.52.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-109.nrt20.r.cloudfront.net
yield-manager.browsiprod.com
3    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    65.9.42.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-6.nrt12.r.cloudfront.net
config.aps.amazon-adsystem.com
4    18.172.51.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-51-32.nrt20.r.cloudfront.net
aax.amazon-adsystem.com
5    23.193.119.42 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-193-119-42.deploy.static.akamaitechnologies.com
gigaplus.makeshop.jp
10    34.160.89.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.89.160.34.bc.googleusercontent.com
a.flux.jp
7    13.32.50.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-70.nrt57.r.cloudfront.net
cdn.browsiprod.com
2    2620:1ec:46::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    203.114.55.135 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: 203x114x55x135.ap203.ftth.arteria-hikari.net
cs.nakanohito.jp
106    2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    18.179.188.160 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-188-160.ap-northeast-1.compute.amazonaws.com
hb.adingo.jp
10    74.118.186.106 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
targeting.unrulymedia.com
5    54.199.91.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-91-241.ap-northeast-1.compute.amazonaws.com
pb.ladsp.com
3    23.106.127.49 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
prg-apac.smartadserver.com
1    23.40.149.101 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-149-101.deploy.static.akamaitechnologies.com
a.teads.tv
1    207.65.34.76 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
13    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    18.172.31.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-31-69.nrt20.r.cloudfront.net
ad.as.amanad.adtdp.com
3    211.120.53.201 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
d.socdm.com
1    13.251.173.5 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-173-5.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
29    103.43.90.19 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
sin3-ib.adnxs.com
3    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
6    34.102.149.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.149.102.34.bc.googleusercontent.com
api.relaido.jp
4    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    103.253.24.65 (Singapore)

ASN6939 (HURRICANE, US)
shb.richaudience.com
6    13.112.217.108 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-217-108.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    202.233.84.2 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-rtb-pb.send.microad.jp
2    2602:803:c006:158::65 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
11    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
30    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
3    2404:6800:4008:c07::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    35.166.98.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-98-197.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    122.220.195.253 (Jingumae, Japan)

ASN17506 (UCOM ARTERIA Networks Corporation, JP)
PTR: 122x220x195x253.ap122.ftth.ucom.ne.jp
bs.nakanohito.jp
12    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
google-bidout-d.openx.net
us-u.openx.net
natasha-d.openx.net
jp-u.openx.net
6    2404:6800:4004:823::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
3    2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
1    2600:9000:26a6:7400:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:21ee:c00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
7    13.35.49.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-117.nrt20.r.cloudfront.net
tags.crwdcntrl.net
19    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.227.62.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-62-39.nrt20.r.cloudfront.net
demand-engine.browsiprod.com
1    20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
z.clarity.ms
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
14    54.179.210.192 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
4    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
3    64.120.110.136 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
18    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
5    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
13    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
3    2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
13    23.106.127.170 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
2    46.137.237.145 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
8    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    198.206.157.241 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    64.120.110.138 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net
u-sin01.e-planning.net
19    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
22    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2404:6800:4004:813::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    23.208.233.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-233-60.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.40.149.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-149-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2404:6800:4004:80f::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.157.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ta-in-f154.1e100.net
bid.g.doubleclick.net
10    2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
16    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
id5-sync.com
16    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
4    23.219.68.21 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-68-21.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
5    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
5    124.146.153.162 (Kakegawa, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
10    23.45.56.240 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-56-240.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
4    54.157.109.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-109-0.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    2406:da18:929:5a01:db97:beed:e1eb:844d (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    54.162.155.223 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-155-223.compute-1.amazonaws.com
sync.ipredictive.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
35    142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net
cm.g.doubleclick.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    35.169.223.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-223-36.compute-1.amazonaws.com
i.liadm.com
2    3.163.125.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-163-125-14.lax54.r.cloudfront.net
live.rezync.com
3    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
3    2620:116:800e:21:46d:7e81:55ff:4c12 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    35.79.210.119 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-210-119.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
5    207.65.34.81 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2404:6800:4004:2a::8 (Australia)

ASN15169 (GOOGLE, US)
r3---sn-oguelnzl.c.2mdn.net
7    2404:6800:4004:80f::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    51.79.154.29 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip29.ip-51-79-154.net
onetag-sys.com
4    99.84.133.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-64.nrt57.r.cloudfront.net
cr-p10.ladsp.com
cr-p31.ladsp.com
cr-p3.ladsp.com
21    207.65.34.80 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    52.197.36.57 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-36-57.ap-northeast-1.compute.amazonaws.com
api.primecaster.net
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
5    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
13    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    182.22.31.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
s.yimg.jp
cksync.yahoo.co.jp
im.c.yimg.jp
1    23.40.192.176 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-176.deploy.static.akamaitechnologies.com
cdn.adnxs.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.17.215.204 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    54.168.29.35 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-29-35.ap-northeast-1.compute.amazonaws.com
pp.d2-apps.net
1    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
38    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    13.115.153.230 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-153-230.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
5    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
2    23.192.45.97 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-192-45-97.deploy.static.akamaitechnologies.com
hb.yahoo.net
sync.relaido.jp
1    131.153.206.100 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
1    2600:9000:221b:4000:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    18.65.185.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-129.nrt57.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
6    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    64.38.119.44 (United States)

ASN19151 (BBO-1, US)
bttrack.com
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    54.183.183.27 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-183-27.us-west-1.compute.amazonaws.com
exchange.mediavine.com
1    52.38.45.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-45-160.us-west-2.compute.amazonaws.com
cs.minutemedia-prebid.com
1    67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    34.215.54.7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-54-7.us-west-2.compute.amazonaws.com
cs.yellowblue.io
1    38.133.127.31 (Sacramento, United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
3    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2600:1f18:ed:550f:19cd:1b39:81f3:b82c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
6    2a02:fa8:c411:11::730 (Amsterdam, Netherlands)

ASN399104 (CNVR-APAC, US)
rubicon-match.dotomi.com
inmobi-match.dotomi.com
pubmatic-match.dotomi.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    13.250.150.236 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-150-236.ap-southeast-1.compute.amazonaws.com
crb.kargo.com
1    99.84.133.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-72.nrt57.r.cloudfront.net
usr.undertone.com
1    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid-s2s.media.net
2    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
video.seenthis.se
2    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
googleads4.g.doubleclick.net
3    23.32.225.214 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-225-214.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    18.136.139.8 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-139-8.ap-southeast-1.compute.amazonaws.com
secure-gg.imrworldwide.com
1    13.249.160.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-160-37.nrt12.r.cloudfront.net
img.macromill.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
5    54.246.67.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-67-235.eu-west-1.compute.amazonaws.com
a.audrte.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    20.242.10.199 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
beacon.walmart.com
3    2a02:6b8::90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
2    35.214.250.125 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 125.250.214.35.bc.googleusercontent.com
csync.loopme.me
2    18.176.247.126 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com
ps.eyeota.net
1    23.36.17.70 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-17-70.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    2001:df2:a300:bbbb::136 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    139.99.123.150 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ads14-sgp.stickyadstv.com
ads.stickyadstv.com
20    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
5    207.65.34.74 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
3    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
1    2600:1901:0:6ede:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sync6.im-apps.net
1    107.178.248.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.248.178.107.bc.googleusercontent.com
penta.a.one.impact-ad.jp
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
11    23.195.84.29 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-84-29.deploy.static.akamaitechnologies.com
contextual.media.net
6    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    13.114.175.238 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-175-238.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    151.101.193.19 (United States)

ASN54113 (FASTLY, US)
img.ak.impact-ad.jp
1    34.149.101.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.101.149.34.bc.googleusercontent.com
sync.im-apps.net
1    2600:140b:1a00:16::6007:2786 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
5    34.120.63.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.63.120.34.bc.googleusercontent.com
tracker.v2.relaido.jp
1    2404:6800:4004:821::2006 (Australia)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    8.2.110.134 (Greenfield, United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    213.19.162.90 (Rillieux-la-Pape, France)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    18.178.8.168 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-8-168.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
4    3.121.129.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-129-13.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    54.183.254.196 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-254-196.us-west-1.compute.amazonaws.com
aorta.clickagy.com
1    72.34.250.75 (Hemet, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    13.251.160.207 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-160-207.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
audiencedata.im-apps.net
1    54.168.163.54 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-163-54.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com
gocm.c.appier.net
1    2600:1901:0:80:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aw.dw.impact-ad.jp
1    23.106.127.56 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.smartadserver.com
Apex Domain
Subdomains		 Transfer
131 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
549 KB
70 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 27785
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
114 KB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
303 KB
49 natalie.mu
natalie.mu
ogre.natalie.mu
728 KB
42 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image4.pubmatic.com — Cisco Umbrella Rank: 1224
75 KB
32 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
cdn.adnxs.com — Cisco Umbrella Rank: 1605
sin3-ib.adnxs.com — Cisco Umbrella Rank: 15495
acdn.adnxs.com — Cisco Umbrella Rank: 610
112 KB
30 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
54 KB
29 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
87 KB
21 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
60 KB
21 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
10 KB
21 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10220
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
sync.smartadserver.com — Cisco Umbrella Rank: 1285
14 KB
21 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
132 KB
20 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
6 KB
20 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
cs.media.net — Cisco Umbrella Rank: 1381
prebid-s2s.media.net — Cisco Umbrella Rank: 2564
contextual.media.net — Cisco Umbrella Rank: 665
c21lg-d.media.net — Cisco Umbrella Rank: 2551
22 KB
19 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
8 KB
19 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
u.4dex.io — Cisco Umbrella Rank: 3500
32 KB
17 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 672
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
natasha-d.openx.net
jp-u.openx.net — Cisco Umbrella Rank: 15595
3 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
data.adsrvr.org — Cisco Umbrella Rank: 5064
7 KB
16 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 805
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4341
3 KB
14 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
49 KB
14 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 6169
penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 132897
img.ak.impact-ad.jp — Cisco Umbrella Rank: 137114
aw.dw.impact-ad.jp — Cisco Umbrella Rank: 101990
49 KB
14 browsiprod.com
yield-manager.browsiprod.com — Cisco Umbrella Rank: 7728
cdn.browsiprod.com — Cisco Umbrella Rank: 7840
events.browsiprod.com — Cisco Umbrella Rank: 6941
demand-engine.browsiprod.com — Cisco Umbrella Rank: 14167
102 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
9 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
6 KB
12 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
14 KB
12 relaido.jp
api.relaido.jp — Cisco Umbrella Rank: 179119
sync.relaido.jp — Cisco Umbrella Rank: 408583
tracker.v2.relaido.jp — Cisco Umbrella Rank: 340349
15 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
4 KB
11 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4065
sync.richaudience.com — Cisco Umbrella Rank: 1727
3 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
207 KB
10 flux.jp
a.flux.jp — Cisco Umbrella Rank: 87855
1 KB
9 ladsp.com
pb.ladsp.com — Cisco Umbrella Rank: 71942
cr-p10.ladsp.com
cr-p31.ladsp.com — Cisco Umbrella Rank: 11102
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
5 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
dmp.adform.net — Cisco Umbrella Rank: 2870
5 KB
8 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
8 socdm.com
d.socdm.com — Cisco Umbrella Rank: 59331
tg.socdm.com — Cisco Umbrella Rank: 1450
11 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
6 dotomi.com
rubicon-match.dotomi.com — Cisco Umbrella Rank: 1918
inmobi-match.dotomi.com — Cisco Umbrella Rank: 10890
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
2 KB
6 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
d.turn.com — Cisco Umbrella Rank: 1349
3 KB
6 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2234
s.e-planning.net — Cisco Umbrella Rank: 4907
u-sin01.e-planning.net — Cisco Umbrella Rank: 84246
3 KB
6 microad.jp
s-rtb-pb.send.microad.jp — Cisco Umbrella Rank: 84954
s-cs.send.microad.jp — Cisco Umbrella Rank: 17722
5 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2112
3 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
2 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
3 KB
5 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 6266
4 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
5 makeshop.jp
gigaplus.makeshop.jp — Cisco Umbrella Rank: 731299
43 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
3 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100
3 KB
4 im-apps.net
sync6.im-apps.net — Cisco Umbrella Rank: 65246
sync.im-apps.net — Cisco Umbrella Rank: 4991
dmp.im-apps.net — Cisco Umbrella Rank: 31325
audiencedata.im-apps.net — Cisco Umbrella Rank: 31133
4 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
2 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r3---sn-oguelnzl.c.2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
id.rlcdn.com — Cisco Umbrella Rank: 711
1 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
1 KB
4 adingo.jp
hb.adingo.jp — Cisco Umbrella Rank: 101010
660 B
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5624
1 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
px.moatads.com — Cisco Umbrella Rank: 594
110 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
561 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
3 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 8112
im.c.yimg.jp — Cisco Umbrella Rank: 401365
123 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
3 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
812 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
135 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
74 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
ssc-cms.33across.com — Cisco Umbrella Rank: 904
events-ssc.33across.com — Cisco Umbrella Rank: 1493
5 KB
3 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
622 B
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
z.clarity.ms — Cisco Umbrella Rank: 7336
22 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
12 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
664 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4682
1 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
1 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
432 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2269
965 B
2 seenthis.se
video.seenthis.se — Cisco Umbrella Rank: 10867
11 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
367 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
628 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
522 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 primecaster.net
api.primecaster.net — Cisco Umbrella Rank: 285963
663 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
2 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
83 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
958 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
600 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
559 B
2 nakanohito.jp
cs.nakanohito.jp — Cisco Umbrella Rank: 90061
bs.nakanohito.jp — Cisco Umbrella Rank: 67427
19 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
161 KB
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
436 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 21062
38 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
752 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1768
429 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 2606
659 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
609 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12406
243 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 28404
455 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
624 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
493 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
454 B
1 walmart.com
beacon.walmart.com — Cisco Umbrella Rank: 4896
924 B
1 macromill.com
img.macromill.com — Cisco Umbrella Rank: 31740
599 B
1 imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 5160
548 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 1642
253 B
1 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 1822
296 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 910
358 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
230 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
287 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 1547
326 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1777
326 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1074
186 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1747
442 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
284 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
556 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
449 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
645 B
1 d2-apps.net
pp.d2-apps.net — Cisco Umbrella Rank: 98063
424 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2193
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3260
611 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4118
474 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
610 B
1 flux-cdn.com
flux-cdn.com — Cisco Umbrella Rank: 96684
174 KB
0 mathtag.com Failed
sync.mathtag.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
749 134
Domain Requested by
106 pagead2.googlesyndication.com securepubads.g.doubleclick.net
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
natalie.mu
googleads.g.doubleclick.net
www.googletagservices.com
43 ogre.natalie.mu natalie.mu
38 pixel.rubiconproject.com 24 redirects natalie.mu
s.amazon-adsystem.com
35 cm.g.doubleclick.net 19 redirects rtb.gumgum.com
bcp.crwdcntrl.net
natalie.mu
googleads.g.doubleclick.net
eb2.3lift.com
ce.lijit.com
us-u.openx.net
23 ce.lijit.com natalie.mu
flux-cdn.com
ce.lijit.com
us-u.openx.net
ads.pubmatic.com
22 tpc.googlesyndication.com 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
natalie.mu
imasdk.googleapis.com
cdn.ampproject.org
tpc.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
20 eb2.3lift.com 4 redirects natalie.mu
flux-cdn.com
eb2.3lift.com
19 x.bidswitch.net 17 redirects ads.us.e-planning.net
19 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
natalie.mu
ce.lijit.com
19 ib.adnxs.com 10 redirects flux-cdn.com
acdn.adnxs.com
s.amazon-adsystem.com
eb2.3lift.com
15 simage2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
natalie.mu
15 match.adsrvr.org 15 redirects
15 fundingchoicesmessages.google.com natalie.mu
securepubads.g.doubleclick.net
14 usersync.gumgum.com rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
14 securepubads.g.doubleclick.net natalie.mu
securepubads.g.doubleclick.net
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
www.googletagservices.com
13 id5-sync.com 8 redirects cdn.id5-sync.com
natalie.mu
flux-cdn.com
img.ak.impact-ad.jp
13 token.rubiconproject.com 8 redirects eus.rubiconproject.com
s.amazon-adsystem.com
13 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
natalie.mu
13 u.4dex.io natalie.mu
ssbsync.smartadserver.com
ads.us.e-planning.net
eb2.3lift.com
ads.pubmatic.com
12 sync.1rx.io 11 redirects contextual.media.net
11 contextual.media.net flux-cdn.com
contextual.media.net
ads.pubmatic.com
11 y.one.impact-ad.jp 5 redirects natalie.mu
flux-cdn.com
api.relaido.jp
10 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
natalie.mu
flux-cdn.com
ce.lijit.com
contextual.media.net
ads.pubmatic.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 eus.rubiconproject.com natalie.mu
eus.rubiconproject.com
s.amazon-adsystem.com
rtb.gumgum.com
flux-cdn.com
contextual.media.net
10 targeting.unrulymedia.com flux-cdn.com
10 a.flux.jp flux-cdn.com
9 sync.crwdcntrl.net 1 redirects s.amazon-adsystem.com
bcp.crwdcntrl.net
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
7 pixel.tapad.com 5 redirects s.amazon-adsystem.com
7 googleads.g.doubleclick.net natalie.mu
pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 secure.adnxs.com 7 redirects
7 c1.adform.net 7 redirects
7 tags.crwdcntrl.net securepubads.g.doubleclick.net
s.e-planning.net
tags.crwdcntrl.net
7 ap.lijit.com 6 redirects flux-cdn.com
7 cdn.browsiprod.com flux-cdn.com
cdn.browsiprod.com
6 sync.richaudience.com 1 redirects flux-cdn.com
sync.richaudience.com
6 dis.criteo.com 6 redirects
6 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
6 pr-bh.ybp.yahoo.com 5 redirects natalie.mu
6 us-u.openx.net rtb.gumgum.com
ce.lijit.com
contextual.media.net
us-u.openx.net
6 www.google.com 2 redirects natalie.mu
tpc.googlesyndication.com
6 api.relaido.jp 3 redirects flux-cdn.com
api.relaido.jp
6 natalie.mu 1 redirects natalie.mu
5 tracker.v2.relaido.jp api.relaido.jp
ads.pubmatic.com
5 a.audrte.com 4 redirects ssbsync.smartadserver.com
5 um.simpli.fi 4 redirects s.amazon-adsystem.com
5 image6.pubmatic.com ads.pubmatic.com
5 tg.socdm.com 5 redirects
5 b1sync.zemanta.com 5 redirects
5 sync.targeting.unrulymedia.com 4 redirects s.amazon-adsystem.com
5 ad.turn.com 5 redirects
5 bcp.crwdcntrl.net tags.crwdcntrl.net
5 s-rtb-pb.send.microad.jp flux-cdn.com
5 shb.richaudience.com flux-cdn.com
5 ad.as.amanad.adtdp.com flux-cdn.com
5 pb.ladsp.com flux-cdn.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 gigaplus.makeshop.jp natalie.mu
4 pm.w55c.net 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 simage4.pubmatic.com ads.pubmatic.com
4 ups.analytics.yahoo.com 4 redirects
4 match.prod.bidr.io 3 redirects natalie.mu
4 sync.srv.stackadapt.com 4 redirects
4 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
ce.lijit.com
4 csi.gstatic.com imasdk.googleapis.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 ssbsync.smartadserver.com 2 redirects natalie.mu
4 events.browsiprod.com cdn.browsiprod.com
4 mp.4dex.io flux-cdn.com
4 prebid-asia.creativecdn.com flux-cdn.com
4 prebid.media.net flux-cdn.com
4 hb.adingo.jp flux-cdn.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
3 gum.criteo.com 1 redirects contextual.media.net
3 an.yandex.ru 2 redirects natalie.mu
3 pixel-sync.sitescout.com s.amazon-adsystem.com
bcp.crwdcntrl.net
ce.lijit.com
3 px.ads.linkedin.com natalie.mu
eb2.3lift.com
3 sin3-ib.adnxs.com cdn.jsdelivr.net
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
cdn.adnxs.com
3 cms.quantserve.com 3 redirects
3 p.rfihub.com 3 redirects
3 i.liadm.com 3 redirects
3 creativecdn.com 3 redirects
3 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
3 cs.media.net 1 redirects contextual.media.net
3 lb.eu-1-id5-sync.com cdn.id5-sync.com
img.ak.impact-ad.jp
flux-cdn.com
3 secure-assets.rubiconproject.com 3 redirects
3 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ads.us.e-planning.net 1 redirects natalie.mu
3 static.criteo.net securepubads.g.doubleclick.net
flux-cdn.com
static.criteo.net
3 www.google.co.jp natalie.mu
3 stats.g.doubleclick.net www.google-analytics.com
3 rtb.openx.net 1 redirects flux-cdn.com
3 d.socdm.com flux-cdn.com
3 prg-apac.smartadserver.com flux-cdn.com
3 cdn.jsdelivr.net flux-cdn.com
securepubads.g.doubleclick.net
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
3 c.amazon-adsystem.com natalie.mu
c.amazon-adsystem.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 jp-u.openx.net us-u.openx.net
2 pool.admedo.com 2 redirects
2 t.adx.opera.com 2 redirects
2 mug.criteo.com natalie.mu
2 ps.eyeota.net 2 redirects
2 csync.loopme.me 2 redirects
2 inmobi-match.dotomi.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 px.moatads.com googleads.g.doubleclick.net
natalie.mu
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 video.seenthis.se googleads.g.doubleclick.net
video.seenthis.se
2 tr.blismedia.com 1 redirects s.amazon-adsystem.com
2 rubicon-match.dotomi.com 2 redirects
2 id.rlcdn.com 2 redirects
2 bttrack.com 2 redirects
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 aax-eu.amazon-adsystem.com natalie.mu
2 pixel-us-east.rubiconproject.com 2 redirects
2 acdn.adnxs.com 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
flux-cdn.com
2 s.yimg.jp cdn.jsdelivr.net
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
2 uipglob.semasio.net 1 redirects s.amazon-adsystem.com
2 api.primecaster.net 2 redirects
2 cr-p10.ladsp.com 2 redirects
2 onetag-sys.com natalie.mu
2 r3---sn-oguelnzl.c.2mdn.net natalie.mu
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 idsync.rlcdn.com 1 redirects ssum-sec.casalemedia.com
2 live.rezync.com 2 redirects
2 bh.contextweb.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
s.amazon-adsystem.com
2 sync.ipredictive.com 2 redirects
2 www.googletagservices.com securepubads.g.doubleclick.net
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
2 s.e-planning.net ads.us.e-planning.net
2 visitor.omnitagjs.com 1 redirects s.amazon-adsystem.com
2 match.sharethrough.com ssbsync.smartadserver.com
natalie.mu
2 oajs.openx.net 1 redirects natalie.mu
2 u.openx.net natalie.mu
s.amazon-adsystem.com
2 fastlane.rubiconproject.com flux-cdn.com
2 g2.gumgum.com flux-cdn.com
2 script.4dex.io flux-cdn.com
script.4dex.io
2 www.clarity.ms natalie.mu
www.clarity.ms
2 yield-manager.browsiprod.com flux-cdn.com
cdn.browsiprod.com
2 www.googletagmanager.com natalie.mu
www.googletagmanager.com
1 sync.smartadserver.com 1 redirects
1 aw.dw.impact-ad.jp natalie.mu
1 gocm.c.appier.net 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 c21lg-d.media.net contextual.media.net
1 audiencedata.im-apps.net dmp.im-apps.net
1 cr-p3.ladsp.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s0.2mdn.net ce.lijit.com
1 data.adsrvr.org 1 redirects
1 dmp.im-apps.net sync.relaido.jp
1 sync.im-apps.net sync.relaido.jp
1 img.ak.impact-ad.jp natalie.mu
1 image4.pubmatic.com natalie.mu
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 ds.uncn.jp 1 redirects
1 sync.relaido.jp api.relaido.jp
1 cs.admanmedia.com 1 redirects
1 cr-p31.ladsp.com natalie.mu
1 natasha-d.openx.net flux-cdn.com
1 js-sec.indexww.com flux-cdn.com
1 penta.a.one.impact-ad.jp flux-cdn.com
1 sync6.im-apps.net flux-cdn.com
1 ads.stickyadstv.com 1 redirects
1 d.turn.com 1 redirects
1 tags.bluekai.com bcp.crwdcntrl.net
1 cms.analytics.yahoo.com 1 redirects
1 beacon.walmart.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 dmp.adform.net 1 redirects
1 img.macromill.com googleads.g.doubleclick.net
1 secure-gg.imrworldwide.com googleads.g.doubleclick.net
1 z.moatads.com googleads.g.doubleclick.net
1 prebid-s2s.media.net s.amazon-adsystem.com
1 sync.aniview.com s.amazon-adsystem.com
1 usr.undertone.com s.amazon-adsystem.com
1 crb.kargo.com s.amazon-adsystem.com
1 cm.adgrx.com s.amazon-adsystem.com
1 i6.liadm.com s.amazon-adsystem.com
1 sync.outbrain.com s.amazon-adsystem.com
1 cs.yellowblue.io s.amazon-adsystem.com
1 events-ssc.33across.com s.amazon-adsystem.com
1 ssc-cms.33across.com 1 redirects
1 cs.minutemedia-prebid.com s.amazon-adsystem.com
1 exchange.mediavine.com s.amazon-adsystem.com
1 s2s.t13.io s.amazon-adsystem.com
1 usermatch.targeting.unrulymedia.com 1 redirects
1 s.seedtag.com s.amazon-adsystem.com
1 s-cs.send.microad.jp 1 redirects
1 sync1.intentiq.com natalie.mu
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 prebid.a-mo.net natalie.mu
1 hb.yahoo.net natalie.mu
1 pixel-apac.rubiconproject.com 1 redirects
1 pp.d2-apps.net natalie.mu
1 dmp.truoptik.com bcp.crwdcntrl.net
1 im.c.yimg.jp 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
1 cdn.adnxs.com cdn.jsdelivr.net
1 cksync.yahoo.co.jp cdn.jsdelivr.net
1 gcdn.2mdn.net 1 redirects
1 s.company-target.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
1 u-sin01.e-planning.net ads.us.e-planning.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 z.clarity.ms www.clarity.ms
1 demand-engine.browsiprod.com cdn.browsiprod.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 bs.nakanohito.jp cs.nakanohito.jp
1 tlx.3lift.com flux-cdn.com
1 htlb.casalemedia.com flux-cdn.com
1 bidder.criteo.com flux-cdn.com
1 hbopenbid.pubmatic.com flux-cdn.com
1 a.teads.tv flux-cdn.com
1 cs.nakanohito.jp natalie.mu
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 flux-cdn.com natalie.mu
0 sync.mathtag.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
749 236
Subject Issuer Validity Valid
natalie.mu
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-11		 a year crt.sh
flux-cdn.com
Amazon RSA 2048 M03		 2023-10-19 -
2024-11-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.natalie.mu
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.browsiprod.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-02-12		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
gigaplus.makeshop.jp
GlobalSign RSA OV SSL CA 2018		 2023-11-06 -
2024-12-07		 a year crt.sh
a.flux.jp
GTS CA 1D4		 2023-12-05 -
2024-03-04		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.nakanohito.jp
JPRS Organization Validation Authority - G4		 2023-01-16 -
2024-01-31		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.ladsp.com
GlobalSign RSA OV SSL CA 2018		 2023-05-16 -
2024-06-16		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M02		 2023-02-05 -
2024-03-05		 a year crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2023-05-31 -
2024-06-30		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
api.relaido.jp
GTS CA 1D4		 2023-11-25 -
2024-02-24		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-01 -
2024-07-31		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2023-03-14 -
2024-03-14		 a year crt.sh
ads.us.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
u.4dex.io
GTS CA 1D4		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.e-planning.net
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-02-13 -
2024-02-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-11-14 -
2024-01-23		 2 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2023-11-30 -
2024-12-29		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.d2-apps.net
GlobalSign RSA OV SSL CA 2018		 2023-03-29 -
2024-04-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
match.prod.bidr.io
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-15		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.seenthis.se
R3		 2023-10-31 -
2024-01-29		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
img.macromill.com
Cybertrust Japan SureServer CA G4		 2023-05-09 -
2024-06-04		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
sync6.im-apps.net
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
a.one.impact-ad.jp
SECOM Passport for Web SR 3.0 CA		 2023-03-27 -
2024-03-31		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
relaido.jp
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
img.ak.impact-ad.jp
SECOM Passport for Web SR 3.0 CA		 2023-09-21 -
2024-10-19		 a year crt.sh
sync.im-apps.net
GTS CA 1D4		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-12-03 -
2024-03-02		 3 months crt.sh
tracker.v2.relaido.jp
GTS CA 1D4		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
aw.dw.impact-ad.jp
SECOM Passport for Web SR 3.0 CA		 2023-03-27 -
2024-03-31		 a year crt.sh

This page contains 102 frames:

Primary Page: https://natalie.mu/
Frame ID: 32234B4774FB5E51482D593E72E0E459
Requests: 317 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&dcc=t
Frame ID: F388519673D7CE06933BCFEF368BDB34
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: E3D8550770BA4C6E3DEF9F698540B4B6
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 24D0EB1092C91997A37B18B8E8480747
Requests: 7 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 57FFFF02329FD8FC5DD9191401376573
Requests: 1 HTTP requests in this frame

Frame: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F85D929D037E8A1D7595242765C9CC0F
Requests: 1 HTTP requests in this frame

Frame: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB788C338465931101D1EBC2FA9DA5F2
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 2DE6EC45596C58123091E950D1DACD4B
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 28D9FD8C0243EE670757948B1118C5BA
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 2CDFFEA83933A2363DCBC67B1C72418D
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxKUlT12SwJPhI8FRAksIfN4amgu2HivpH9hHrEwR7x05y4c1lCY5wdYH8v1ZFCWuIQd9H165iwVyApuh9f7kO91E9ZxYyJNCAuRCU8u4XIbr9yb0dfP_QGVI6WuJPGwNWkrEbgKl4zQfW6XLa9djB2sRpNsLglrYjZEUJqZmprBmMwC2UeQYxVj7m2EjX8wm2AJt1GlPE_C8CReBrOabrqh1RyOL0BJhvBoZ_WV-GuZwKnuRov6wZ20QJAbGHXRiiSiJ14RCihM57bIPPugNFayEaemQH208eAqdZla0Jz-BZTX_xd2mdxS66ySJkBEOxPvDLjbU&sai=AMfl-YQpL6EmbpXz_hdWj1W_OH_TX_5N-MJFakMmvLdETn8UfAO0a_LmeyFVmzcyZYZhL0SGGpejmEJXmXy5IEB_m58VJ5ngLyUDdEKlTC8aj9lz3fxytK_lKAIOWU4dHGIFwlFoOxwz6CHXLqOMWLn3fE0&sig=Cg0ArKJSzIBiClzXTC_DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6D55426A6744A2D05C9EE13676BF88B8
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=ZXgkoMCo5sIAAFGloKkAAAAA&ex=ss.com&status=ok
Frame ID: 8F345721065B895ED1AC0B9F964C98CC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 0240197ECED68F9E5E61B9F8AA2BB1B2
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4516927009669048412&ex=yj.com&
Frame ID: 6DFBBFAE02BE77A5CD1D428A9BDDF694
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2e04749e-02d1-4858-b05e-38700c1eb143&ex=p1.com&status=ok
Frame ID: 301224BAB2645ACA0F6958A612CDEE9A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 7DA5C37F795A38E86F85DE0D17DBBB85
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: F5ACC7AF4E463835226BDB0337DFA9AE
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B2E2FF48A53518D462CCD4ECD7DABB08
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: E36958085AFB86A345F058F7D2020807
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=6265997732731674459&gdpr=&gdpr_consent=
Frame ID: 3EA0778414AD7F4C860747956398D757
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81ZTBiODNmYi1jZjI0LTQ3ZjAtYjUzMy0zODM3MTYxZTU0NzY=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 412845B0331E18702904547C5A181CAD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: C6A3FB1632F4C2775AE904A0537A0FB4
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=d4b4056c-9cff-4981-a11a-66e4858998e2
Frame ID: 3769773DCC9C31328F0DF7DD89F06150
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZXgkoMCo5sIAAFGloKkAAAAA
Frame ID: B849A9B91021D74E9E877479BEC4F3D7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=gumgum&tc=1
Frame ID: 463E353D702682C34CF77A460BA6B93C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3845F8638446C12E956A85605145A81C
Requests: 20 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AKabF3seavNRulad
Frame ID: 3BCC0BEFF26C1273B71993898F2161E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: FAD1F6F9724447CE59673401D1AC89A1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: AD80C775390E02723E770EBA8E68A8FD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: F6594CFB5DBCEDD7A9856AB882994FFD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ae9V89aKtDJPks8AED41tMcJps8AAAGMXU8X0A
Frame ID: 1D5682D2856A8863ED5B4ACE33DA660B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: E1E702D0B187B5D7FF546DA375271191
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: 41BA8D95F1974FD11F6358A80C780CB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6D95A621E4B4BD48D9CE8222E8D67A48
Requests: 3 HTTP requests in this frame

Frame: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7923980C0C9908BE73272D90BDEBAA9C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&adk=1812271804&adf=2751417943&lmt=1702372513&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=2&bdt=200&idt=246&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&nras=1&correlator=2562548046679&frm=23&ife=4&pv=2&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jpo4ae7d02qf&fsb=1&dtd=300
Frame ID: EA3EF9821CB9C6112C98FBD033A5C5A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Frame ID: 9E5ED36BC587AFE31EAAA888CFF5CF12
Requests: 23 HTTP requests in this frame

Frame: https://s.yimg.jp/images/advertising/common/js/iicon.min.js
Frame ID: 997F45E49761C8F80E37E56D0B5A0AB9
Requests: 8 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: DEC690B3C7206B5354880D47EB6430F0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1429092
Frame ID: 96EE3CD9182DE03929F314E6C962E512
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: BB8922071746A49C99D2BEE17672F643
Requests: 15 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 92D7377E0053F93D5A4CC6FEAA98D341
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7372D33BAB3C029F769A77E7336AFA7B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A15AAB7482E1362D4878EFF35AD826C1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 4A8942C61DDEEB569C3F729AEF38BE47
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEN3KJxirroT_ATAB&v=APEucNUuzTnptaCHiZeK27oPu3lzR4X8RbvEH3cuZtoT58Ei9lD974gY2KS-mjvHPNHjTtQZgo_TiibYg5mW0f_1ytc79mygj0Na3z3nwVzrG9X1645lpVY
Frame ID: BD2C611D3FB9E8C42DF9A483043608F1
Requests: 4 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: B4DD38E3E1323F9D500CA8B072ED76AB
Requests: 6 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 56F254B9DC7DAA4E6D1F9FE09BB38823
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2805A6154A161BC587AE2759235F0BD0
Requests: 9 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AKabF3seavNRulad
Frame ID: 288B4797C67696F0474785D83B163599
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 6D3564DA24CCB971890031A16567507C
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: E3651945609A66F551B1D4EEFC9DA374
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: F37902FE8CE523B799590AB2E76DB026
Requests: 12 HTTP requests in this frame

Frame: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Frame ID: F5EEEB6B48EE369FB377B2652C4066DA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B6BC9CAC69BB38715A0A1CDAA6AFEC64
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 99C396B200748039931B15D6E89DD88F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 52A8F7131B812E77A32830FA6820E831
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13442524
Frame ID: CFCEFA2AD7306A19060C191318DCA67B
Requests: 22 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 528360D62933AF29B7940969D7700CD2
Requests: 13 HTTP requests in this frame

Frame: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Frame ID: F1C192D534DC33C6E9607A537EDC96D6
Requests: 15 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
Frame ID: C2929EDA7D5CAF94302CDFA72C3E2A2C
Requests: 5 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 477FDACD09146E4C50EB0C9768E25FE4
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Frame ID: 60411D6F1A481002F9BC7E2D38EBA14B
Requests: 7 HTTP requests in this frame

Frame: https://natasha-d.openx.net/w/1.0/pd
Frame ID: 844D6F98A8AF9AD84AB842935BF6A02C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_95095d4b-e57a-4f3b-897b-ac78678f6a15
Frame ID: 648896898C8689EC71AB8C17518603BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4516927009669048412&gdpr=0&gdpr_consent=
Frame ID: 1796F72ABE6DB18D18C8AE3A6C236A00
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iz43g48_YYqQbzWK2Got34oyMtmQMzTfjzww5Nkd
Frame ID: FEBC3E2FCDD5D0AC5A25A8E8EF2F1880
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: EBA738710EA5C1B08230AA0776AE154C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 3B2B67BCD5F7AA3715298B234940469C
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: B78BAD1C93A1DA4CADCB07B21C9DAE17
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 2FC05DA0218183F0CEA33C3E46E6CDBE
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: E64F8794E315E3B8296A502475F68440
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 099ED3737D0F7480D29825E2E1175DAB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 2654E9D2B51814C7BEDEAF143CA1E366
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3453741131267202000V10&type=rkt&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=2020216292188257118
Frame ID: 86943CE17900ECD70524E9CE699BA1B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Dpba%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3DPM_UID
Frame ID: 7B4F41605A1FC32F35EEF9AE1A91D0DD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: 4124E8E8F95BE9F3A2995AF352CC703F
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: 116673A25768BF62186BD41A429BC48E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=dccdcbbd5ce84b9fa9313346f956eced
Frame ID: C9C937E44F686FAE19B2EAB12E831B8F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: AFEF8BD802724E372CBE5FCFDD5ECD06
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 1649501C6B93AF57F52278F66439BAEA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA&gdpr=0&gdpr_consent=
Frame ID: CA9A08E82BBEE65B0E75EC3A36267D56
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TqVyQUdcDS6trgAVpCR4ZQ
Frame ID: DA818550E846A077BE1B0948F4519C14
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1bb353766cc24a6185e703da49aa6ec3
Frame ID: 5E5218B04D0FECDFDA2398CBDA1F1CDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 8E3044E3CFD5A2934D32E0A041661425
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SuIv1Q8V1RcYRe5&gdpr=0&gdpr_consent=
Frame ID: 2604F47DFF4A3212F6A1EE764662A350
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: 1FE3927F89A36762516439F66888A52A
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 929C942E13680E3D58BCF5D1F638D32F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292188257118
Frame ID: 65DE18EBB60924BD53683575BC5F4C4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EA1DE816A79C4D878295157B03978D9B&gdpr=0&gdpr_consent=
Frame ID: 6A3B63DA1A2934AD75CDF4DA87E92AD5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: F00027474CA8E2EC4CC2F5242AA47570
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: F7F4A1FFFED99E830A54DF5D50A3B451
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: 77A30A30EC1F5911E85AD0A9212996B9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: E90A4DCC03D5B9B485770C162F3FFB12
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: C1272A6C7D3E63DA48462F4B747EAE5A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=pba&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: A9215A70DEDEB58B35883FDB0AAFF072
Requests: 1 HTTP requests in this frame

Frame: https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519
Frame ID: 24DDD60F33FB762B2BF4045114D96CDB
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: 38F28E32798C7E2A60F348DC0E82CA0B
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: 9337AD6FE025BA3F11BE4BF496E44164
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=pba&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: F713662C1C6E06B67D7A6981E6183844
Requests: 1 HTTP requests in this frame

Frame: https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519
Frame ID: 52196667E411C31D1BB88F044B79ECE8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Frame ID: 8A8BF1DA83433A900646012051BFE48E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ナタリー - ポップカルチャーのニュースサイト

Page URL History Show full URLs

  1. http://natalie.mu/ HTTP 301
    https://natalie.mu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

749
Requests

76 %
HTTPS

22 %
IPv6

134
Domains

236
Subdomains

158
IPs

14
Countries

3809 kB
Transfer

9629 kB
Size

262
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://natalie.mu/ HTTP 301
    https://natalie.mu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55616&cb=2495079351&r=https%3A%2F%2Fnatalie.mu%2F&uid=67da2f571bfc2e7&tid=26438cb7-522f-46f9-ad36-6287ca30099c&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=2495079351&r=https%3A%2F%2Fnatalie.mu%2F&uid=67da2f571bfc2e7&tid=26438cb7-522f-46f9-ad36-6287ca30099c&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90
Request Chain 88
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55617&cb=40485523974&r=https%3A%2F%2Fnatalie.mu%2F&uid=683e860a0bade7d&tid=4382396b-9db2-467e-8e99-8c836b3825d8&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=40485523974&r=https%3A%2F%2Fnatalie.mu%2F&uid=683e860a0bade7d&tid=4382396b-9db2-467e-8e99-8c836b3825d8&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1
Request Chain 135
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&dcc=t
Request Chain 156
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
Request Chain 205
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Request Chain 206
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1702372512869 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=651502738 HTTP 302
  • https://sync.1rx.io/usersync/turn/2967119334666753022?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004 HTTP 302
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Request Chain 242
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8160195145739520768&gdpr=0&gdpr_consent=
Request Chain 243
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8e8c13f8368575330c91c64b2805e387&gdpr=0&gdpr_consent=0
Request Chain 244
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
Request Chain 245
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZXgkoQAGWdaM5gBH HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXgkoQAGWdaM5gBH&gdpr=0&gdpr_consent=&_test=ZXgkoQAGWdaM5gBH
Request Chain 277
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D19b5680199628ee7%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=19b5680199628ee7&uid=53b29bf9-4e8f-44bf-9eac-36f450ba77c6
Request Chain 278
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
Request Chain 289
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 316
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3326646906 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d4b4056c-9cff-4981-a11a-66e4858998e2 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Request Chain 317
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453741131267202000V10
Request Chain 318
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=SJ6fh4OymhSHO5zQDvzV
Request Chain 319
  • https://tg.socdm.com/aux/idsync?proto=amazontam&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dss.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=ZXgkoMCo5sIAAFGloKkAAAAA&ex=ss.com&status=ok
Request Chain 321
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=$UID&ex=yj.com& HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4516927009669048412&ex=yj.com&
Request Chain 322
  • https://y.one.impact-ad.jp/ul_cb/a9_cs?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dp1.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2e04749e-02d1-4858-b05e-38700c1eb143&ex=p1.com&status=ok
Request Chain 323
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 327
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4516927009669048412
Request Chain 328
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5e0b83fb-cf24-47f0-b533-3837161e5476&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6265997732731674459&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 330
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-JsJQ_ahE2pf4voz4bIVAd71p.B08ToKpry93~A
Request Chain 332
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=ca3e76fb-b51f-4bf3-a414-46e9d3cff563
Request Chain 334
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5e0b83fb-cf24-47f0-b533-3837161e5476&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_5e0b83fb-cf24-47f0-b533-3837161e5476&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=ZtkuDwr7_u5OKJBvO_Iw
Request Chain 335
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=0jy9Wht71a08&ev=1&pid=558355
Request Chain 336
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8160195145739520768
Request Chain 339
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=6265997732731674459&gdpr=&gdpr_consent=
Request Chain 342
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=d4b4056c-9cff-4981-a11a-66e4858998e2
Request Chain 343
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXgkoMCo5sIAAFGloKkAAAAA
Request Chain 344
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=gumgum&tc=1
Request Chain 345
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 347
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d4454db8221c48a0939538a37af12cde HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d4454db8-221c-48a0-9395-38a37af12cde HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a89fefab-25cd-4ff9-888f-760682533d16%3A1702372514.6343617&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da89fefab-25cd-4ff9-888f-760682533d16%253A1702372514.6343617%26_%3D1702372514.6373389&cb=1702372514.6373732 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2020216292188257118&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da89fefab-25cd-4ff9-888f-760682533d16%253A1702372514.6343617%26_%3D1702372514.6373389 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a89fefab-25cd-4ff9-888f-760682533d16%3A1702372514.6343617&_=1702372514.6373389 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEPztuGQOG3htiLHJwgMzxs&google_cver=1
Request Chain 348
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d4b4056c-9cff-4981-a11a-66e4858998e2&expiration=1704964513&gdpr=0&gdpr_consent=
Request Chain 350
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXgkoV53WQ1V60EtPPrXJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
Request Chain 351
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kdktg5XYe4qKiC-Kwo0335DVKNmK1C7flds6TmuW
Request Chain 352
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718183713&external_user_id=21f8a398-bcdd-48a0-ab43-b5cc656d799e
Request Chain 353
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488
Request Chain 354
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8160195145739520768&gdpr=0&gdpr_consent=
Request Chain 360
  • https://gcdn.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/ABBBA61F5B540F5E26BCB71D157C5906E2DB429A.33290D1EC73927848C742736509135A1F50F6703/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-oguelnzl.c.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/727C46366E31D47BAC409AE22F710DF295C2BFA1.014A4F268DAA1B5A215438287900274A422D4D2B/key/cms1/cms_redirect/yes/mh/Wg/mip/2001:ac8:40:1d::1e/mm/42/mn/sn-oguelnzl/ms/onc/mt/1702371933/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 362
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 371
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://u.4dex.io/setuid?bidder=sovrn&uid=HztLDBZHQz0K2AzuQjqahty-
Request Chain 372
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ae9V89aKtDJPks8AED41tMcJps8AAAGMXU8X0A
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic HTTP 302
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic&uid-set=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=191&user_id=4n9jl12sGG&expires=90&ssp=pubmatic&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yAmjWU_CTDGyxryLn8skUw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 376
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817%2C%2C
Request Chain 378
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzgwOUEzNTktNEZDMi00QzMxLUIyQzYtQkM4QjlGQ0IyNDUz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENyImY5HbW0KRNx5joddzeY&google_cver=1
Request Chain 382
  • https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXgkoMCo5sIAAFGloKkAAAAA
Request Chain 432
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 442
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=dd93b491a021a2eeb22b626d71ceeb73&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Da6b4b97d-1126-4b61-a008-7d9bbf01a817%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253Da6b4b97d-1126-4b61-a008-7d9bbf01a817%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4516927009669048412&pt=a6b4b97d-1126-4b61-a008-7d9bbf01a817%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253Da6b4b97d-1126-4b61-a008-7d9bbf01a817%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a6b4b97d-1126-4b61-a008-7d9bbf01a817
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160&gdpr=0&gdpr_consent=
Request Chain 446
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=878243237 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=878243237
Request Chain 447
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d4b4056c-9cff-4981-a11a-66e4858998e2/gdpr=0/gdpr_consent=
Request Chain 456
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LQ24N1B4-1M-L763 HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Request Chain 464
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQ24N1B4-1M-L763 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
Request Chain 466
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyNE4xQjQtMU0tTDc2Mw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCXjkuCrEfZYy6yhIw7kKo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNE4xQjQtMU0tTDc2Mw==&google_push=
Request Chain 467
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
Request Chain 468
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ24N1B4-1M-L763
Request Chain 470
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=D1fRjkUaScegken4XV4CMQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D1fRjkUaScegken4XV4CMQ
Request Chain 471
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=&expires=30
Request Chain 472
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/AsdLqj1B88KN-iDzqaOC7Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-38_jl45E2oJo38OmG8LU5T7Kdl.AqU14S.jvAw--~A
Request Chain 473
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBScyt3trvRxoITBetUVkcg&google_cver=1
Request Chain 474
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmExNDMxYmQ4YTdlMWY1MWMyN2I4ZmVkMzNiYTdlZDlkYWNlZWQ3OQ
Request Chain 476
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ24N1B4-1M-L763&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ24N1B4-1M-L763&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IMVIwUDZaRTJ1RUlpemZjWE83MUVpelNkQTFqWVlaZX5B&ovsid=LQ24N1B4-1M-L763&dpid=58160
Request Chain 477
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ24N1B4-1M-L763
Request Chain 478
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ24N1B4-1M-L763
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ24N1B4-1M-L763 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ24N1B4-1M-L763 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ24N1B4-1M-L763&ckls=true&ci=YDAI3SVs6e&nc=false&trid=-1205121987
Request Chain 480
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763
Request Chain 481
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ca3e76fb-b51f-4bf3-a414-46e9d3cff563&expires=30
Request Chain 482
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQ24N1B4-1M-L763 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQ24N1B4-1M-L763
Request Chain 483
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ODUzZTM5NGFiYzgwNTZhZTg2YWQ1YTBmYTAyMzNlZmM=
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1&gdpr=0
Request Chain 485
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgkoV53WQ1V60EtPPrXJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
Request Chain 490
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ24N1B4-1M-L763&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ24N1B4-1M-L763&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 491
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Request Chain 492
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ24N1B4-1M-L763
Request Chain 493
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=92cf34d5-393c-4dd6-ad7e-8e530fc660d1
Request Chain 494
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6265997732731674459
Request Chain 495
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=897b0308-2811-4258-afd7-61ff7b617d44
Request Chain 496
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA
Request Chain 497
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ24N1B4-1M-L763
Request Chain 498
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2967119334666753022&expires=60&gdpr=&gdpr_consent=
Request Chain 499
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4516927009669048412&expires=30
Request Chain 500
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=5513885832 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-AFs737hE2oXNba3h9T02qyXpV6ECOWgLEYxh~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-AFs737hE2oXNba3h9T02qyXpV6ECOWgLEYxh~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004&expires=30
Request Chain 501
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 502
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Request Chain 503
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ24N1B4-1M-L763&name=RUBICON
Request Chain 504
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ24N1B4-1M-L763
Request Chain 505
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ24N1B4-1M-L763
Request Chain 506
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQ24N1B4-1M-L763 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ24N1B4-1M-L763&ts=1702372515&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 507
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ24N1B4-1M-L763
Request Chain 508
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LQ24N1B4-1M-L763 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Request Chain 509
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ24N1B4-1M-L763&obUid=&initiator=
Request Chain 511
  • https://token.rubiconproject.com/token?pid=49096 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ24N1B4-1M-L763 HTTP 303
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ24N1B4-1M-L763
Request Chain 513
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXgkoQAGWdaM5gBH
Request Chain 515
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA1DE816A79C4D878295157B03978D9B&expires=365
Request Chain 516
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=38f016a9842122ad&is_secure=true&networkId=12783&version=1&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMBFIlXbaD-wMLsP7KAAAAAAA&expiration=1702458915&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
Request Chain 518
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ24N1B4-1M-L763
Request Chain 519
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ24N1B4-1M-L763
Request Chain 520
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ24N1B4-1M-L763
Request Chain 521
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet HTTP 302
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Request Chain 531
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZXgkoV53WQ1V60EtPPrXJwAAFXAAAAAB
Request Chain 534
  • https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4033ac60-0bd9-4992-9e10-da19b6084055&ssp=eplanning
Request Chain 536
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAIJfk7K8EkAABSLrjEArA&partnerid=127&gdpr=0
Request Chain 537
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
Request Chain 538
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2JkLXdxT3RnLTNTZDZJdTdyV0NDc21DZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDdiZC13cU90Zy0zU2Q2SXU3cldDQ3NtQ2ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDdiZC13cU90Zy0zU2Q2SXU3cldDQ3NtQ2ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDdiZC13cU90Zy0zU2Q2SXU3cldDQ3NtQ2ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6265997732731674459&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDdiZC13cU90Zy0zU2Q2SXU3cldDQ3NtQ2ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=7bd-wqOtg-3Sd6Iu7rWCCsmCg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=8160195145739520768&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 539
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=
Request Chain 543
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEM7uSBSWgP4Nr98cSJjz3RQ&google_cver=1&google_push=AXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM7uSBSWgP4Nr98cSJjz3RQ&google_cver=1&google_push=AXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 544
  • https://um.simpli.fi/gp_match?google_gid=CAESEFIlb9_PcvX5PDdagEwvhIk&google_cver=1&google_push=AXcoOmR3pSxfITnw0OVHxHZJPAQnWhaPaDNbBUaQFpE5qSuHAYldIazQOfsqeH0md39r0ffEOC3eY-PNtLgV2lKJuQcc8PHSgUl0EvBO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1DE816A79C4D878295157B03978D9B&google_push=AXcoOmR3pSxfITnw0OVHxHZJPAQnWhaPaDNbBUaQFpE5qSuHAYldIazQOfsqeH0md39r0ffEOC3eY-PNtLgV2lKJuQcc8PHSgUl0EvBO
Request Chain 545
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMX35QWyCxgVIO1x-Ws-c0g&google_cver=1&google_push=AXcoOmSwkZ4u-G8l7KrddWBdU6unJouMw3Bzj8iHxIEG2igvfYYVJME6qaoHW4CqknFpSp33lkJDzn6uqju3gJ7MW_3aj6eUJsrSdNGz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDRiNDA1NmMtOWNmZi00OTgxLWExMWEtNjZlNDg1ODk5OGUy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d4b4056c-9cff-4981-a11a-66e4858998e2
Request Chain 546
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTif55dvL6RD8PEH9N2_iByEgo3fbOVK_XqjdH-83OCCBzrtIaKQ9CIAu35tBNZJD_sw-tto39IAiN2KIDhCx5ojrbjR6ZjXOYT&google_gid=CAESEEPztuGQOG3htiLHJwgMzxs&google_cver=1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd1pLU1VKeHJhZmdzVG44Rm5rQ1hkUmQtR2tJblVycmJ6bGNaTGFMWnoxbw==&google_push
Request Chain 547
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEPLdMrHI1fBGJpqdqkG_8Tc&google_cver=1&google_push=AXcoOmSL62O_wnY8sZS1FLKIG4Ed7MLz5SNFsQweQhjk7gW6stnMprqD0hawc1o2xl6_IauQ1DIvWKjxaqe1LpxljSXH1S6BR9QIpzR0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=WiWoMP9uj5iTjKU1yLnm-8&tap=gAds&google_gid=CAESEPLdMrHI1fBGJpqdqkG_8Tc&google_cver=1&google_push=AXcoOmSL62O_wnY8sZS1FLKIG4Ed7MLz5SNFsQweQhjk7gW6stnMprqD0hawc1o2xl6_IauQ1DIvWKjxaqe1LpxljSXH1S6BR9QIpzR0
Request Chain 548
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPEaCEqWyLXx6RqpjgCcQ08&google_cver=1&google_push=AXcoOmRt_xLrLPex62OfX2ChGiTsWU0MBImKNYqJgPOMy3KOQv3Eedv9klA7QMkevNLkVXYf1cBrQxtZR0EvL_uypJc6_ZtBlD9sjw_Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRt_xLrLPex62OfX2ChGiTsWU0MBImKNYqJgPOMy3KOQv3Eedv9klA7QMkevNLkVXYf1cBrQxtZR0EvL_uypJc6_ZtBlD9sjw_Y&google_hm=3rSlXOMcSLiad6JrAoQy6Q==
Request Chain 549
  • https://an.yandex.ru/mapuid/google/CAESEIX_TMjH39HAn0u_WZ21bbw?ext-param=AXcoOmSlqFB34o6i4eaBmkUNHYrvLaDBFUr3FzfVlKQPNmzU88marb_ty56m4D16Q7ffcnZDqdY66qRTJyaU3WsYFR_JhH_m3b7e7AZS_w&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEIX_TMjH39HAn0u_WZ21bbw?redir-setuniq=1&ext-param=AXcoOmSlqFB34o6i4eaBmkUNHYrvLaDBFUr3FzfVlKQPNmzU88marb_ty56m4D16Q7ffcnZDqdY66qRTJyaU3WsYFR_JhH_m3b7e7AZS_w&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIX_TMjH39HAn0u_WZ21bbw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 559
  • https://id5-sync.com/i/747/8.gif?id5id=ID5*SzJz-AD3OuZjBKwaKaiuZbOH50p-8Hyq-pBCGU-K_4J0fqOd96cnjxngBI71nBy9dICwhNkIyIx8HlM6-Lc8gQ&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/108/7/2.gif?puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/441/6/3.gif?puid=a_5e0b83fb-cf24-47f0-b533-3837161e5476&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/747/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/2/5/4.gif?puid=4516927009669048412&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=d4b4056c-9cff-4981-a11a-66e4858998e2&ttl=%%TTL%% HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=286186f0d3361ee2&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/822.gif?puid=AAAMUcUhaRKY9gNXPKHCAAAAAAA&expiration=1702458916&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/747/19/2/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/747/19/2/7.gif?puid=dd93b491a021a2eeb22b626d71ceeb73&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F821%2F1%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/747/821/1/8.gif?puid=dbf1cadb-5edc-4318-a629-a28e8c45b808&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/747/123/0/9.gif?puid=18c5d4f27b7-1c170000010e42e7&gdpr=0&gdpr_consent=
Request Chain 565
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-aTxQgapE2pwZHc6iykXBESTsQPzeFfacvGg-~A&gdpr=0
Request Chain 568
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/dd93b491a021a2eeb22b626d71ceeb73/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2967119334666753022/gdpr=0
Request Chain 569
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=482466288 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=482466288
Request Chain 570
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=cb6067db9fc87a7d5083523878a8d
Request Chain 571
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=4516927009669048412
Request Chain 576
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnatalie.mu%2F&domain=natalie.mu&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=OfTvyXxvQXlQdXVnUGJkeHE1bkFoS0s5ODFEdWw2OFkwZnA2emQzYlk3emVWVmZkRXE5OWFLUW9rT1I0ZStoQlZHMUZtN3MydjhrYkUvRzhKRmhQS3EvSnJtQlZ2VDhKR2dERk1RMllkZXJNdUZ1cWdqWU9nNHFWZnMrRjk3V3lXZlN4M2hnYm9sMEhYbmdqdFJnbTI4eGV5UW84ZmNPQ29rTFpDZHkyUm1IcmVySGZ3MHJNL29MbC9DSWtYMXAvdFRDaDlYdTNuRVdCVDJEQjJzbXAvVGZFdC96b1NlK244eE41TnFLc08vc3A4V2tzaWRCSlYrazZjQWlER2d3b3lCU2YxZ0xzMnhYakM5WEJWOGdoeCsyWXVqUT09fA&cppv=2
Request Chain 579
  • https://y.one.impact-ad.jp/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=yieldone&bsw=2e04749e-02d1-4858-b05e-38700c1eb143 HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=yieldone HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=ZXgkoMCo5sIAAFGloKkAAAAA&expires=30&ssp=yieldone HTTP 302
  • https://y.one.impact-ad.jp/cs?d=105&uid=deb4a55c-e31c-48b8-9a77-a26b028432e9&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid= HTTP 302
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Request Chain 583
  • https://ap.lijit.com/beacon?informer=13442524 HTTP 301
  • https://ce.lijit.com/beacon?informer=13442524
Request Chain 586
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
Request Chain 590
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
Request Chain 591
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
Request Chain 592
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2967119334666753022&gdpr=0&gdpr_consent=
Request Chain 593
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8160195145739520768&gdpr=0&gdpr_consent=
Request Chain 595
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=846ce890-6c16-4f21-ae94-73d64e00542d&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 597
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 598
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 599
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 600
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
Request Chain 602
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3525346139899595283261?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
Request Chain 603
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3525346139899595283261&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 604
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 605
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 611
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 612
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 613
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 614
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
Request Chain 616
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3525346139899595283261?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
Request Chain 617
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3525346139899595283261&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 618
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 619
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 624
  • https://ds.uncn.jp/pm/0/sync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_95095d4b-e57a-4f3b-897b-ac78678f6a15
Request Chain 625
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4516927009669048412&gdpr=0&gdpr_consent=
Request Chain 626
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iz43g48_YYqQbzWK2Got34oyMtmQMzTfjzww5Nkd
Request Chain 627
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 630
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
Request Chain 632
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k_lz2QNE2uXAN9Vgkn2bWSwbt_LJZjE-~A&gdpr=0
Request Chain 633
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6265997732731674459
Request Chain 638
  • https://x.bidswitch.net/sync?ssp=uliza&dsp_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=uliza&bsw_param=deb4a55c-e31c-48b8-9a77-a26b028432e9&google_hm=ZGViNGE1NWMtZTMxYy00OGI4LTlhNzctYTI2YjAyODQzMmU5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFDUNiH09M_REhmhan5aAlQ&google_cver=1&ssp=uliza&bsw_param=deb4a55c-e31c-48b8-9a77-a26b028432e9 HTTP 302
  • https://api.relaido.jp/tr/v1/sync/bsw?dsp_uuid=deb4a55c-e31c-48b8-9a77-a26b028432e9 HTTP 302
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=4&dsp_uuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&cb=1702372516
Request Chain 640
  • https://um.simpli.fi/lj_match?r=1702372516001&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EA1DE816A79C4D878295157B03978D9B
Request Chain 641
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
Request Chain 642
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=LCFDTiggFUc3cEFHf3VZEi0tRhQ3LEASKCO2kqWn
Request Chain 643
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=4516927009669048412&gdpr=0&gdpr_consent=
Request Chain 644
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?3pid=AAIJfk7K8EkAABSLrjEArA&pid=85&gdpr=0
Request Chain 645
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHp0TERCWkhRejBLMkF6dVFqcWFodHkt&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 646
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHp0TERCWkhRejBLMkF6dVFqcWFodHkt&gdpr=0
Request Chain 647
  • https://ums.acuityplatform.com/tum?umid=27&uid=HztLDBZHQz0K2AzuQjqahty-&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=863785065819
Request Chain 648
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=0jy9Wht71a08&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 649
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=657824A2AA76662B39D3A7BBBLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=657824A2AA76662B39D3A7BBBLIS&gdpr=0&gdpr_consent=
Request Chain 650
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]
Request Chain 651
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763&gdpr=0
Request Chain 652
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU346eec17d8e847ccafb8af1e8ebaad0a&gdpr=0&gdpr_consent=&pid=103
Request Chain 653
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LQ24N1B4-1M-L763&gdpr=0
Request Chain 655
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=deb4a55c-e31c-48b8-9a77-a26b028432e9 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=deb4a55c-e31c-48b8-9a77-a26b028432e9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8729bdbc-3865-4ff7-bb29-c7a51347fd94&user_group=1&ssp=fmx&bsw_param=deb4a55c-e31c-48b8-9a77-a26b028432e9 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 657
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 658
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.80%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=1711699259 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.80/4516927009669048412?zcc=0&sspret=1&rndcb=1711699259 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Request Chain 659
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=6437d8c5-14bd-44aa-ab6d-d4f1662ac0d2
Request Chain 660
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HztLDBZHQz0K2AzuQjqahty-&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:357fa7cead1bff79439d1d0134b2770e
Request Chain 665
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 666
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Drkt%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3453741131267202000V10&type=rkt&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=2020216292188257118
Request Chain 668
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=son&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=son&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=712386f5-74ea-42e4-b391-8fd67d37ec37
Request Chain 670
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Dr1%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2057.4%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=43935408 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2057.4/4516927009669048412?zcc=0&sspret=1&rndcb=43935408
Request Chain 671
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ1Mzc0MTEzMTI2NzIwMjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEv051ZkZFk9OsSfKr94dgw&google_cver=1
Request Chain 672
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=dxu&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=3jJMqARC1RcYRe5
Request Chain 673
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 674
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=medianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=151&user_id=897b0308-2811-4258-afd7-61ff7b617d44&expires=30&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 675
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=ZtkuDwr7_u5OKJBvO_Iw
Request Chain 676
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3453741131267202000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3453741131267202000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=d54a22ef-c1be-4dae-b378-0542b482a31c&cs=1
Request Chain 677
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=d4b4056c-9cff-4981-a11a-66e4858998e2
Request Chain 679
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 680
  • https://match.adsrvr.org/track/cmf/openx?oxid=6a6c1436-f710-7756-f520-f6e1d1e1b54b&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=6a6c1436-f710-7756-f520-f6e1d1e1b54b&gdpr=0&gdpr_consent=
Request Chain 681
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgkoMCo5sIAAFGloKkAAAAA
Request Chain 682
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5haoZ3IfCpks8AED41tMcJps8AAAGMXU8hsg
Request Chain 684
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELWxRXz71_uX0MqdY2N2hvs&google_cver=1
Request Chain 694
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=dccdcbbd5ce84b9fa9313346f956eced
Request Chain 697
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA&gdpr=0&gdpr_consent=
Request Chain 698
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TqVyQUdcDS6trgAVpCR4ZQ
Request Chain 699
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1bb353766cc24a6185e703da49aa6ec3
Request Chain 700
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 701
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SuIv1Q8V1RcYRe5&gdpr=0&gdpr_consent=
Request Chain 703
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 708
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292188257118
Request Chain 709
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EA1DE816A79C4D878295157B03978D9B&gdpr=0&gdpr_consent=
Request Chain 711
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=299ef215d51621d3&is_secure=true&networkId=17100&version=1&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBFIlXbaE1AM4aJcnAAAAAAA&expiration=1702458916&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 715
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LQ24N1B4-1M-L763 HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQ24N1B4-1M-L763
Request Chain 716
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=HztLDBZHQz0K2AzuQjqahty-
Request Chain 717
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=4516927009669048412&gdpr=0&gdpr_consent=
Request Chain 718
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=8160195145739520768
Request Chain 719
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&euconsent=&domain=sync.richaudience.com
Request Chain 739
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453 HTTP 302
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519
Request Chain 743
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453 HTTP 302
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519

749 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
natalie.mu/
Redirect Chain
  • http://natalie.mu/
  • https://natalie.mu/
152 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.81.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-81-56.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b63ff642c0e211c556cd8f01e89a2041a159db3d28f9ddaf739f562b1c9bc2a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
https://natalie.mu
age
241
cache-control
max-age=600, must-revalidate, public
content-encoding
gzip
content-length
29527
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:11 GMT
vary
Accept-Encoding
x-cache
hit

Redirect headers

Age
242
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 12 Dec 2023 09:15:11 GMT
Location
https://natalie.mu/
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Cache
hit
X-Frame-Options
SAMEORIGIN
home-v1702370989.css
natalie.mu/asset/common/polar/desktop/css/ 		95 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://natalie.mu/asset/common/polar/desktop/css/home-v1702370989.css
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.81.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-81-56.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
02bf5b462eae979ef60c44897dfb7cab9b05a8a1946e52499a6c1f35d3ede7c3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
gzip
last-modified
Tue, 12 Dec 2023 08:49:49 GMT
age
1272
etag
W/"65781ead-17b20"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
20334
expires
Wed, 11 Dec 2024 08:53:58 GMT
natalie.min.js
flux-cdn.com/client/natasha/ 		755 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flux-cdn.com/client/natasha/natalie.min.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.160.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-160-61.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa208aed83e650e742d48599b2ac8f9a1ad92afc7a456df4d1d2c382fd79e6f7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
leCMesEcico1LBhnBdaTUe40UFDjcQDE
content-encoding
br
via
1.1 792d1dfcd0e864258cddb08b00eca5d8.cloudfront.net (CloudFront)
date
Tue, 12 Dec 2023 09:08:10 GMT
last-modified
Tue, 05 Dec 2023 09:58:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C3
age
427
x-amz-server-side-encryption
AES256
etag
W/"bd1afc106a455ba516b7b0b61a974ca5"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=900
x-amz-cf-id
Tc1NcSzpU8KGn0jlFnMNo63-3cbL2BAfB8jRwT7RGRcfzZNHYHGZIQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99bc3c39ee74dbb17de93134f6f8746455c9e77d7f0cac50e9fec8dfc5c9c460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29482
x-xss-protection
0
server
cafe
etag
754 / 19703 / m202312050101 / config-hash: 11999804698944333348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:15:11 GMT
S_koibaku_kv_logo_c.jpg
ogre.natalie.mu/media/news/stage/2023/1212/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/stage/2023/1212/S_koibaku_kv_logo_c.jpg?impolicy=thumb_fit&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
621dfc59a9a0fe232f505a81cfffe4ca458cc2adf327b1921f0dd3c08927cb9b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 09:00:17 GMT
X-Serial
925
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"07aa9c1b5e7bb5ccb996e32b2f2f77cb"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
19424
Expires
Tue, 12 Dec 2023 21:15:11 GMT
column_header_marumarunohanashi.jpg
ogre.natalie.mu/media/news/eiga/2023/1208/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/eiga/2023/1208/column_header_marumarunohanashi.jpg?impolicy=thumb_fit&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8a09d7c0a9427f00ff8107d5c9c7177990e8dccb432944115455ddb901ac8eb7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 08:00:16 GMT
Server
Akamai Image Manager
ETag
"bc6fda51bb83bbc3030ae4795ec5b433"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
22946
Expires
Tue, 12 Dec 2023 21:15:11 GMT
DSC07225_03.jpg
ogre.natalie.mu/media/news/comic/2023/1212/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/comic/2023/1212/DSC07225_03.jpg?impolicy=thumb_fit&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2af16ca16652e29578cc192ecbaa5063290fdc830185fd76682752d50ebb64ff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 07:15:14 GMT
X-Serial
181
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"aef4b1feb89e16bddc890e840a376b49"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
17003
Expires
Tue, 12 Dec 2023 21:15:11 GMT
38fight03.jpg
ogre.natalie.mu/media/news/owarai/2023/1212/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/owarai/2023/1212/38fight03.jpg?impolicy=thumb_fit&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9d328f0c600851a44ab661eade2bec8ae832f86f982d8791ddbfac6df95c2fb0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 03:18:28 GMT
X-Serial
1396
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"d022c46fc6eeee86aec808a9c13801ce"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
27189
Expires
Tue, 12 Dec 2023 21:15:11 GMT
higedan_newszero.jpg
ogre.natalie.mu/media/news/music/2023/1212/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/music/2023/1212/higedan_newszero.jpg?impolicy=thumb_fill&cropPlace=Center&width=400&height=400
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3ed102f108bf43aed4c91e92deab9af336b79aaab14a455de5a418bb9594a2ec

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 03:00:12 GMT
X-Serial
1735
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"537611cce28c3be4d244980f90f46628"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
17766
Expires
Tue, 12 Dec 2023 21:15:11 GMT
kawagoeboyssing05_thumbnail.jpg
ogre.natalie.mu/media/pp/kawagoeboyssing05/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kawagoeboyssing05/kawagoeboyssing05_thumbnail.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f10a983f7aa9131bf54814657b896c9fd5b0b56e2ad8fae1e5f6e68d3b9533a8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 05 Dec 2023 08:44:19 GMT
X-Serial
1555
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"61b67e6a81f59b13d33f9d3f227ebf96"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
13574
Expires
Tue, 12 Dec 2023 21:15:11 GMT
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/comic/kawagoeboyssing_index/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/comic/kawagoeboyssing_index/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7d13e9d20d69b624a713457bb9f9fb74d7176f0f75191ef5145a7291315beb6a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Wed, 04 Oct 2023 11:00:11 GMT
Server
Akamai Image Manager
ETag
"200b52810d8bd48cd216d70e19efb669"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
7370
Expires
Tue, 12 Dec 2023 21:15:11 GMT
micloverfes_x.jpg
ogre.natalie.mu/media/pp/micloverfes/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/micloverfes/micloverfes_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4669d5a09b42cc50c009cac5d36169e9a576a879a64088d9a0c25f94b6054482

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Wed, 06 Dec 2023 06:22:53 GMT
Server
Akamai Image Manager
ETag
"87eed6b32cd9e741744b6ab30d1b9a92"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
16797
Expires
Tue, 12 Dec 2023 21:15:11 GMT
newyearrockfestival04_thumb_inbox_1920_1.jpg
ogre.natalie.mu/media/pp/newyearrockfestival04/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/newyearrockfestival04/newyearrockfestival04_thumb_inbox_1920_1.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6ec7a097a7192b83469b512ada325583555ce152f380de11e46d42dc4ed1e6e9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Wed, 06 Dec 2023 01:44:13 GMT
Server
Akamai Image Manager
ETag
"f3c61756c68b1596a79a2528b8c8f725"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
20369
Expires
Tue, 12 Dec 2023 21:15:11 GMT
btn_appstore.png
ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/btn_appstore.png
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2f866ee63cfae613128f652f897fb09b3ba8c36f6e6d74557f30afcd3ccc8b97

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Wed, 16 Aug 2023 01:46:12 GMT
X-Serial
1047
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"aaad3ccd75264a2f3423f49c4e98a8ce"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
5143
Expires
Tue, 12 Dec 2023 21:15:11 GMT
btn_googleplay.png
ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/asset/natalie/common/polar/mobile/image/common/btn_googleplay.png
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
671bf97817ffbfa377d13363e433de6cbcdf24c7e37ded61d8f4824e6e122f3e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Wed, 16 Aug 2023 01:58:48 GMT
Server
Akamai Image Manager
ETag
"1799443fa0c45a873c847a590be178d0"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
5625
Expires
Tue, 12 Dec 2023 21:15:11 GMT
scripts.js
ogre.natalie.mu/asset/natalie/common/polar/desktop/js/ 		239 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ogre.natalie.mu/asset/natalie/common/polar/desktop/js/scripts.js?v=1702370989
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0517be2e55df99767c225ddbe836fc534d8255e172046cd92da0e79cbc6ead5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Oct 2023 01:53:01 GMT
Server
AmazonS3
x-amz-request-id
06BCHVQHN6RAAP8A
ETag
"08745a8e5897b1c4a5c4a8dfeab3ca6f"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
x-amz-id-2
EVcss0qfU7PKkJMkgYXkPl7nqpYYSBM6EQnBoM511/e5R/WmR8B+fwzTajwmn53ZF1h0C46C7QqAB/QocYA+Ig==
Expires
Wed, 11 Dec 2024 09:15:11 GMT
gtm.js
www.googletagmanager.com/ 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F3HP
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99ab13ce0b9cb21179630175272772f1fe7c92f605e81549d467d9f8b6135f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78145
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 09:15:11 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:53:19 GMT
content-encoding
gzip
via
1.1 19a2966fa6adfdd9ae92e7155d32701e.cloudfront.net (CloudFront), 1.1 3f3fb708ebdc38166393802d73c4aee6.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C4, NRT57-P4
age
1313
etag
W/"ccfaf15c322e197d2e6d0d6bd5642adc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
w0zxhlxp39ts09E5JHIO_UBAVCUjN1CQiiWkkFagpI5_OCZXlYjw0Q==
AGSKWxXGB490MowzRTw2OYzMq8iFUtAn24PL7ogoD7CH0Mh70xmCsrt8RvIUVgwHJvoYEyYt8ZILKUcU4GHn_g1FSsg=
fundingchoicesmessages.google.com/f/ 		181 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXGB490MowzRTw2OYzMq8iFUtAn24PL7ogoD7CH0Mh70xmCsrt8RvIUVgwHJvoYEyYt8ZILKUcU4GHn_g1FSsg=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9efc6c4aab7e628119f8546d2e40d3eaa493ebc5e5d3400ab6b5369af3204c25
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zisZOZy9-hJRG0_HONqiRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-zisZOZy9-hJRG0_HONqiRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
custom_icon.png
natalie.mu/asset/common/polar/desktop/image/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://natalie.mu/asset/common/polar/desktop/image/common/custom_icon.png?v20230801
Requested by
Host: natalie.mu
URL: https://natalie.mu/asset/common/polar/desktop/css/home-v1702370989.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.81.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-81-56.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
122ab4c35f77496004124ffef2a86971276920136dba4e7e12302b3a9c66c640

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/asset/common/polar/desktop/css/home-v1702370989.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
last-modified
Thu, 02 Nov 2023 10:34:20 GMT
age
3450988
etag
"65437b2c-8da"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
2266
expires
Fri, 01 Nov 2024 10:38:42 GMT
header.png
natalie.mu/asset/common/polar/desktop/image/home/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://natalie.mu/asset/common/polar/desktop/image/home/header.png?v20230801
Requested by
Host: natalie.mu
URL: https://natalie.mu/asset/common/polar/desktop/css/home-v1702370989.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.81.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-81-56.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4ceccebc9a84ac6bd5dd8db1b6ae99496c939343d6236e77d698467ba411c157

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/asset/common/polar/desktop/css/home-v1702370989.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
last-modified
Thu, 02 Nov 2023 10:34:20 GMT
age
3450974
etag
"65437b2c-1648"
x-cache
hit
content-type
image/png
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
5704
expires
Fri, 01 Nov 2024 10:38:56 GMT
NataIcon.woff
natalie.mu/asset/common/polar/desktop/font/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://natalie.mu/asset/common/polar/desktop/font/NataIcon.woff?v20230801
Requested by
Host: natalie.mu
URL: https://natalie.mu/asset/common/polar/desktop/css/home-v1702370989.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.81.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-81-56.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
252291b67c643c0c847e52b81a296dbb93c31096073b4c5ce43dc69e664443e9

Request headers

Referer
https://natalie.mu/asset/common/polar/desktop/css/home-v1702370989.css
Origin
https://natalie.mu
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
last-modified
Thu, 02 Nov 2023 10:34:20 GMT
age
3450976
etag
"65437b2c-18c0"
x-cache
hit
content-type
application/font-woff
cache-control
max-age=31536000, must-revalidate, public
accept-ranges
bytes
content-length
6336
expires
Fri, 01 Nov 2024 10:38:55 GMT
prebid
yield-manager.browsiprod.com/ 		89 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/prebid?sk=natalie&sw=1600&sh=1200&url=https%3A%2F%2Fnatalie.mu%2F&us=%7B%7D&at=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-109.nrt20.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
50a9e638fae4ea13bf2ef31f21be3a68078bceea5742c34ecb0879fecf417de0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
gzip
via
1.1 519e2bfef4c665bcf2d6bc3a374c5f82.cloudfront.net (CloudFront)
server
akka-http/10.2.1
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
x-amz-cf-id
xd94BaiNZaJNw-cUQGUOI9V_OCb_y-7vdG1NLQ_bAHEpYhTbrtWsgQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01c9ca897b40f739de756720a10f0d3af3059cfe9bd5f3a671c5c829983c29d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 09:15:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
18862
x-jsd-version
1.0.1901
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
847
x-served-by
cache-fra-eddf8230103-FRA, cache-nrt-rjtf7700037-NRT
x-jsd-version-type
version
etag
W/"63e-KGo5JCh4sdO/bULDY0aMGDCmNbg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
3673
config.aps.amazon-adsystem.com/configs/ 		714 B
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3673
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-6.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
0a0c4ac33ec939332c3b5f9d140b022e12b6560f69c2aa5cb9895a73abed9ea1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:43:43 GMT
via
1.1 d8e9b6af48fa5d844b0f68fc85959592.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT12-C5
age
1888
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
714
x-amz-cf-id
Lv2sFRqe8fRjk3GqS9k8_R0w_JrPCfAq8owJIYTvW9Jop-vtwxXOIA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3673&u=https%3A%2F%2Fnatalie.mu
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:09:31 GMT
via
1.1 3f3fb708ebdc38166393802d73c4aee6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT57-P4
age
18339
x-cache
Hit from cloudfront
access-control-allow-origin
https://natalie.mu
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
64jlgPD-qPJzA7VZ6eW4cIp49h6JkBH7m3RD4kqx4ufLRGyllLbpSQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		157 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3673&u=https%3A%2F%2Fnatalie.mu%2F&pid=6E0anGpk7E8Js&cb=0&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1000000000002-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F4581080%2Fportal_big%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1000000000003-0%22%2C%22s%22%3A%5B%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F4581080%2Fportal_top%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.51.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-51-32.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
a43544169c4b4a17e54db329bcc42a2f331dd5d20000baaaee5b00fa6ea2cfbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
via
1.1 18855c649fddbff6203c46f792687008.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
timing-allow-origin
*
content-length
157
x-amz-cf-id
NSO18n5nfwJ5CzSnMYx265iMb91vmMKWvagkUWWh11xgZ8FoGQ9Ryw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.221.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-221-214.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 f9832575e3821f4db473b935967c7aaa.cloudfront.net (CloudFront)
date
Tue, 12 Dec 2023 08:46:41 GMT
x-amz-cf-pop
NRT57-P4
age
1711
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
cNIQ4ibv94SQ2QtiFP1ufyTwPlNtSJH8sOoWcgCHlkqFuFtiopP_QQ==
V1_01.jpg
ogre.natalie.mu/media/news/owarai/2023/1212/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/owarai/2023/1212/V1_01.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
68dbb5a085036cb737af1f0703ecbd6ced9e1c57548b1cbe493a322d5e5c51a2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 08:28:23 GMT
X-Serial
279
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"ab33e87717450ac15f8fdecb0c189921"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6471
Expires
Tue, 12 Dec 2023 21:15:11 GMT
ishiinorihito_1.jpg
ogre.natalie.mu/media/news/stage/2023/1212/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/stage/2023/1212/ishiinorihito_1.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
bd2dc5ff73a31b79f87af80cf00e31726f87c8a618d246432e9d047751f600ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 08:04:36 GMT
X-Serial
476
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"514b7aead3cb67dad8ad7e1247800f3a"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
3946
Expires
Tue, 12 Dec 2023 21:15:11 GMT
sby_ransel_mini-shikishi_3w_rio_SAMPLE.jpg
ogre.natalie.mu/media/news/comic/2023/1212/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/comic/2023/1212/sby_ransel_mini-shikishi_3w_rio_SAMPLE.jpg?impolicy=thumb_fill&cropPlace=Center&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
928e8002ce449d8c16b32bfd20f0a9d71c95f3e8e5a9b316d23a445bb855bd87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Tue, 12 Dec 2023 09:05:13 GMT
X-Serial
623
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"652fe7a11144d550e0638e4aadebac8b"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
7564
Expires
Tue, 12 Dec 2023 21:15:11 GMT
ojamajo53.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/ojamajo53.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.42 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-42.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bf4996210079bb5133ad4ce79665dd9c3ac032746933b0d953ef4447bdb6a003

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Mon, 04 Dec 2023 10:20:25 GMT
Server
Akamai Image Manager
ETag
"656da6f4-a774"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
9500
Expires
Tue, 12 Dec 2023 21:15:11 GMT
K2.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/K2.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.42 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-42.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a77bc860ac98528e1181e8157fe9558e614c96fb4d4c88e4ae6e6b9998498d44

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Mon, 04 Dec 2023 10:20:27 GMT
Server
Akamai Image Manager
ETag
"656da6f4-63ab"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
4393
Expires
Tue, 12 Dec 2023 21:15:11 GMT
1_000000004744.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/1_000000004744.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.42 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-42.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
570cfc7c7a4d40636f8e016e1dd9771b906d843323f8181aca1c516c6a80ae56

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Mon, 27 Nov 2023 09:19:08 GMT
Server
Akamai Image Manager
ETag
"65645ea3-ae82"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
7872
Expires
Tue, 12 Dec 2023 21:15:11 GMT
10_000000004659.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/10_000000004659.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.42 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-42.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e9918fd5d45b0a2da38d234ac4abaf55f87e69fc22a1a009026a7b824a8bf72a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:11 GMT
Last-Modified
Mon, 27 Nov 2023 09:19:18 GMT
Server
Akamai Image Manager
ETag
"65645ea4-cc58"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
10847
Expires
Tue, 12 Dec 2023 21:15:11 GMT
AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-plshihG2aGa8B0SQv9q7KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-plshihG2aGa8B0SQv9q7KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://natalie.mu
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWWH11cmjX6987KlYE0s-PuicfEnxkwxrsGJNIQvziVDUWTOA8PWithvRikK_vEMeRLOJXbefWBHljwitKKiRIfDp2g7RFRM37V2_iLk42WMZORc0Nf669HedRJUjL6NFEGGcTUZg==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWWH11cmjX6987KlYE0s-PuicfEnxkwxrsGJNIQvziVDUWTOA8PWithvRikK_vEMeRLOJXbefWBHljwitKKiRIfDp2g7RFRM37V2_iLk42WMZORc0Nf669HedRJUjL6NFEGGcTUZg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzcyNTExLDg5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uYXRhbGllLm11LyIsbnVsbCxbWzgsIjhwY2hkVWpMUUw4Il0sWzksImVuLVVTIl0sWzcsIjEwIl0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95f490ff459cbab53a6b40cf2c8e030c3541e8e88315bf8131257f0a4a087682
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QBxGvv8B4OiP3y4unC2IsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QBxGvv8B4OiP3y4unC2IsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-5389873fd6a61cca36a693b15d3670af-e98957625dd69e1f-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
5389873fd6a61cca36a693b15d3670af/16828077562639326751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
34004
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138171
x-xss-protection
0
server
cafe
etag
7807444821274263820
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Dec 2024 23:48:27 GMT
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-70.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
w6Ha68pJacUnuHVEsK5t0V6hDTkI3luf
content-encoding
br
via
1.1 25caeecf79d1babf9c1aeb8ae41d4e36.cloudfront.net (CloudFront)
date
Tue, 12 Dec 2023 08:41:43 GMT
last-modified
Mon, 11 Dec 2023 09:04:28 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C1
age
2010
x-amz-server-side-encryption
AES256
etag
W/"a5c7623fd48021f30f35d232712086d5"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=3600
x-amz-cf-id
XV4QvHquEzxnwq2KfUxfKUInJ-9HL3dH2CKqnmps-nPZywR6lGeoZA==
js
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y7LQ4S8GZR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F3HP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8bf87dd7b1f90a1604cd94a6958d82af26456e2c6330c93a707c85ab6228f12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86253
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 09:15:11 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQ3F3HP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 08:51:39 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1412
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 10:51:39 GMT
9fboejhehh
www.clarity.ms/tag/ 		649 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/9fboejhehh
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
649e11b52d50a771f04cda5605548ea7d3b7bc92c656e2807a282ff1ca1c30bb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
date
Tue, 12 Dec 2023 09:15:12 GMT
x-azure-ref
0oCR4ZQAAAADOX3g9kwPoSoAvA3KLXWCwVFlPMDFFREdFMjMwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
649
expires
-1
bi.js
cs.nakanohito.jp/b3/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs.nakanohito.jp/b3/bi.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.114.55.135 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
203x114x55x135.ap203.ftth.arteria-hikari.net
Software
nginx /
Resource Hash
14315698ffedf4372a716c3d6e5d68a7da0695362fde2650b12f78b464d93636

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 08:03:54 GMT
Server
nginx
ETag
W/"654c926a-db5e"
Transfer-Encoding
chunked
Content-Type
application/javascript
P3P
policyref="http://b.nakanohito.jp/w3c/p3p.xml", CP="NOI DSP COR ADM DEV PSA OUR IND UNI COM NAV INT STA"
Cache-Control
max-age=10800
Connection
close
Cache_Control
public
Expires
Tue, 12 Dec 2023 12:15:12 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1323098147&t=pageview&_s=1&dl=https%3A%2F%2Fnatalie.mu%2F&ul=en-us&de=UTF-8&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=651390297&gjid=1205174367&cid=460445772.1702372512&tid=UA-45927307-1&_gid=1142652488.1702372512&_r=1&_slc=1&gtm=45He3bt0n81KQ3F3HPv76256838&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&z=1692499677
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1323098147&t=pageview&_s=1&dl=https%3A%2F%2Fnatalie.mu%2F&ul=en-us&de=UTF-8&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1368909573&gjid=1024281601&cid=460445772.1702372512&tid=UA-45927307-2&_gid=1142652488.1702372512&_r=1&_slc=1&gtm=45He3bt0n81KQ3F3HPv76256838&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&z=645954850
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1323098147&t=pageview&_s=1&dl=https%3A%2F%2Fnatalie.mu%2F&ul=en-us&de=UTF-8&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=2070314368&gjid=517383391&cid=460445772.1702372512&tid=UA-45927307-15&_gid=1142652488.1702372512&_r=1&_slc=1&gtm=45He3bt0n81KQ3F3HPv76256838&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&z=271482680
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=38&pc=2582374728366616&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
9
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
Server
cloudflare
ETag
W/"922cffdd75f7192f75231d92684885aa"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEBuKlxp66In69%2FqjAqAzHweURUzsouErLxhnfkYsScrz%2BQNJhMJSiTL3cQpAd5LYvXS6vfLVOYg4EBEVCcSSoVwBhCvOfh1MiVjGtRcXtUWlM7sF2DW%2BksntQB061X5zO9QhmymNGDL05Lv"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=1800
CF-RAY
8344dc8838353c09-NRT
Expires
Tue, 12 Dec 2023 09:45:12 GMT
4581080
fundingchoicesmessages.google.com/i/ 		181 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/4581080?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c19b142ffa1ff2967e598b724045f1f8ef45122f8e51928b18823859d880793
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qJ096jkkmvmJ8SY63EL12A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-qJ096jkkmvmJ8SY63EL12A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_big&tagId=37154%3A1000254608&groupId=1000157048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.188.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-188-160.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:12 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_top&tagId=37154%3A1000254612&groupId=1000157048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.188.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-188-160.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:12 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://natalie.mu
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 09:15:12 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://natalie.mu
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 09:15:12 GMT
prebid
pb.ladsp.com/adrequest/ 		91 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.91.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-91-241.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
prebid
pb.ladsp.com/adrequest/ 		91 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.91.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-91-241.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
8cf335945fe47ad3deb2b81e851f842093439b785e19a035cea8d0014b0beeb3

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
b3700588dfae9c8ffb70522eb10b1875c4c1dd68dd759d114ffc7aef1bc7afba

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
4b06ba793e69ef11e207e963ee51df9a2e302b986d4dae7a799ecabdc0a1c317

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.101 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 12 Dec 2023 09:15:12 GMT
translator
hbopenbid.pubmatic.com/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=31134217599&lsavail=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=566500
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315e30de3d6c5382367fb5dd29da6533868c12a5d391cf25dd5da6902657367a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38nmNdtSb5jje0jTc64o9TbMZ8jPh8Q5MyC6dxBqlWJX%2BmemJLGmxVjqxoV%2BnLybzi2QEAjRUvixh%2Fy6RgS2pNgbreTj%2FeUTKb9qekn8sqgcGqyNnJT67g8ZynMi7dlcsyEAfOm5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8344dc8899e3afac-NRT
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=9jevnBLmR&skt=5&tid=26438cb7-522f-46f9-ad36-6287ca30099c&prebid_id=192068ff1a42f5f&prebid_ver=8.6.0&page_url=https%3A%2F%2Fnatalie.mu%2F&ad_format_ids=4&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-69.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69dddb16195636c0d79d55ed3431cbb4.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-P1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
f_b53p28qaWcZnEgndkvozXF27KnI7fvFej4j-auG5nAeFY0v4pD5A==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=ItCYZfYmR&skt=5&tid=4382396b-9db2-467e-8e99-8c836b3825d8&prebid_id=205dd9e17026278&prebid_ver=8.6.0&page_url=https%3A%2F%2Fnatalie.mu%2F&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-69.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69dddb16195636c0d79d55ed3431cbb4.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-P1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
T_d2y19kjjl1sLpGyU8_LPBkSue4P8KKydjtJiJhfmql97WU3Id9gw==
expires
Thu, 01 Jan 1970 09:00:00 GMT
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=74360&sdktype=0&hb=true&t=json3&transactionid=26438cb7-522f-46f9-ad36-6287ca30099c&sizes=728x90&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_big&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.120.53.201 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
7898f719b509f17f1855831725ea5c69f53ea3d651e04497b9dbb1ccb1452f5a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=74360&sdktype=0&hb=true&t=json3&transactionid=26438cb7-522f-46f9-ad36-6287ca30099c&sizes=728x90&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_big&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.160","key":"ZXgkoMCo5sIAAFGloKkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40125"}
X-SO-Key
ZXgkoMCo5sIAAFGloKkAAAAA
X-SO-Upstream-ID
a-ad40125
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40125.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
1100
X-SO-IP
146.70.201.160
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
30
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
v1
d.socdm.com/adsv/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=74359&sdktype=0&hb=true&t=json3&transactionid=4382396b-9db2-467e-8e99-8c836b3825d8&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.120.53.201 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
fb5872cd33d6e477aac9a28f118abe689fbfdfd114a735671e7bd0e3900cc282

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=74359&sdktype=0&hb=true&t=json3&transactionid=4382396b-9db2-467e-8e99-8c836b3825d8&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.160","key":"ZXgkoMCo5tEAAK98.XMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad179"}
X-SO-Key
ZXgkoMCo5tEAAK98.XMAAAAA
X-SO-Upstream-ID
m-ad179
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad179.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
1094
X-SO-IP
146.70.201.160
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
10
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
auction
tlx.3lift.com/header/ 		19 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fnatalie.mu%2F&tmax=2000
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.251.173.5 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-173-5.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
accept-ch
sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7c0932b9b780efd436550e9f7b6ee16c3686283bcd15f7237f06c62ce062a981
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
an-x-request-uuid
b3132024-fd82-4a99-a345-f93848a8670e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
d.socdm.com/adsv/ 		1017 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adsv/v1?posall=SSPLOC&id=55792&sdktype=0&hb=true&t=json3&transactionid=4382396b-9db2-467e-8e99-8c836b3825d8&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.120.53.201 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
4662833a34e8c61914e075960e94213f643d85f821d49bb03064eddf152e5465

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/adsv\/v1?posall=SSPLOC&id=55792&sdktype=0&hb=true&t=json3&transactionid=4382396b-9db2-467e-8e99-8c836b3825d8&sizes=300x250%2C1x1&currency=JPY&pbver=8.6.0&sdkname=prebidjs&adapterver=1.6.1&gpid=%2F4581080%2Fportal_top&uach=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&imark=1&tp=https%3A%2F%2Fnatalie.mu%2F","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.160","key":"ZXgkoMCo5s8AADDXHawAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad335"}
X-SO-Key
ZXgkoMCo5s8AADDXHawAAAAA
X-SO-Upstream-ID
m-ad335
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad335.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
1017
X-SO-IP
146.70.201.160
X-SO-Cluster-ID
0
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
private
Access-Control-Allow-Credentials
true
X-SO-Ads-Time
6
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
prebidjs
rtb.openx.net/openrtbb/ 		53 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
70d36663b946a5388af90383965c828c6d2eecbd5b86a8d13125a9f650a1995e

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
6d99b2f0f98279a5132a90d93be77fdcc22df7b7b4d1e19d5dfb7d3d94d0cfc2

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
sprebid
api.relaido.jp/bid/v1/ 		235 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.relaido.jp/bid/v1/sprebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.149.102.34.bc.googleusercontent.com
Software
/
Resource Hash
3ed69183ab5245ea31f4e2e6a670db833c3f7649179d3d00f638508e63a55e5f

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDH8PEK
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
4e53e61e1f45332774aeaefcf657a45c219dbf353f7d38439e90fd3ff22ec562

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
112
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 09:15:12 GMT
/
shb.richaudience.com/hb/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
server
nginx/1.14.1
access-control-max-age
86400
/
shb.richaudience.com/hb/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
server
nginx/1.14.1
access-control-max-age
86400
imp
g2.gumgum.com/hbid/ 		2 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1702372512095&to=-540&aun=div-gpt-ad-1000000000002-0&pubcid=72fc065f-9d94-422d-ba63-87d16a0b22aa&gpid=%2F4581080%2Fportal_big&maxw=728&maxh=90&si=235527&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnatalie.mu%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.6.0%22%7D&ogu=https%3A%2F%2Fnatalie.mu&ns=10240
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.217.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-217-108.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1702372512096&to=-540&aun=div-gpt-ad-1000000000003-0&pubcid=72fc065f-9d94-422d-ba63-87d16a0b22aa&gpid=%2F4581080%2Fportal_top&maxw=300&maxh=250&si=235528&pi=3&bf=300x250%2C1x1&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnatalie.mu%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.6.0%22%7D&ogu=https%3A%2F%2Fnatalie.mu&ns=10240
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.217.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-217-108.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
prebid
hb.adingo.jp/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_big&tagId=37154%3A1000254608&groupId=1000157048
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.188.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-188-160.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-app
prebid/fluctBidAdapter
Referer
https://natalie.mu/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
x-fluct-version
1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-expose-headers
x-openrtb-version
access-control-allow-credentials
true
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
prebid
hb.adingo.jp/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F4581080%2Fportal_top&tagId=37154%3A1000254612&groupId=1000157048
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.188.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-188-160.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-app
prebid/fluctBidAdapter
Referer
https://natalie.mu/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
x-fluct-version
1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-expose-headers
x-openrtb-version
access-control-allow-credentials
true
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab554bf5d4abe9408a3d6d8101c69a62e720da269e8fcf7b039bb72e25c71ad

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-sc-11708-a-gcp-tyo
date
Tue, 12 Dec 2023 09:15:12 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_, Validating the Prebid Request adunits. Invalid placement: _err_quota_
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8344dc88bb79dfe1-NRT
expires
0
prebid
s-rtb-pb.send.microad.jp/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=6ade661f795cd101b9cd46de4d19272e&url=https%3A%2F%2Fnatalie.mu%2F&referrer=null&bid_id=58d017d25555801&transaction_id=26438cb7-522f-46f9-ad36-6287ca30099c&media_types=1&cbt=c85deca6e8f9c8018c5d4f1166&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%7D%5D
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
84c8a0084caa6f333311fffdf06db3ce6c67256facb27db8c81bf4133a2730a4
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://natalie.mu
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
prebid
s-rtb-pb.send.microad.jp/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=7870280f220bfe542151cb4bc131aa50&url=https%3A%2F%2Fnatalie.mu%2F&referrer=null&bid_id=59708e451a4b9cf&transaction_id=4382396b-9db2-467e-8e99-8c836b3825d8&media_types=5&cbt=3453447f9dd5d8018c5d4f1166&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%7D%5D
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
181a30de2bb4863c9992ee98505c1c41dd940d2008f7575b8f0a0895ca7a94f2
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://natalie.mu
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
unruly_prebid
targeting.unrulymedia.com/ 		11 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19434&site_id=228754&zone_id=1133212&size_id=2&eid_pubcid.org=72fc065f-9d94-422d-ba63-87d16a0b22aa%5E1&rf=https%3A%2F%2Fnatalie.mu%2F&tg_i.domain=natalie.mu&tg_i.page=https%3A%2F%2Fnatalie.mu%2F&tg_i.pbadslot=%2F4581080%2Fportal_big&tk_flint=pbjs_lite_v8.6.0&x_source.tid=4dfc92ca-1c77-4d21-af2a-e1a30c4bda07&l_pb_bid_id=64e7a3f4168ff25&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=26438cb7-522f-46f9-ad36-6287ca30099c&rp_maxbids=1&p_gpid=%2F4581080%2Fportal_big&slots=1&rand=0.9281057374506978
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ac2152b40898c64012af3792701b4c3fe524149ddf72519558e9a687ed1843ba

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
330
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19434&site_id=228754&zone_id=1133214&size_id=15&alt_size_ids=221&eid_pubcid.org=72fc065f-9d94-422d-ba63-87d16a0b22aa%5E1&rf=https%3A%2F%2Fnatalie.mu%2F&tg_i.domain=natalie.mu&tg_i.page=https%3A%2F%2Fnatalie.mu%2F&tg_i.pbadslot=%2F4581080%2Fportal_top&tk_flint=pbjs_lite_v8.6.0&x_source.tid=4dfc92ca-1c77-4d21-af2a-e1a30c4bda07&l_pb_bid_id=65b6aed8901f3c3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4382396b-9db2-467e-8e99-8c836b3825d8&rp_maxbids=1&p_gpid=%2F4581080%2Fportal_top&slots=1&rand=0.5270702052614324
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6c223fd9906253a79f4e8f45da18313f220a64c394c06475734c17fe601436c9

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
331
expires
Wed, 17 Sep 1975 21:32:10 GMT
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55616&cb=2495079351&r=https%3A%2F%2Fnatalie.mu%2F&uid=67da2f571bfc2e7&tid=26438cb7-522f-46f9-ad36-6287ca30099c&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&l...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=2495079351&r=https%3A%2F%2Fnatalie.mu%2F&uid=67da2f571bfc2e7&tid=26438cb7-522f-46f9-ad36-6287ca30099c&uc=div-gpt-ad-1000000000002-0&tmax=2000...
133 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=2495079351&r=https%3A%2F%2Fnatalie.mu%2F&uid=67da2f571bfc2e7&tid=26438cb7-522f-46f9-ad36-6287ca30099c&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
28cf9b6d89019dbea0bde05bd44ce26cda0650c0d1d3d07011168479b2cb83c3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
127

Redirect headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Server
nginx
Access-Control-Allow-Origin
https://natalie.mu
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55616&cb=2495079351&r=https%3A%2F%2Fnatalie.mu%2F&uid=67da2f571bfc2e7&tid=26438cb7-522f-46f9-ad36-6287ca30099c&uc=div-gpt-ad-1000000000002-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=728x90
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=55617&cb=40485523974&r=https%3A%2F%2Fnatalie.mu%2F&uid=683e860a0bade7d&tid=4382396b-9db2-467e-8e99-8c836b3825d8&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=40485523974&r=https%3A%2F%2Fnatalie.mu%2F&uid=683e860a0bade7d&tid=4382396b-9db2-467e-8e99-8c836b3825d8&uc=div-gpt-ad-1000000000003-0&tmax=200...
133 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=40485523974&r=https%3A%2F%2Fnatalie.mu%2F&uid=683e860a0bade7d&tid=4382396b-9db2-467e-8e99-8c836b3825d8&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c87fa1223238a2c6490541e860ef5942f84904f553c8c4cdc2b8d661fc0902a8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
126

Redirect headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Server
nginx
Access-Control-Allow-Origin
https://natalie.mu
Location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=55617&cb=40485523974&r=https%3A%2F%2Fnatalie.mu%2F&uid=683e860a0bade7d&tid=4382396b-9db2-467e-8e99-8c836b3825d8&uc=div-gpt-ad-1000000000003-0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250%2C1x1
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
bid
ap.lijit.com/rtb/ 		94 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5cb844d95060e2ec3606cd6b4b8837f774e34b66789a653aa71777e8a4c3d37f

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://natalie.mu
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45927307-1&cid=460445772.1702372512&jid=651390297&gjid=1205174367&_gid=1142652488.1702372512&_u=YEBAAAAAAAAAAC~&z=1057067452
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45927307-2&cid=460445772.1702372512&jid=1368909573&gjid=1024281601&_gid=1142652488.1702372512&_u=YEDAAAABAAAAAC~&z=836472762
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-0c418136c533348554c767bfe7921762-957b719f5abf77bc-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
0c418136c533348554c767bfe7921762/10771327863022909372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45927307-15&cid=460445772.1702372512&jid=2070314368&gjid=517383391&_gid=1142652488.1702372512&_u=YEDAAEABAAAAACAAI~&z=1079374155
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y7LQ4S8GZR&gtm=45je3bt0v887853220z876256838&_p=1702372511584&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cid=460445772.1702372512&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702372512&sct=1&seg=0&dl=https%3A%2F%2Fnatalie.mu%2F&dt=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&en=page_view&_fv=1&_ss=1&tfd=605
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y7LQ4S8GZR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1072358
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPBrFkEsOJTkU6iYPcfGwj75bFYGEvz9kLAZCdXpTLxNR8PtQTZ5TTf6FdXSGCjL9UCOv1zWglD0Hasc32IJK%2BRgbTAGxiiZ7kZgepwTP50Ndp2QH29Bnm%2FM0zOI7R5twBXj2Jfq%2FxUvm%2Bd1"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8344dc88ea47af25-NRT
supply
events.browsiprod.com/events/v2/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=sLsu
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.98.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-98-197.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=natalie&pk=natasha&url=https%3A%2F%2Fnatalie.mu%2F&bid=sLsu%23oMCVbrRTwHz_DfF&at=%E3%83%8A%E3%82%BF%E3%83%AA%E3%83%BC%20-%20%E3%83%9D%E3%83%83%E3%83%97%E3%82%AB%E3%83%AB%E3%83%81%E3%83%A3%E3%83%BC%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sw=1600&sh=1200&rp=false
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-109.nrt20.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
daf9cb6c0348c974c087fd18ced4a6b67c5b43cfa7156ce72593670f0749c0cf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 519e2bfef4c665bcf2d6bc3a374c5f82.cloudfront.net (CloudFront)
server
akka-http/10.2.1
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
x-amz-cf-id
3y98Mzs6ty1QQ0tW3vO8Cmso9jNqLAu5g2cJVqXs6O78VXJ92pH-Dg==
/
bs.nakanohito.jp/b3/ 		0
374 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bs.nakanohito.jp/b3/
Requested by
Host: cs.nakanohito.jp
URL: https://cs.nakanohito.jp/b3/bi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.220.195.253 Jingumae, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
122x220x195x253.ap122.ftth.ucom.ne.jp
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Server
nginx
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://natalie.mu
P3P
policyref="http://b.nakanohito.jp/w3c/p3p.xml", CP="NOI DSP COR ADM DEV PSA OUR IND UNI COM NAV INT STA"
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
thumb_inbox_1920.jpg
ogre.natalie.mu/media/pp/kroi_underninja/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kroi_underninja/thumb_inbox_1920.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b03280d109fc654be1bfe06118dc2a356fcb7096df47bc690d7eb4a659d69569

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Tue, 05 Dec 2023 01:37:21 GMT
Server
Akamai Image Manager
ETag
"1756736df366f708fc8863b44f664b3d"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
11944
Expires
Tue, 12 Dec 2023 21:15:12 GMT
sid08_thumbnail.jpg
ogre.natalie.mu/media/pp/sid08/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/sid08/sid08_thumbnail.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
75d303f1d95b291ff03b32fd43c7a26234590cace6277a1e4283c3c3a1ee8ccc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Fri, 08 Dec 2023 03:08:54 GMT
Server
Akamai Image Manager
ETag
"0fae5194b6e58b97c41cfe57545ce90e"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
17365
Expires
Tue, 12 Dec 2023 21:15:12 GMT
kabukiza24_thumb.jpg
ogre.natalie.mu/media/pp/kabukiza24/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/kabukiza24/kabukiza24_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
635fab3de832bb96f4fa01924f8d24e520ff25007fd12ed2c9348ff9a81012ac

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Fri, 08 Dec 2023 01:31:27 GMT
Server
Akamai Image Manager
ETag
"49f955dd1a332f9c15bfed5655121abd"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
13198
Expires
Tue, 12 Dec 2023 21:15:12 GMT
thumb_inbox_1920_3.jpg
ogre.natalie.mu/media/pp/hitsujibungaku03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/hitsujibungaku03/thumb_inbox_1920_3.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a862a2bbb0aee7107ed08a23ed4da296628519505e48ced9a9c3729a7369c79b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Fri, 08 Dec 2023 01:41:58 GMT
X-Serial
1386
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"8afbaabfa159c343e083780cfd9ca56c"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
9212
Expires
Tue, 12 Dec 2023 21:15:12 GMT
cm
u.openx.net/w/1.0/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9fboejhehh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
br
last-modified
Sun, 10 Dec 2023 15:07:16 GMT
etag
"0x8DBF991B2C59E6A"
x-azure-ref
0oCR4ZQAAAABLW5GYqAqvQYUJXW8dTeTRVFlPMDFFREdFMjMwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3185e4aa-401e-0057-2338-2c80e8000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-2&cid=460445772.1702372512&jid=1368909573&_u=YEDAAAABAAAAAC~&z=169373454
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-2&cid=460445772.1702372512&jid=1368909573&_u=YEDAAAABAAAAAC~&z=169373454
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-1&cid=460445772.1702372512&jid=651390297&_u=YEBAAAAAAAAAAC~&z=1818463017
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-1&cid=460445772.1702372512&jid=651390297&_u=YEBAAAAAAAAAAC~&z=1818463017
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-15&cid=460445772.1702372512&jid=2070314368&_u=YEDAAEABAAAAACAAI~&z=317538713
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45927307-15&cid=460445772.1702372512&jid=2070314368&_u=YEDAAEABAAAAACAAI~&z=317538713
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Fconnectid.analytics.yahoo.com%2FconnectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a6:7400:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:45:08 GMT
via
1.1 02fa8137f2e8d2eea9a32cf638667082.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
NRT20-P1
age
1805
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
bkCB__xjemi3RA1InVrRAQeYrWXN9Ln_adHqfbytJ4Crp8JHfUEjeQ==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Fcdn.id5-sync.com%2Fapi%2F1.0%2Fesp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
FZEZREHY2SMDXSRM
age
14
x-amz-server-side-encryption
AES256
x-amz-id-2
E/7Lw1qzjDeUPS/T30P4rfZUYPwLTHhQhKWDo4qJ6D3lCs4Y7S04xG4uocOZvsZYfnXI/dqEKgA=
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8344dc89a8256836-NRT
expires
Tue, 12 Dec 2023 10:15:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=uidapi.com&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Fcdn.prod.uidapi.com%2Fuid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:c00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 12 Dec 2023 01:26:55 GMT
Via
1.1 024320cab1ac6be5046a56f19ef1d322.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
NRT20-C4
Age
37325
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
iYuiFt4PLZ5IouPIxxAZ1vIsGFvde9UMdZ6N6Q3F-QYGhkpxg7CUdw==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=33across.com&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Fcdn-ima.33across.com%2Fob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
480876
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8344dc89e9c48a81-NRT
expires
Fri, 15 Dec 2023 09:15:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Foa.openxcdn.net%2Fesp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 02:36:08 GMT
content-encoding
gzip
age
542344
x-guploader-uploadid
ABPtcPrzhqbhZjv7bM7br6pJ3NIIBiH5qc7wUBgq3yOYccE07JrMSAq2kZcEsqZhQF1n9T1NUiO83Jney5Y5WBSegqoRWA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 05 Dec 2024 02:36:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=esp.criteo.com&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Fstatic.criteo.net%2Fjs%2Fld%2Fpublishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Dec 2023 09:15:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Fcdn.jsdelivr.net%2Fgh%2Fprebid%2Fshared-id%2Fpubcid.js%2Fdocs%2Fpubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
content-encoding
br
age
2889
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-nrt-rjtf7700065-NRT
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Finvstatic101.creativecdn.com%2Fencrypted-signals%2Fencrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
61c6667b370582eccda8a449dd8c1b7d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=30&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&url=https%3A%2F%2Ftags.crwdcntrl.net%2Flt%2Fc%2F16589%2Fsync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 18:44:42 GMT
content-encoding
gzip
via
1.1 12edfea623a876eaab6b5e8c6eab26b2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
52902
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
PegLw7AXyCz5z3ABGah5iTE6xsRQ0yBNA0Sr4VE4SgTjrsA8-OjOtQ==
middy-desktop-4.21.4.js
cdn.browsiprod.com/sd/apps/middy/ 		293 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-70.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fffa5be6cde7a868d981bc7f448832bd64722891b230d2ec66b911b4343988de

Request headers

Referer
https://natalie.mu/
Origin
https://natalie.mu
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 09:48:31 GMT
x-amz-version-id
D81_wup56N_1oUVbwXBF.W8mtWJTp0Xz
content-encoding
gzip
via
1.1 c29e436c21072b427d47688aaf874624.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
4058802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 22 Oct 2023 09:56:49 GMT
server
AmazonS3
etag
W/"7ecc4b205f8545176036011d1634fb0f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
NLAQ8fLwJ6tykSu5g3mbr7BO2XzHcPohMrnd3yD1sm3XOKdr25sglg==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=42&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&ea=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=23&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&tic=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=18&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=29&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&delta=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=27&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame F388
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&dcc=t
327 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cd87306632f80257eb0e8b54df6d7ad4413297098a8364adb2df4c9172338455
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
327
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DTN83TAV499W35D54XYW

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:15:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DBCPNT0ZJNERQJ7BB3WW
supply
events.browsiprod.com/events/v2/ 		0
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=e500ea97-73a0-47f8-bfb9-8aa17f806995
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.98.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-98-197.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-70.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer
https://natalie.mu/
Origin
https://natalie.mu
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding
gzip
via
1.1 c29e436c21072b427d47688aaf874624.cloudfront.net (CloudFront)
date
Mon, 11 Dec 2023 22:10:41 GMT
x-amz-cf-pop
NRT57-C1
age
43404
x-cache
Hit from cloudfront
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
server
AmazonS3
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
y6H3N2RYl4RUUP5sx9kixFDx8Fu_qXHX7i5Tqy0ReEBp6CfFcGI0wA==
supply
events.browsiprod.com/events/v2/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=e500ea97-73a0-47f8-bfb9-8aa17f806995
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.98.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-98-197.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
desktop
demand-engine.browsiprod.com/sra/ 		2 KB
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand-engine.browsiprod.com/sra/desktop?sk=natalie&pk=natasha&pvid=e500ea97-73a0-47f8-bfb9-8aa17f806995&aid=natalie_-545678263_-1397100663&sid=0a2d2894-c259-4706-9ce2-59216bed1f4b%26false%26false%26DEFAULT%26jp%26desktop-4.21.4%26false&mch=4538&uid=df436c8d-e671-4d24-a6c5-3d2d3d525ae3&pu=https%3A%2F%2Fnatalie.mu%2F&pl=5512&d=false&sh=1200&lid=39564c65-8920-4c7d-8b42-2b21e0330b34_B&ts=DEFAULT&cc=jp&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=1&ais=700%7C%7C701%7C%7C702%7C%7C703%7C%7C704&fs=2.13%7C%7C2.61%7C%7C3.1%7C%7C3.57%7C%7C4.03&lls=false%7C%7Cfalse%7C%7Cfalse%7C%7Cfalse%7C%7Cfalse&sts=fixed_right_rail%7C%7Cfixed_right_rail%7C%7Cfixed_right_rail%7C%7Cfixed_right_rail%7C%7Cfixed_right_rail&ets=b%7C%7Cb%7C%7Cb%7C%7Cb%7C%7Cb&als=1351%7C%7C1928%7C%7C2524%7C%7C3082%7C%7C3639&pts=right%20rail%7C%7Cright%20rail%7C%7Cright%20rail%7C%7Cright%20rail%7C%7Cright%20rail&ss=aside%20%3E%20div%5Bclass*%3D%27GAE_%27%5D%7C%7Caside%20%3E%20div%5Bclass*%3D%27GAE_%27%5D%7C%7Caside%20%3E%20div%5Bclass*%3D%27GAE_%27%5D%7C%7Caside%20%3E%20div%5Bclass*%3D%27GAE_%27%5D%7C%7Caside%20%3E%20div%5Bclass*%3D%27GAE_%27%5D&dis=0%7C%7C1%7C%7C2%7C%7C3%7C%7C4&ac=0
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.62.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-62-39.nrt20.r.cloudfront.net
Software
/
Resource Hash
7b0c0d4ca2632e4d16d957161075dec5db5f07e6dfe55282d08271dd129ca1e6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
gzip
via
1.1 ea339d13159c2367df65da6b0b4ffe40.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
x-amz-cf-id
zpxms1W8jH0SqgHygOrZnxX2BfTf_G9Ot5WL6tCYfl5dN24IOvjJUg==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=42&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&ea=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=23&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&tic=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=18&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
z.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://natalie.mu
Date
Tue, 12 Dec 2023 09:15:12 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
re_aimer26_thumb.jpg
ogre.natalie.mu/media/pp/aimer26/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/aimer26/re_aimer26_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ced9b47f237b5c58583e285c6229dfb989f0a350e6102d8ae751d3a7ae302ed8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Mon, 04 Dec 2023 07:07:00 GMT
Server
Akamai Image Manager
ETag
"57a4c92737bae6603ca099a56545158a"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
7331
Expires
Tue, 12 Dec 2023 21:15:12 GMT
thumb_inbox_1920_4.jpg
ogre.natalie.mu/media/pp/takarazuka-wonderland2023/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/takarazuka-wonderland2023/thumb_inbox_1920_4.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
aab3fc6eced27959ad03c871a651ad91cfe02027f98a373bed59ad8682b5971a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Thu, 07 Dec 2023 01:24:13 GMT
Server
Akamai Image Manager
ETag
"faa4f103ef520d9fe6406a7c74f240d6"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
31110
Expires
Tue, 12 Dec 2023 21:15:12 GMT
whitescorpion_x-2.jpg
ogre.natalie.mu/media/pp/whitescorpion/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/whitescorpion/whitescorpion_x-2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
424a87e790df4787b169947ce05931319dc8662f08878b530d22cf9795b4b917

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Tue, 05 Dec 2023 02:00:36 GMT
X-Serial
1436
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"458d5d54d193641bb1bb963a9caaaf75"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
15652
Expires
Tue, 12 Dec 2023 21:15:12 GMT
linkedhorizon03_X_2.jpg
ogre.natalie.mu/media/pp/linkedhorizon03/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/linkedhorizon03/linkedhorizon03_X_2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
15a7e1f444d86993334bf66579cd581d92fe7ab3448a343b0456ae5df1af76cb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Mon, 04 Dec 2023 08:23:15 GMT
X-Serial
1689
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"c1d0caa12b12485a23196d270995b7b1"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
26788
Expires
Tue, 12 Dec 2023 21:15:12 GMT
akolondog_x.jpg
ogre.natalie.mu/media/pp/akolondog/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/akolondog/akolondog_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e06bd254afa119f22385141b07f3dd99268860da34b66ac95ce25758b4959eb0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Fri, 01 Dec 2023 08:09:36 GMT
Server
Akamai Image Manager
ETag
"03acc4cd57e04fc41d03cffe6f6292ec"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6066
Expires
Tue, 12 Dec 2023 21:15:12 GMT
sawadasori_thumb.jpg
ogre.natalie.mu/media/pp/sawadasori/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/sawadasori/sawadasori_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b0a99d6413ea693e9e088adeb2a2d3caec70ca8403ae6afe4fca80cc4e72705b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Wed, 06 Dec 2023 06:54:11 GMT
X-Serial
559
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"8f2e91aae9f59cdcd03e2bbebcd729e2"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
7136
Expires
Tue, 12 Dec 2023 21:15:12 GMT
anochannodendendenpa_visual.jpg
ogre.natalie.mu/media/news/music/2023/0420/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/music/2023/0420/anochannodendendenpa_visual.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f9d0e2e0a6f15a4cfe999b42e49a03fdb94398f8f3a734e4fba4db9e10c4c673

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Thu, 31 Aug 2023 06:47:08 GMT
Server
Akamai Image Manager
ETag
"c3aafb82d593593ba1e0631138cf3a9e"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
8178
Expires
Tue, 12 Dec 2023 21:15:12 GMT
idolshikkaku_202312_04.jpg
ogre.natalie.mu/media/news/eiga/2023/1212/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/news/eiga/2023/1212/idolshikkaku_202312_04.jpg?impolicy=thumb_fit&width=180&height=180
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1cf0036fa9823c7e4693370d69ccac23947aa5915d326aec10d748f9686d8773

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Tue, 12 Dec 2023 09:00:11 GMT
Server
Akamai Image Manager
ETag
"274b0347b4310c5f79bbed3418cbd801"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
5105
Expires
Tue, 12 Dec 2023 21:15:12 GMT
2_000000004574.jpg
gigaplus.makeshop.jp/natalie/images/rank/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gigaplus.makeshop.jp/natalie/images/rank/2_000000004574.jpg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.193.119.42 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-193-119-42.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b8c91a8180c03c16e1554367b4f71f7396d6de86dc191cd06be078fc96290515

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Last-Modified
Tue, 04 Jul 2023 08:29:15 GMT
X-Serial
1620
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"64a3d7e1-8c50"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
9366
Expires
Tue, 12 Dec 2023 21:15:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=42&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&ea=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=23&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&tic=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=18&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a9c07b050df273114f3e17c2dc6924c20662ff89667c59d65c5d73b484f366c8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-96BJ0iqkEGduXdva3MGEwv6bp9Y"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 12 Dec 2023 09:15:12 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://natalie.mu
location
/esp?url=https%3A%2F%2Fnatalie.mu%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=42&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&ea=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=23&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&tic=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=18&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=29&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&delta=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=41&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
23177446c584fc9873e9ed321e9936cc6baa4199bdd1ae67978b84d40f261a2c

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://natalie.mu
cache-control
no-cache
x-server
10.42.5.222
access-control-allow-credentials
true
content-length
235
expires
0
template.js
cdn.browsiprod.com/generic-templates/flx/0.18/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/generic-templates/flx/0.18/template.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-70.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af180de20554c4d1bb18ff381979ca63a039eb4100f0eff63531367ff591df4e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:48:01 GMT
x-amz-version-id
fJYQN8hACV3kBqRmUODt5fwOnBaY5IyO
content-encoding
gzip
via
1.1 c29e436c21072b427d47688aaf874624.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
5448431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Feb 2023 09:10:56 GMT
server
AmazonS3
etag
W/"f38a3b17967852c0712a0e8484bd114b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
X2wIXyhEADRRbWROMr7baw6znb59oKzE2rgpaAqLyWbBQ5p1_tW87Q==
template.js
cdn.browsiprod.com/generic-templates/flx/0.18/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/generic-templates/flx/0.18/template.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-70.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af180de20554c4d1bb18ff381979ca63a039eb4100f0eff63531367ff591df4e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:48:01 GMT
x-amz-version-id
fJYQN8hACV3kBqRmUODt5fwOnBaY5IyO
content-encoding
gzip
via
1.1 c29e436c21072b427d47688aaf874624.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
5448431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Feb 2023 09:10:56 GMT
server
AmazonS3
etag
W/"f38a3b17967852c0712a0e8484bd114b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
__9UEQdMUIPc4YeGPv5Y3fpHFi0yBuAh4NdEhJ9j27gVgadHRSW2fw==
template.js
cdn.browsiprod.com/generic-templates/flx/0.18/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/generic-templates/flx/0.18/template.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-70.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af180de20554c4d1bb18ff381979ca63a039eb4100f0eff63531367ff591df4e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:48:01 GMT
x-amz-version-id
fJYQN8hACV3kBqRmUODt5fwOnBaY5IyO
content-encoding
gzip
via
1.1 c29e436c21072b427d47688aaf874624.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
age
5448431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Feb 2023 09:10:56 GMT
server
AmazonS3
etag
W/"f38a3b17967852c0712a0e8484bd114b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
lGKeU40jqB-CVpFEIm_B4tcr3pi-fTjjnqz27Ztsx0viCDxbVIY_PQ==
template.js
cdn.browsiprod.com/generic-templates/flx/0.18/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/generic-templates/flx/0.18/template.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.50.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-70.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af180de20554c4d1bb18ff381979ca63a039eb4100f0eff63531367ff591df4e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 12:27:06 GMT
x-amz-version-id
fJYQN8hACV3kBqRmUODt5fwOnBaY5IyO
content-encoding
gzip
last-modified
Tue, 14 Feb 2023 09:10:56 GMT
server
AmazonS3
via
1.1 25caeecf79d1babf9c1aeb8ae41d4e36.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C1
etag
W/"f38a3b17967852c0712a0e8484bd114b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
age
7591687
x-amz-cf-id
6di8_rQexJyIZhed36BU2rc7dOkuqIbEB9PKF3-JdBN_IY-RzcSB5Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		164 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3673&u=https%3A%2F%2Fnatalie.mu%2F&pid=6E0anGpk7E8Js&cb=1&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22browsi_adContainer_ai_701_ati_1_rc_0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4581080%2Fpc_browsi_8%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.51.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-51-32.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
3457db4f7acd890c1f8d5c5b356d605a090270e8cef09fb6702a85125604a142

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
via
1.1 18855c649fddbff6203c46f792687008.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
timing-allow-origin
*
content-length
164
x-amz-cf-id
Qm2N55puphRcRzVxajgsCTTdmDjIWK1Nj0KG68r84G2M7nm9qWjJCg==
bid
aax.amazon-adsystem.com/e/dtb/ 		164 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3673&u=https%3A%2F%2Fnatalie.mu%2F&pid=6E0anGpk7E8Js&cb=2&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22browsi_adContainer_ai_700_ati_1_rc_0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4581080%2Fpc_browsi_7%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.51.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-51-32.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
548aac3bf4df86088db606059800c4f9a031b6057b6c689d6b5f5c855d2c6419

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
via
1.1 18855c649fddbff6203c46f792687008.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
timing-allow-origin
*
content-length
164
x-amz-cf-id
W8bJXaPnZZJbFljUo1l2IkJFPAFoknEEkL8odWCu5guLd70Y4Lzndw==
bid
aax.amazon-adsystem.com/e/dtb/ 		164 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3673&u=https%3A%2F%2Fnatalie.mu%2F&pid=6E0anGpk7E8Js&cb=3&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22browsi_adContainer_ai_702_ati_1_rc_0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4581080%2Fpc_browsi_8%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.51.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-51-32.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
b5f7bc9856dfd143e1636429455337c0ca6b21adfac8123cde754dc62d997779

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:11 GMT
via
1.1 18855c649fddbff6203c46f792687008.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
NRT20-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-allow-credentials
true
timing-allow-origin
*
content-length
164
x-amz-cf-id
nhWQ94aTuUKwIHqLUsuso7NTVi2ah5us9RpNMlxCzuMrsHXsWxLHHw==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://natalie.mu
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 09:15:12 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=xRa2dj5Rj&skt=5&tid=d6b4cadf-534d-42a3-bc06-6446123c1dea&prebid_id=74d70148de537e&prebid_ver=8.6.0&page_url=https%3A%2F%2Fnatalie.mu%2F&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-69.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69dddb16195636c0d79d55ed3431cbb4.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-P1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
uOOvUL1Hu3M01Ok2XR8V94687Az0kvNnDRg1J00zVUHtlsff8iyGsA==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3207990d16debf1ae6aa000f66c088e422c53d1b38369b0ecf769eff0e2f41d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
an-x-request-uuid
84ba6c9c-4f0d-4ba1-8874-5597703b8c23
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
s-rtb-pb.send.microad.jp/ 		47 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=fabbf3dd7b5e6c561e3bce8f0cbaaf68&url=https%3A%2F%2Fnatalie.mu%2F&referrer=null&bid_id=82928809b9a7965&transaction_id=d6b4cadf-534d-42a3-bc06-6446123c1dea&media_types=1&cbt=4ea16066fdae80018c5d4f130e&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%7D%5D
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://natalie.mu
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
/
shb.richaudience.com/hb/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
server
nginx/1.14.1
access-control-max-age
86400
h_bid
y.one.impact-ad.jp/ 		133 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/h_bid?v=hb1&p=208721&cb=12743776309&r=https%3A%2F%2Fnatalie.mu%2F&uid=864120d21c3134b&tid=d6b4cadf-534d-42a3-bc06-6446123c1dea&uc=browsi_adContainer_ai_701_ati_1_rc_0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e28f2d73036a667e1851751c7f34a95c83a4d60786c2c4e574fe2a93e89cb26b

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
128
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27917c2e31f2ed1b8abf6914462182d079017cbb8fe6e49877359dad7258cf8

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8344dc8b4ee4dfe1-NRT
expires
0
prebid
pb.ladsp.com/adrequest/ 		91 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.91.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-91-241.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
prebid
prebid.media.net/rtb/ 		1 KB
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDH8PEK
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
22368ade73fd8b8868f30e1a200e51e9c5c6de3117f5ed52dea94dc61dcd57c8

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:11 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
94
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 09:15:12 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://natalie.mu
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 09:15:12 GMT
prebid
prebid.media.net/rtb/ 		1 KB
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDH8PEK
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
f3e22a3b92fa72f3f7556368084f33f495506c9d4fe7ce57b13cf01cf7d76de4

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 09:15:12 GMT
/
shb.richaudience.com/hb/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
server
nginx/1.14.1
access-control-max-age
86400
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b25549b89a0560f27fb0fed93326ff9e06cf06e7d86796e0d05d1842c083fb

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8344dc8b5eeedfe1-NRT
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=6aSU8n0TZ&skt=5&tid=f11b31ba-849d-4c9b-91b2-202d0aba0612&prebid_id=102323e493949e3f&prebid_ver=8.6.0&page_url=https%3A%2F%2Fnatalie.mu%2F&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-69.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69dddb16195636c0d79d55ed3431cbb4.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-P1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
R7y-K75h-GK0y8NIlzUc6dUyClWlqbAFD12j7QkXhrA7a4vHECFE7g==
expires
Thu, 01 Jan 1970 09:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ecc60032d018f0cf5077d5fd056fcfbcd9cd0d17911c25ae0c1fd0629e9d3340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
an-x-request-uuid
c4a8ebeb-2592-421f-aede-5d5dae522e72
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
h_bid
y.one.impact-ad.jp/ 		134 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/h_bid?v=hb1&p=208720&cb=95478701871&r=https%3A%2F%2Fnatalie.mu%2F&uid=106ba0ca401debcf&tid=f11b31ba-849d-4c9b-91b2-202d0aba0612&uc=browsi_adContainer_ai_700_ati_1_rc_0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d6a5de5e6270ea3dc69c25898a50edce1c83f58e55bb725a7a254f3908e0279a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
127
prebid
pb.ladsp.com/adrequest/ 		91 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.91.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-91-241.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid
s-rtb-pb.send.microad.jp/ 		47 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=fabbf3dd7b5e6c561e3bce8f0cbaaf68&url=https%3A%2F%2Fnatalie.mu%2F&referrer=null&bid_id=1125aeba044a678e&transaction_id=f11b31ba-849d-4c9b-91b2-202d0aba0612&media_types=1&cbt=1df8bf22f7d46f018c5d4f1318&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%7D%5D
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://natalie.mu
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-9aeec37837c550a3d192af96c8792886-2310ec88c88b23bb-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
9aeec37837c550a3d192af96c8792886/2526779463179117499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://natalie.mu
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 12 Dec 2023 09:15:12 GMT
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5904906c741444b9c0abd8d0c0c7d60777303d26acb15634526df785a01c98ce

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8344dc8b6f29dfe1-NRT
expires
0
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=xRa2dj5Rj&skt=5&tid=915aa31c-447b-4735-aa4e-34c5ff366236&prebid_id=1167c41e56c6459d&prebid_ver=8.6.0&page_url=https%3A%2F%2Fnatalie.mu%2F&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-69.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 69dddb16195636c0d79d55ed3431cbb4.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-P1
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
89
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
RMyk9FoLhuRLyDovEgDmUrYtfzEA7RUf8MFHaBohph-8V8527pEfWw==
expires
Thu, 01 Jan 1970 09:00:00 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
shb.richaudience.com/hb/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:12 GMT
access-control-allow-credentials
true
server
nginx/1.14.1
access-control-max-age
86400
h_bid
y.one.impact-ad.jp/ 		134 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/h_bid?v=hb1&p=208721&cb=21997604246&r=https%3A%2F%2Fnatalie.mu%2F&uid=122d7d5db7222a7d&tid=915aa31c-447b-4735-aa4e-34c5ff366236&uc=browsi_adContainer_ai_702_ati_1_rc_0&tmax=2000&t=i&language=en-US&screen_size=1600x1200&sz=300x250
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bae61a16aa555ef5ed0516ba79868c746b078d7e726348abe7239e5bb14f9f6b

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 12 Dec 2023 09:15:12 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://natalie.mu
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
127
prebid
s-rtb-pb.send.microad.jp/ 		47 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=fabbf3dd7b5e6c561e3bce8f0cbaaf68&url=https%3A%2F%2Fnatalie.mu%2F&referrer=null&bid_id=1245de7d666d1e09&transaction_id=915aa31c-447b-4735-aa4e-34c5ff366236&media_types=1&cbt=8e2131014d1dc0018c5d4f1320&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%2272fc065f-9d94-422d-ba63-87d16a0b22aa%22%7D%5D
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://natalie.mu
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://natalie.mu
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e7fd761323bf82208b6142a8a0634bf9f659cc7a1db9585241478d8d4b91c049
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
an-x-request-uuid
1e3d863f-21b5-4235-84f3-0931a7c0657e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
pb.ladsp.com/adrequest/ 		91 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.ladsp.com/adrequest/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.91.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-91-241.ap-northeast-1.compute.amazonaws.com
Software
Logicad/DADServer /
Resource Hash
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
server
Logicad/DADServer
vary
Accept-Encoding, User-Agent
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
104
expires
-1
prebid
prebid.media.net/rtb/ 		1 KB
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUDH8PEK
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
73171b7241862b9c6c101f1377b65034ce73dd7a338b852bb5a86491e56c9d0a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://natalie.mu
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
83
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 09:15:12 GMT
sync
ssbsync.smartadserver.com/api/ Frame E3D8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
524913564edf0c9478d5753cc879a62b84212882620b4359ea7adaf69e367ce1

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
1090
content-type
text/html
date
Tue, 12 Dec 2023 09:15:12 GMT
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 24D0
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
474 B
806 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
dd2564dd71f536a0d947b6d3b84e829776dd0cf7befc2e4f0cb74cf1f863e288

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
474
content-type
text/html
date
Tue, 12 Dec 2023 09:15:12 GMT
expires
Tue, 12 Dec 2023 09:15:12 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 12 Dec 2023 09:15:12 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726
setuid
u.4dex.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1702372512869
  • https://ad.turn.com/r/cs?pid=45&rndcb=651502738
  • https://sync.1rx.io/usersync/turn/2967119334666753022?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
  • https://u.4dex.io/setuid?bidder=unruly&uid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=unruly&uid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=unruly&uid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
date
Tue, 12 Dec 2023 09:15:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf6e80dd66e044aa18622d13d77f432d3004
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=42&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&ea=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=23&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&tic=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=18&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ 		201 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1a4323e91286ffc9dd1ccb7af3171e11673dd4cdabe16a4d7775c17c101db5f4

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
ff31ea2536f6ae4786a5ef2428295e5e
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-714fea6ce1e8a39186e22bc39a1e41b1-79f7f76cff50e7d2-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
714fea6ce1e8a39186e22bc39a1e41b1/8788765245348833234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
pd
google-bidout-d.openx.net/w/1.0/ Frame 57FF 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 12 Dec 2023 09:15:12 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=29&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&delta=303
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=27&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=52&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=33across.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=esp.criteo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=uidapi.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=50&pc=2582374728366616&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2582374728366616&correlator=3313598410649816&eid=31077978%2C31079828%2C31079784&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&gdpr=0&iu_parts=4581080%2Cpc_browsi_8&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702372512832&lmt=1702372512&adxs=1025&adys=2178&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnatalie.mu%2F&vis=1&psz=310x250&msz=300x250&fws=0&ohw=0&ga_vid=460445772.1702372512&ga_sid=1702372513&ga_hid=1323098147&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiApLzqxTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiApLzqxTFIAFICCGQSOwoKcHViY2lkLm9yZxIkNzJmYzA2NWYtOWQ5NC00MjJkLWJhNjMtODdkMTZhMGIyMmFhGJukvOrFMUgAEhgKCXlhaG9vLmNvbRiCpbzqxTFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20YgKS86sUxSABSAghkEhcKCHJ0YmhvdXNlGICkvOrFMUgAUgIIZBIZCgp1aWRhcGkuY29tGICkvOrFMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkV05CY21JeE5saFRTMGQyT1dvMFNuUmpZVWQwWnowOUluMD0Ypqe86sUxSAASGwoMaWQ1LXN5bmMuY29tGICkvOrFMUgAUgIIZA..&dlt=1702372511562&idt=460&prev_scp=amznbid%3D2%26amznp%3D2%26browsiViewability%3D0.30%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D139b0dfce4b675c%26hb_bidder%3Dappnexus%26browsiId%3Dnatalie_b&cust_params=genre%3D%26content%3Dhome%26action%3Dindex%26path%3D%252F%26publisher_id%3D366%26flux_test_flag%3Dprd&adks=405274932&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29ff920b4ebf7aa8620b45add1e02d7169136cd2dba8fd4b441b2c859c4f2844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29216
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F85D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:12 GMT
expires
Wed, 11 Dec 2024 09:15:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-94cf0d7e81c971d5e1324f048d5c80bb-d5554ad9d78fe87c-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
94cf0d7e81c971d5e1324f048d5c80bb/15372275202583947388
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=52&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=33across.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=esp.criteo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=uidapi.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=50&pc=2582374728366616&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2582374728366616&correlator=3313598410649816&eid=31077978%2C31079828%2C31079784&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&gdpr=0&iu_parts=4581080%2Cpc_browsi_8&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702372512872&lmt=1702372512&adxs=1025&adys=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnatalie.mu%2F&vis=1&psz=310x250&msz=300x250&fws=0&ohw=0&ga_vid=460445772.1702372512&ga_sid=1702372513&ga_hid=1323098147&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiApLzqxTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiApLzqxTFIAFICCGQSOwoKcHViY2lkLm9yZxIkNzJmYzA2NWYtOWQ5NC00MjJkLWJhNjMtODdkMTZhMGIyMmFhGJukvOrFMUgAEhgKCXlhaG9vLmNvbRiCpbzqxTFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20YgKS86sUxSABSAghkEhcKCHJ0YmhvdXNlGICkvOrFMUgAUgIIZBIZCgp1aWRhcGkuY29tGICkvOrFMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lkV05CY21JeE5saFRTMGQyT1dvMFNuUmpZVWQwWnowOUluMD0Ypqe86sUxSAASGwoMaWQ1LXN5bmMuY29tGICkvOrFMUgAUgIIZA..&dlt=1702372511562&idt=460&prev_scp=amznbid%3D2%26amznp%3D2%26browsiViewability%3D0.20%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D1410b189276230c3%26hb_bidder%3Dappnexus%26browsiId%3Dnatalie_b&cust_params=genre%3D%26content%3Dhome%26action%3Dindex%26path%3D%252F%26publisher_id%3D366%26flux_test_flag%3Dprd&adks=922078850&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87bee1336610084d5810e81b2800eeaf500a267763e931771354672ab95b8ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12470
x-xss-protection
0
google-lineitem-id
5662342798
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345637766
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/ Frame E3D8 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=8160195145739520768&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame E3D8
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8160195145739520768&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8160195145739520768&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
46.137.237.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8160195145739520768&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame E3D8
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8e8c13f8368575330c91c64b2805e387&gdpr=0&gdpr_consent=0
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8e8c13f8368575330c91c64b2805e387&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=8e8c13f8368575330c91c64b2805e387&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame E3D8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame E3D8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXgkoQAGWdaM5gBH&gdpr=0&gdpr_consent=&_test=ZXgkoQAGWdaM5gBH
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXgkoQAGWdaM5gBH&gdpr=0&gdpr_consent=&_test=ZXgkoQAGWdaM5gBH
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:12 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-nrt-rjtf7700057-NRT
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702372513.107304,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXgkoQAGWdaM5gBH&gdpr=0&gdpr_consent=&_test=ZXgkoQAGWdaM5gBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:12 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-8f9f73af6452465ec309a28859175de7-7fe93fab71f1f907-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
8f9f73af6452465ec309a28859175de7/9216968117974071559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=42&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&ea=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=23&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&tic=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=18&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=29&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&delta=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=27&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=52&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=33across.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=esp.criteo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=uidapi.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=50&pc=2582374728366616&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2582374728366616&correlator=3313598410649816&eid=31077978%2C31079828%2C31079784&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&gdpr=0&iu_parts=4581080%2Cpc_browsi_7&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702372512990&lmt=1702372512&adxs=1025&adys=1351&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnatalie.mu%2F&vis=1&psz=310x250&msz=300x250&fws=0&ohw=0&ga_vid=460445772.1702372512&ga_sid=1702372513&ga_hid=1323098147&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiApLzqxTFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJAZDZmZTU5NTZjMThiZDE2MzNiMmQ5NTdmM2QwYjE4NWNhMDJjOWFkYjU1YjIzMGJjNDU0MGU1ODBlOGNjNmNiZRjXqbzqxTFIABI7CgpwdWJjaWQub3JnEiQ3MmZjMDY1Zi05ZDk0LTQyMmQtYmE2My04N2QxNmEwYjIyYWEYm6S86sUxSAASGAoJeWFob28uY29tGIKlvOrFMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiApLzqxTFIAFICCGQSFwoIcnRiaG91c2UYgKS86sUxSABSAghkEhkKCnVpZGFwaS5jb20YgKS86sUxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWRXTkJjbUl4TmxoVFMwZDJPV28wU25SallVZDBaejA5SW4wPRimp7zqxTFIABIbCgxpZDUtc3luYy5jb20YgKS86sUxSABSAghk&dlt=1702372511562&idt=460&prev_scp=amznbid%3D2%26amznp%3D2%26browsiViewability%3D0.50%26browsiId%3Dnatalie_b&cust_params=genre%3D%26content%3Dhome%26action%3Dindex%26path%3D%252F%26publisher_id%3D366%26flux_test_flag%3Dprd&adks=142569286&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a48c0ffc09a8d7a37b3510d6fe1d980b86ee7ab74431424141fa3cd52b7b6b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12786
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=52&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=33across.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=crwdcntrl.net&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=pubcid.org&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=yahoo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=esp.criteo.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=uidapi.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=openx&eids=31077978%2C31079828%2C31079784&hs=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=19&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&hs=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=50&pc=2582374728366616&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		79 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2582374728366616&correlator=2982720012129473&eid=31077978%2C31079828%2C31079784&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&gdpr=0&iu_parts=4581080%2Cportal_big%2Cportal_top&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250%7C1x1&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702372513004&lmt=1702372513&adxs=602%2C1020&adys=50%2C523&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnatalie.mu%2F&vis=1&psz=728x0%7C310x250&msz=728x0%7C310x0&fws=0%2C0&ohw=0%2C0&ga_vid=460445772.1702372512&ga_sid=1702372513&ga_hid=1323098147&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiApLzqxTFIAFICCGQSWgoNY3J3ZGNudHJsLm5ldBJAZDZmZTU5NTZjMThiZDE2MzNiMmQ5NTdmM2QwYjE4NWNhMDJjOWFkYjU1YjIzMGJjNDU0MGU1ODBlOGNjNmNiZRjXqbzqxTFIABI7CgpwdWJjaWQub3JnEiQ3MmZjMDY1Zi05ZDk0LTQyMmQtYmE2My04N2QxNmEwYjIyYWEYm6S86sUxSAASGAoJeWFob28uY29tGIKlvOrFMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiApLzqxTFIAFICCGQSFwoIcnRiaG91c2UYgKS86sUxSABSAghkEhkKCnVpZGFwaS5jb20YgKS86sUxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWRXTkJjbUl4TmxoVFMwZDJPV28wU25SallVZDBaejA5SW4wPRimp7zqxTFIABIbCgxpZDUtc3luYy5jb20YgKS86sUxSABSAghk&dlt=1702372511562&idt=460&prev_scp=amznbid%3D2%26amznp%3D2%26browsiViewability%3DNA%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D1340f1fa58caceba%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26browsiViewability%3DNA%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.00%26hb_adid%3D135d02f6d6b48178%26hb_bidder%3Dappnexus&cust_params=genre%3D%26content%3Dhome%26action%3Dindex%26path%3D%252F%26publisher_id%3D366%26flux_test_flag%3Dprd&adks=3139867011%2C1147668949&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe3f3b033e004de389d431e281090fdcca18954ecd1f5889d69bc13cbbebe90b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24280
x-xss-protection
0
google-lineitem-id
-1,6386852611
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138448103695
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 24D0 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 10 Dec 2028 09:15:13 GMT
um
u-sin01.e-planning.net/ Frame 24D0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D19b5680199628ee7%26uid%3D%24%7BUID%7D
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=19b5680199628ee7&uid=53b29bf9-4e8f-44bf-9eac-36f450ba77c6
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=19b5680199628ee7&uid=53b29bf9-4e8f-44bf-9eac-36f450ba77c6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Server
64.120.110.138 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

server
openresty
date
Tue, 12 Dec 2023 09:15:13 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=19b5680199628ee7&uid=53b29bf9-4e8f-44bf-9eac-36f450ba77c6
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
sync
x.bidswitch.net/ul_cb/ Frame 24D0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?ssp=eplanning
Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.323146227192468
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zWUPns4S887zTb10SBlUeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-zWUPns4S887zTb10SBlUeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.7998462090140834
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-RkJK-eHBbgmLe6eh-70alg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-RkJK-eHBbgmLe6eh-70alg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-51c7b4e3c07ed657c5219114d3c3d6b4-f04de9ba348c6153-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
51c7b4e3c07ed657c5219114d3c3d6b4/17315753128264229203
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--4ijOwkA5WVel7TGsfuEiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--4ijOwkA5WVel7TGsfuEiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB78 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:12 GMT
expires
Wed, 11 Dec 2024 09:15:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CB78 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
26482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:51 GMT
css
fonts.googleapis.com/ Frame CB78 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 09:03:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 09:15:13 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame CB78 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 23:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Dec 2024 23:38:42 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame CB78 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 23:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Dec 2024 23:50:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB78 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
26482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:51 GMT
usync.html
eus.rubiconproject.com/ Frame 2DE6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 09:15:13 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 09:15:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
pr
s.amazon-adsystem.com/v3/ Frame 28D9 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
eec8bda98b441a8ad73de47cc3faae7031e1cb9fdf9b08da027494d0f16ca441
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2774
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6WKK0WHGYMWT2K6VAVSK
usync.js
eus.rubiconproject.com/ Frame 2DE6 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07fa4c276943b5d87faf65f53aad6b1b93e9c8caebde9514e0a92451f49417ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 18:30:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33289
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 18:30:02 GMT
csi
csi.gstatic.com/ Frame CB78 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq24n1yy&c=7188318330678&slotId=3594159165339&qqid=CO_4n-fHiYMDFdZNwgUdKr0DRQ&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB78 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:24 GMT
x-content-type-options
nosniff
age
217969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 20:42:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB78 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:14:43 GMT
x-content-type-options
nosniff
age
396030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:14:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB78 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CKmkboCR4Ze-oNtabid4PqvqOqATL7q21ctHqsayEEu7wkLqtPxABIPiBhERgifPFhPQTyAEFqQJK7pyu9oI9PqgDAcgDmwSqBKACT9BEeWeXnsbjlHB_5TQiZGO844h7ijIXAQOoSZBf83LJt9F_2uRxhhyakAmQ8dk3fCYaWuiH1FQRPxjJ0xSqFd8D2k2lWT2DWAsCHRFbTBlS3cy_DU03kKy5-VcwTsHSmSVD9ZAQCnBJYKtX2wgt5IOp2WoVcvuzGEoxJ6TCjWkqDo1kiNjXgWV_R9WislkKSk-EBsKMSpZ0tfSWz2aAdJ08eM1zcTuQlzGPeya1mDBsdvSOjVlieFqo797EqRpEh73_GedextAjFrntlDgCdkXNZqtP_LFvtSqZ_PDKi1ixImei1adSwNZVdUa1SUTqQktCr_BS4Cznqrs4Ejke7I3UAsrVMODw5OZHPFVwSkfvSZyCsm-wcZfMu5IOfRa0wASWuca1xQTgBAOIBcvjt45MkAYBoAZ2gAeNnfM_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY6tKe58eJgwOACgPICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJKUOINEwiV_p7nx4mDAxXWTcIFHSq9A0WwE_2XphXIE5vCw-MD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1702372513216&ai=CKmkboCR4Ze-oNtabid4PqvqOqATL7q21ctHqsayEEu7wkLqtPxABIPiBhERgifPFhPQTyAEFqQJK7pyu9oI9PqgDAcgDmwSqBKACT9BEeWeXnsbjlHB_5TQiZGO844h7ijIXAQOoSZBf83LJt9F_2uRxhhyakAmQ8dk3fCYaWuiH1FQRPxjJ0xSqFd8D2k2lWT2DWAsCHRFbTBlS3cy_DU03kKy5-VcwTsHSmSVD9ZAQCnBJYKtX2wgt5IOp2WoVcvuzGEoxJ6TCjWkqDo1kiNjXgWV_R9WislkKSk-EBsKMSpZ0tfSWz2aAdJ08eM1zcTuQlzGPeya1mDBsdvSOjVlieFqo797EqRpEh73_GedextAjFrntlDgCdkXNZqtP_LFvtSqZ_PDKi1ixImei1adSwNZVdUa1SUTqQktCr_BS4Cznqrs4Ejke7I3UAsrVMODw5OZHPFVwSkfvSZyCsm-wcZfMu5IOfRa0wASWuca1xQTgBAOIBcvjt45MkAYBoAZ2gAeNnfM_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY6tKe58eJgwOACgPICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJKUOINEwiV_p7nx4mDAxXWTcIFHSq9A0WwE_2XphXIE5vCw-MD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CB78 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq24n1z5&c=7188318330678&slotId=3594159165339&qqid=CO_4n-fHiYMDFdZNwgUdKr0DRQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.az&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame CB78 		30 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DQblhxPaKzd_L1vnCNr0U_E3jzig9wJmgw0-BLZGGChNjQYSkp4pJfnp72opNZQOGUGSPUxs-GE1FdsMzCvqLhQAHX1g&cry=1&dbm_d=AKAmf-AgkusHghJc2dMlsmeOSJAHuoieC8lOrm_mgaBxAVV4AQ-ScrsPTLAnTBy6Qj3n_pvmo7bxOCvCfKICoMyg0t2J74QTFutKfFZghSlxeJ312s6GDq81s9KMpNr8oX7QnpEhfjOu9aRErlHvmgH_87JHIjccPXOaI2MQd4HIaIfNLt3Tw7mJQ_NCFJfLjJtlGJQgkBH7o7B8lSbwa5c8DNcGBIbDNqhNf8Fe1ZlA7QUaGPLz6qLul0H7gW0Wp8J4gPXfFSm0i8aWi4AcsoiQGFx4MlVu3xCh2x-nA3yb_HoPvvrQZNsOyi33jq3x2JJYuCAdZVAsGaVvIMdeNeDusZm9X0W62adU6E9eCcEcmi0HFgw6F5U0AlyD1wknEAUlqBEHX4YynKxsZ87Oee8yExqumu0GHHzJA9QKLkdv2MeMnm3G3ETgW1ZB4KOoV1-h4nxkE1ClCAuvZcSsO0nY1BXqb9QkpC1aO1lA_K2scm_m29n79WECpoB6Aejrad_lT_ZHbwhu--SQLsiEwjHFl8sTkovjlJvVFblldsZ6bIW8b2OZ7ysAKeIiGP3FSPv-aS9eipUcj_o90iFQXJqUZqf-OJdcYpMxeDqRiP3cvHI3GHqfVSnseer1xzMkWxGHYLN_xJWnMiuZIE2EfkIR7YgIr8m7Pb3T3iSOG1aaGHatviXtgzEKxDzTGdk8I9F5ttbhBFDERnQroXC7_1j5WfrU_rxFWLgWXMj83uI3_8LgrnV0mIplz0ANJLy0_04X_FoBBYKuEqQbRmurq7ZoZkKD7n4ELhXKH0GYJs2qFFxbUvaT5EYqhif2T_zaBO_9953LVZf_vAqEu4zeon3YapJwj2h7xm3L8yLEkhELYQtkb7yijxag6smAoq-Cg-ev4Fw-a4RVFIBfPfKC2LxnjiCXzleOujfwt_rhE2hdmzAfjjj0nSLyYVJ9B-zuTCETIPDkAOx8cvwDaN9_QYPT9LNI_rE_v1R9jwsn-3DTzd_RmqC5y419vxhK4nlmXib2XvEU2EisVmxFisebuxWIO10BdRXkfF3O8akLJm-Ai0O9R5pzf75eNIgxEVXnKFr-Gus5eiCaD4Kt3VAqh3vVb8t9DrPoH6AygHGRxV1wYerKcbyffEtFqvRq6OB9mW_Kj5ZDjfZ_bc2gQ9SF3Fk7vUeQ-ZsFeflQ98XG0aHJpc_azgX32B7T45H4RNQ1pjZL9DuJKm7wS2LbFvF64yHTgPmBRb3422oRJRAzTjAPAWdQAdr8pcZAzGGlKkafcxieD5ohQL91l8i9Q159p12CTfq-gr5IROmWF27hMSD8pT1zix_2rD7uEItxanQ555sMGW4L01SH5UIfXJRH8FfNTv6irINA6A6gDh8Vqkiwlzf2QV1jawvlVRCRtnXfTQU3ZcLZxSYHsf51RiK-T3uX_nWKuDp5HfACdeI_iOGVXTa_ebRwr61tusryqIa7Cz56izp5M3IbCIvIUKVeK16KH5oezLWWLeqe92dTH5pZWOJVzTcCLSS25n4Jdqi7WDH0IJWWGkHTvQP9jwAcbCsMzqrYREJJ3Zw3Dlm17wqX6V17EPTplCZjsCQ96TM_ykK1Bk4eHmQ5hiO_D628-tQrGpVtygTIf2tu04zODrP4CAdhvcdkNdc6llg_TRuTNbFrLxgMwZAy9mgFih_JzWMtj3Z2ebYDmB4CEb1W3kE9i7mztIBTxPWu_vgYx0l9KPRj-J13l7rXAeMAKugpRHe-sIcLVaRUIBZUGkz9nfBr-3qdLSU_wbQVfJrvAV6aY8f7z6U6LM5D6FfGp7HRwtNvWlb7zi0TxJXz9GDYLAI8Y0hD3KH8JuZVaKVxNfoY2SqTgpd4rjrvtM74rXEMac40Yx5Iag1r1HYJtrouFhOhZ18tBdDrwzxPvucXz1fBiGCZkTppt4ND1bg7abaHA8inzmtEnu8TECi-8p3aa8RgVb8f8be_xB74-u8AmDhJtX5StYM4C3khIm7V8-qufcraJno67O1m9SvhtXH-3aAz2VEcBg5b-dJw_xFQJh1xHCGvuXBiCra40IxDdGiNFP3YTHlY0jOJgRWB_3VwQmHN_8kL9VAGsTFObBa1eARPXv1jpn8fCgaUOtNNUJ6tx5RfBXxOU14vXflJle45YL7SCC2_eH-w7qUJKspHwJHvt-mIgLhxPfLyGH80QY9sX8u101tEm-XE627MmnwJEyEmV_exLnrITAnHJZEOhMMJBLGEdJAf090q38DacO_iQ9F_s9Wu70aXScumjWyyS9OjcA5ntgIfvjCzoyEnoRffEkg5Y7lZrx1rG2t5D1XJeOdgFWOjNrdK8EEF-9DMXFfXfTnQKfKUndUSxaA2MGIgNqcmVsVIbOkOQJ9A3AoWvgPCHZk816AtISxeiQDk0OUBt-62NhHjCvwHWeQZjYaSCAwYlxax0PSDvHoA4PM3WYGEZG2VZq5sYMXJEn4FF1R3eGDdZ55dYN3LVlLGz7nSTGkp-vF5_67cwOkoYb5dHjbMzgg5EbGyC4IZ5hjMC1T7K4xpLplfFVCte1NbwNBZZwhM-fnWxFHqxoPBmQvZ429ABajN6AojFhK9qrcRypmth-P1FLj9dEVRR1wPQeO0JlzZ3Y7ef8BTwvpWylXF5BqtCGxyw-ejvTZ__5YgeCxJeZ9pTTJ9zv5zdrsMM5YwGC9FrjTu1z8C9sMW2EIZIfyQbo_uPyGaIvrFmO0DHDVUFWu5eGu4vr6RwW2WBMdVv6xokAxMqvKDw_Je10dJlQINgjtDZhdvKZ-5HedD9hpopErShbakaxO54Z-pI9GjtcMMopIMwzHYPRWzQPpsMjQkGEH7YFWgswrGfunna7Bkoi2AJg0V5SDOSupi8qnIJ3djm47v2JxTIxuezZDz_xmG8lIpIkRjYd8S0TU_N6PpczBPNHkxlEVKWkbLWzdNnzSA7HYF0Xnh-KpmK27zDpCD3fqXFjeU2njjQvskK8ZG9BA6EDOkF67RGD2eKX-Q6-zph5m6-uSxJnHeZTb1ff38euUU7CJ_sMkVKmOPDfPyRl8EczX3Vhfe7minf1jEiQEAhPnXLJAN7N6q_w2RSpXeVKn5W9dB2EC9pF-9FNTs5M7i6YtxLorGakEe47lxLJdtCriEjwLiXxPkLZhrPYptHbf-_0f7uMpbJpNfH9yaHIFER-8-ZFpSGTtfPVY6tG-FlfGAB2kCRvcDlRlUf8faEKk2v2OBVBzt82i67tu8SwiEh3DR5eyFkZ8cpnC6-kxcDfGGwG9XXMKHrdYi30V1BdwA2iq_xAkZqwaapwBbCC7eUHi6Fi0btcDoymkyXJF_aFnyliQDYJ14NyviMxADaULycESwhwuJlDS3XpunjSz6XGIlXuWEeTwVTgoLwKTUIGa2zO_FwVF0fGtfQcSZPX4YN1TVty4zCuiR7qVjuiua0qGHxM2tthqH_ecA_mpfguH-ztQ-upfEVUbh-kSHfyxbxDzHNFsN8ub5GRmJBjcC-DxK7pnMl6Sqy5s4NLHbf2QCaII4zLQRN3YKagrsrpvMpiDxrnq8_KajOwrpWIFpdwYzQM-QgLUSo-yv4CJAugfRogjc5BGcCslFS8RITWVWSKae0WmH3evGMgCsuTrt2ReBzJlR40JEnIgHKUEGLLmtsQ4CFbrsCSEGzAtM-euRWEKY9JfpoCLX3mCIgfl17pRbBFRqgrQcGMnDoVSFX39Sg6RL798CyDvyYWYfk-ujTIC4cceQU4YjyWacjaMrpSxv11F7cbNy-jLZQjm_AyCVuOb1sPA7OtnKlgOBeTlBSHRC-iGhfMn6H3lqnaXiLFL_vuvgmsxcm5_sAqDiHJ309RpOImuKr1Jl4gTILPrfzhqgFtpyCvZHANzigIoNa2_fp-QK6rNrb2hAY9MECUH0i05ZZD22s-oXbVCPpjqC2hYtaZFQZCsauohwtWwOfOXctixyJ-6JDSUqazgAoNioNXGIVZtIaZruV722jYHw0sIvlVCHeEqcbuljf5c0yGwpD_QkqlidhibXln_6Wb_C6O3-ky_2WqL3KsBFboorIIqLQUywVJZfKCSnct7ChvmXzJSuigUObbZXImsdrfFCP1l0LldKx9t6g0lubionJoPupf7MP6JHBjBBo22XgKF_4CaT3BskrThSKjvdpXO0e18RhHDUqXLBa_zS4vCcEXSS92COlvTNh7h-_TPIvq30C4P5fjOBfoh2Xaz1pzx0Ng2X6yOR2mxiPU53KozpK0A2VXmK0qa0BERAVANpq3m52lk&cid=CAQSTwAvHhf_wwk-zNe84q4zRI-tDmAkgzHxdTgZNJgHgRIBoUF9dE9gS94wOJcMH-zxWksDbXmxCF6jLqn9xP2ITxMwVFq9F94USLuWC6dqWi8YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.157.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f154.1e100.net
Software
cafe /
Resource Hash
b9cc6500a2b3a9fe778f6d57bfaa2d31567f7d85ce99ce9787d368981a4eed42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17319
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame CB78 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de417041880b008d377d0c6e124b5ed6b201fd572ef265504eb87ae66741b64a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=29&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784&delta=668
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=27&pc=2582374728366616&lid=rtbhouse&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3yDPoCR4Ze-oNtabid4PqvqOqATL7q21ctHqsayEEu7wkLqtPxABIPiBhERgifPFhPQTyAEFqQJK7pyu9oI9PqgDAaoEnQJP0ER5Z5eexuOUcH_lNCJkY7zjiHuKMhcBA6hJkF_zcsm30X_a5HGGHJqQCZDx2Td8Jhpa6IfUVBE_GMnTFKoV3wPaTaVZPYNYCwIdEVtMGVLdzL8NTTeQrLn5VzBOwdKZJUP1kBAKcElgq1fbCC3kg6nZahVy-7MYSjEnpMKNaSoOjWSI2NeBZX9H1aKyWQpKT4QGwoxKlnS19JbPZoB0nTx4zXNxO5CXMY97JrWYMGx29I6NWWJ4Wqjv3sSpGkSHvf8Z517G0CMWue2UOAJ2Rc1mq0_8sW-1Kpn8qMtJY7l41pBHHMNqiuXfR1CfKziUSeJJ6_EuNcOgMDI7IZdqc8-hDkcezugAFYlTh4TBasNRJSYAMwAubccDny7ABJa5xrXFBOAEA4gFy-O3jkySBQYIGxACGAGSBQsIIhADGANIzKKHApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjZ3zP6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEJHIBhjv_ILzAdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY6tKe58eJgwOACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLiDRMIlf6e58eJgwMV1k3CBR0qvQNFsBP9l6YVyBObwsPjA9ATANgTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi00Mjk2NjkyODAxODIwODE4GICFD-gXBQ&sigh=PQd3Keg8oU8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_wwk-zNe84q4zRI-tDmAkgzHxdTgZNJgHgRIBoUF9dE9gS94wOJcMH-zxWksDbXmxCF6jLqn9xP2ITxMwVFq9F94USLuWC6dqWi8YAQ&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame CB78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3yDPoCR4Ze-oNtabid4PqvqOqATL7q21ctHqsayEEu7wkLqtPxABIPiBhERgifPFhPQTyAEFqQJK7pyu9oI9PqgDAaoEnQJP0ER5Z5eexuOUcH_lNCJkY7zjiHuKMhcBA6hJkF_zcsm30X_a5HGGHJqQCZDx2Td8Jhpa6IfUVBE_GMnTFKoV3wPaTaVZPYNYCwIdEVtMGVLdzL8NTTeQrLn5VzBOwdKZJUP1kBAKcElgq1fbCC3kg6nZahVy-7MYSjEnpMKNaSoOjWSI2NeBZX9H1aKyWQpKT4QGwoxKlnS19JbPZoB0nTx4zXNxO5CXMY97JrWYMGx29I6NWWJ4Wqjv3sSpGkSHvf8Z517G0CMWue2UOAJ2Rc1mq0_8sW-1Kpn8qMtJY7l41pBHHMNqiuXfR1CfKziUSeJJ6_EuNcOgMDI7IZdqc8-hDkcezugAFYlTh4TBasNRJSYAMwAubccDny7ABJa5xrXFBOAEA4gFy-O3jkySBQYIGxACGAGSBQsIIhADGANIzKKHApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjZ3zP6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEJHIBhjv_ILzAdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY6tKe58eJgwOACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLiDRMIlf6e58eJgwMV1k3CBR0qvQNFsBP9l6YVyBObwsPjA9ATANgTCogUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi00Mjk2NjkyODAxODIwODE4GICFD-gXBQ&sigh=PQd3Keg8oU8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_wwk-zNe84q4zRI-tDmAkgzHxdTgZNJgHgRIBoUF9dE9gS94wOJcMH-zxWksDbXmxCF6jLqn9xP2ITxMwVFq9F94USLuWC6dqWi8YAQ&vt=10&cbvp=2&vis=1
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 09:15:13 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 2CDF 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:55:11 GMT
age
408002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 15:55:11 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2CDF 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Dec 2023 23:54:31 GMT
age
33642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Dec 2024 23:54:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2CDF 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 18:34:10 GMT
age
312063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 18:34:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2CDF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 06 Dec 2023 19:42:08 GMT
age
480785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Dec 2024 19:42:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2CDF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:58:35 GMT
age
407798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 15:58:35 GMT
truncated
/ Frame 2CDF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d364ad62b4e8acd724499aa1ff05d28fff657f5f7afb210ccdcd3c5b22f06fc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
6164959581259953825
tpc.googlesyndication.com/simgad/ Frame 2CDF 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6164959581259953825?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlYafdGxIPWEIRgKz0Ytk36CnHI_w
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c232bfe97c26ec02ad0b8365b3a4336a1926052fa237dd8eb5a09b8d0dede9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:38 GMT
x-content-type-options
nosniff
age
33995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31993
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 02:14:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:48:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2CDF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:15:25 GMT
x-content-type-options
nosniff
server
cafe
age
75588
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:15:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2CDF 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
48736
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:42:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxKUlT12SwJPhI8FRAksIfN4amgu2HivpH9hHrEwR7x05y4c1lCY5wdYH8v1ZFCWuIQd9H165iwVyApuh9f7kO91E9ZxYyJNCAuRCU8u4XIbr9yb0dfP_QGVI6WuJPGwNWkrEbgKl4zQfW6XLa9djB2sRpNsLglrYjZEUJqZmprBmMwC2UeQYxVj7m2EjX8wm2AJt1GlPE_C8CReBrOabrqh1RyOL0BJhvBoZ_WV-GuZwKnuRov6wZ20QJAbGHXRiiSiJ14RCihM57bIPPugNFayEaemQH208eAqdZla0Jz-BZTX_xd2mdxS66ySJkBEOxPvDLjbU&sai=AMfl-YQpL6EmbpXz_hdWj1W_OH_TX_5N-MJFakMmvLdETn8UfAO0a_LmeyFVmzcyZYZhL0SGGpejmEJXmXy5IEB_m58VJ5ngLyUDdEKlTC8aj9lz3fxytK_lKAIOWU4dHGIFwlFoOxwz6CHXLqOMWLn3fE0&sig=Cg0ArKJSzIBiClzXTC_DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 09:15:13 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6D55 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6513af13fb33610c5347b48ff297b9f0a0c00681f18ea051b6a73341c339225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Origin
https://natalie.mu
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52140
x-xss-protection
0
server
cafe
etag
5868360569469958276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:15:13 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6D55 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:15:13 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
144bf616a365ec876645cfdb1b0dc10b7eee4a4f629dbf232bf60c7f23fc839e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 28D9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3326646906
  • https://sync.1rx.io/usersync/tradedesk/d4b4056c-9cff-4981-a11a-66e4858998e2
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-f6e80dd6-6e04-4aa1-8622-d13d...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M8VXM8NG3QY2Q3PVBYNJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
date
Tue, 12 Dec 2023 09:15:13 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf6e80dd66e044aa18622d13d77f432d3004
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame 28D9
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453741131267202000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453741131267202000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CKVGAAD2SPB6RHSEZ0DD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3453741131267202000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 09:15:13 GMT
ecm3
s.amazon-adsystem.com/ Frame 28D9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=SJ6fh4OymhSHO5zQDvzV
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=SJ6fh4OymhSHO5zQDvzV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3RYNAV96QQ5K92CSVRBN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=SJ6fh4OymhSHO5zQDvzV
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8F34
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=amazontam&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dss.com
  • https://s.amazon-adsystem.com/ecm3?id=ZXgkoMCo5sIAAFGloKkAAAAA&ex=ss.com&status=ok
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=ZXgkoMCo5sIAAFGloKkAAAAA&ex=ss.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
S98B3529S12RC7KV0QTG

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:15:13 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=ZXgkoMCo5sIAAFGloKkAAAAA&ex=ss.com&status=ok
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
5
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40147.dc2p.scaleout.jp
X-SO-IP
146.70.201.160
X-SO-Key
ZXgkoMCo5sIAAFGloKkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=amazontam&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dss.com","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.160","key":"ZXgkoMCo5sIAAFGloKkAAAAA","privacy_sensitive":false,"uid":"ZXgkoMCo5sIAAFGloKkAAAAA","upstream_id":"a-ad40147"}
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-UID
ZXgkoMCo5sIAAFGloKkAAAAA
X-SO-Upstream-ID
a-ad40147
amzns2s
rtb.gumgum.com/usync/ Frame 0240 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.217.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-217-108.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6699098eda673294554a566db12af587cbf587d9da43a52e3589b00366680c6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 12 Dec 2023 09:15:13 GMT
etag
W/"061e6513a01f70ad46a8fe92d1e0c74e4"
server
nginx
timing-allow-origin
*
ecm3
s.amazon-adsystem.com/ Frame 6DFB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=$UID&ex=yj.com&
  • https://s.amazon-adsystem.com/ecm3?id=4516927009669048412&ex=yj.com&
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=4516927009669048412&ex=yj.com&
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YJ8V6KVKWN82X8D49616

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f0dc9c5e-ccac-4ad0-a74c-45e77f47e5f0
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=4516927009669048412&ex=yj.com&
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 3012
Redirect Chain
  • https://y.one.impact-ad.jp/ul_cb/a9_cs?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dp1.com
  • https://s.amazon-adsystem.com/ecm3?id=2e04749e-02d1-4858-b05e-38700c1eb143&ex=p1.com&status=ok
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2e04749e-02d1-4858-b05e-38700c1eb143&ex=p1.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6GZTGY19KZ3JBCBQ1XEM

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:15:13 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=2e04749e-02d1-4858-b05e-38700c1eb143&ex=p1.com&status=ok
Server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame 7DA5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70556604fba5aaed7d25512aaef499ac159c83f649fc37278902721530e703c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8344dc90bbe9afac-NRT
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gf77wqVnODpX1wpyn82Rm3EDHSEas5oDTa9YGb6KSweVj4u4En42j66xgEy%2FH0iQXgJ29QaqbKUGLMjTUee8Yzpq%2BXAeZthvD5PGzdwvhxc1EuAYWuDhDg%2Bj73pNXjJ0DUeQmNrzHTDLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8344dc909bd1afac-NRT
content-length
0
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAR%2BtGSbSu2M%2Bl89y6TH0V8yRfXciFk14WNKzvZYzTRJ%2BbaRJdrw7z4CC5IE0cWcnGKNy%2B9BKsduW%2FNZLBu77Q%2FW4D4BDul7ApydysLEcm5ZAxAJTlNvzRo8sdNnicYu7AQyP3PFqt6l4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F5AC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48655
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B2E2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 09:15:13 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame E369 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 12 Dec 2023 09:15:13 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4516927009669048412
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4516927009669048412
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
an-x-request-uuid
7a944264-7562-46cc-b1cf-bc9fca7feab1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4516927009669048412
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5e0b83fb-cf24-47f0-b533-3837161e5476&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6265997732731674459&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame 0240 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160
Date
Tue, 12 Dec 2023 09:15:14 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-JsJQ_ahE2pf4voz4bIVAd71p.B08ToKpry93~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-JsJQ_ahE2pf4voz4bIVAd71p.B08ToKpry93~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-JsJQ_ahE2pf4voz4bIVAd71p.B08ToKpry93~A
content-length
0
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=ca3e76fb-b51f-4bf3-a414-46e9d3cff563
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=ca3e76fb-b51f-4bf3-a414-46e9d3cff563
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=ca3e76fb-b51f-4bf3-a414-46e9d3cff563
Date
Tue, 12 Dec 2023 09:15:14 GMT
Connection
keep-alive
X-CI-RTID
c0c725cb-70e3-4519-acbf-cb6ce9217633
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 0240 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5e0b83fb-cf24-47f0-b533-3837161e5476&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_5e0b83fb-cf24-47f0-b533-3837161e5476&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=ZtkuDwr7_u5OKJBvO_Iw
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=ZtkuDwr7_u5OKJBvO_Iw
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=ZtkuDwr7_u5OKJBvO_Iw
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=0jy9Wht71a08&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=0jy9Wht71a08&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
location
https://usersync.gumgum.com/usersync?b=pln&i=0jy9Wht71a08&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6fb8fdd894-5hz5p
expires
-1
usersync
usersync.gumgum.com/ Frame 0240
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8160195145739520768
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8160195145739520768
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8160195145739520768
date
Tue, 12 Dec 2023 09:15:12 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0240 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_5e0b83fb-cf24-47f0-b533-3837161e5476
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DQ188XFHRS1Q6XBAR954
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B2E2 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07fa4c276943b5d87faf65f53aad6b1b93e9c8caebde9514e0a92451f49417ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 18:30:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33289
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 18:30:02 GMT
usersync
rtb.gumgum.com/ Frame 3EA0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=6265997732731674459&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=6265997732731674459&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.217.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-217-108.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=6265997732731674459&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 4128 		170 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81ZTBiODNmYi1jZjI0LTQ3ZjAtYjUzMy0zODM3MTYxZTU0NzY=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6A3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48655
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 3769
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=d4b4056c-9cff-4981-a11a-66e4858998e2
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=d4b4056c-9cff-4981-a11a-66e4858998e2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Tue, 12 Dec 2023 09:15:13 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=d4b4056c-9cff-4981-a11a-66e4858998e2
server
Kestrel
usersync
usersync.gumgum.com/ Frame B849
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXgkoMCo5sIAAFGloKkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZXgkoMCo5sIAAFGloKkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:15:13 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZXgkoMCo5sIAAFGloKkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40147.dc2p.scaleout.jp
X-SO-IP
146.70.201.160
X-SO-Key
ZXgkoMCo5sIAAFGloKkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.160","key":"ZXgkoMCo5sIAAFGloKkAAAAA","privacy_sensitive":false,"uid":"ZXgkoMCo5sIAAFGloKkAAAAA","upstream_id":"a-ad40147"}
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-UID
ZXgkoMCo5sIAAFGloKkAAAAA
X-SO-Upstream-ID
a-ad40147
usersync
usersync.gumgum.com/ Frame 463E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 12 Dec 2023 09:15:14 GMT Tue, 12 Dec 2023 09:15:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 3845
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 09:15:13 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 09:15:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 3845 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07fa4c276943b5d87faf65f53aad6b1b93e9c8caebde9514e0a92451f49417ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 18:30:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33289
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 18:30:02 GMT
362358.gif
idsync.rlcdn.com/ Frame 7DA5
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d4454db8221c48a0939538a37af12cde
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d4454db8-221c-48a0-9395-38a37af12cde
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a89fefab-25cd-4ff9-888f-760682533d16%3A1702372514.6343617&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da89fefab-25cd-4ff9-888f-7606825...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2020216292188257118&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da89fefab-25cd-4ff9-88...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a89fefab-25cd-4ff9-888f-760682533d16%3A1702372514.6343617&_=1702372514.6373389
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEPztuGQOG3htiLHJwgMzxs&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEPztuGQOG3htiLHJwgMzxs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEPztuGQOG3htiLHJwgMzxs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7DA5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d4b4056c-9cff-4981-a11a-66e4858998e2&expiration=1704964513&gdpr=0&gdpr_consent=
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d4b4056c-9cff-4981-a11a-66e4858998e2&expiration=1704964513&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yn073WIV%2FhE9Zel6oHISK%2B8c7sO5Ju5Kf%2Fy7T0SDd8Un0dBdXAtrVSJCriOZ1wLpWH%2FBW7%2Biz%2F0hJSoKzJRkuW2GFwLoii54QIcfLZyUA6Aj5hoeGIaid0ALIa5xXMVVulvdTj9fFVruxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344dc910c44afac-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d4b4056c-9cff-4981-a11a-66e4858998e2&expiration=1704964513&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 09:15:13 GMT
server
Kestrel
content-length
323
dcm
s.amazon-adsystem.com/ Frame 7DA5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXgkoV53WQ1V60EtPPrXJwAAFXAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QWRH75FETBPRZV7FQJ09
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7DA5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXgkoV53WQ1V60EtPPrXJwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
43 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biwV7hN8%2FQrQGlw3hrevUh0Zn6u7s%2F5YKj5I%2FprLzmMm1O9et3XIZZprP%2BSVi1wSGCnNlZPrJ6cGXhVrdVJp6z%2BOUskKySIg716f%2BoyLdZQcxD%2BKjFbUUwJRrkR%2B5OgROqATrwI%2BjoBTkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344dc916cdc2089-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7DA5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kdktg5XYe4qKiC-Kwo0335DVKNmK1C7flds6TmuW
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kdktg5XYe4qKiC-Kwo0335DVKNmK1C7flds6TmuW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNy2ghun8IS8Kfx2Vp8WBXnW2kT3qCXx6G%2Fti%2FhEBtBOwYQSI4RxoAVDex2PjfLAPyV9EzOxaa8J79hYoiddqlMmgTdVMELFLLKqof2W06G3Dv1M7GyYhSQKYs0GrJFisPMm%2FnoEimn5JA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344dc9498032089-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kdktg5XYe4qKiC-Kwo0335DVKNmK1C7flds6TmuW
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7DA5
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718183713&external_user_id=21f8a398-bcdd-48a0-ab43-b5cc656d799e
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718183713&external_user_id=21f8a398-bcdd-48a0-ab43-b5cc656d799e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqiDxt6yKLwvnfnzQkYNiPwM%2BefVROu3Crw1IItCuvooNnZd%2BfWDNZW99Dx4TlWKNbexE3rlxmwwzMOEtYFlexIQk9FV0qVGmkLrhGEMTLUeZMkyDTPQ4w2zezbwRFaQdOJgM%2Fo8EC8PpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344dc928d8e2089-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 09:15:13 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718183713&external_user_id=21f8a398-bcdd-48a0-ab43-b5cc656d799e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
demconf.jpg
dpm.demdex.net/ Frame 7DA5
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
35.79.210.119 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-210-119.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-tyo3-1-v051-0423ad794.edge-tyo3.demdex.com 2 ms
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
XN8MNNdSQuQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-tyo3-1-v051-0abfc0305.edge-tyo3.demdex.com 0 ms
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
YlpU9T0HRyM=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXgkoV53WQ1V60EtPPrXJwAA%265488
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 7DA5
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8160195145739520768&gdpr=0&gdpr_consent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8160195145739520768&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEv2EkG8Iie8VexzTOy9kPco572xUNPiCh8lmyi0PzDMDhjHd7JwnSAI51%2FyEDaiaIQApuJEFgVAs3gpLAGsikITmf%2FUOLB5eVYO2Re0u%2BYRUklYYL0nwi0C6Mzv6k38nNCsdt7I2LneLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344dc91fd3d2089-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8160195145739520768&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 09:15:12 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7DA5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZXgkoV53WQ1V60EtPPrXJwAAFXAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E6W6A5MKMW9EGJ674G12
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F5AC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94081883&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
df54eb1c5857cd7f7c722d348a25501432a72efdfaad1a25381d86507be66bb7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 09:15:13 GMT
content-length
1545
content-type
text/html; charset=UTF-8
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 24D0 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 16:17:29 GMT
content-encoding
gzip
via
1.1 12edfea623a876eaab6b5e8c6eab26b2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
61065
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
G89LazOSaGgOHLZphDLzKOiJXdZEyoAHsYRPkeLXg7Nc4iLY8rbsuA==
csi
csi.gstatic.com/ Frame CB78 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq24n1zj&c=7188318330678&slotId=3594159165339&qqid=CO_4n-fHiYMDFdZNwgUdKr0DRQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame CB78 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:43:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 15:43:29 GMT
file.mp4
r3---sn-oguelnzl.c.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CB78
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r3---sn-oguelnzl.c.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-oguelnzl.c.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/727C46366E31D47BAC409AE22F710DF295C2BFA1.014A4F268DAA1B5A215438287900274A422D4D2B/key/cms1/cms_redirect/yes/mh/Wg/mip/2001:ac8:40:1d::1e/mm/42/mn/sn-oguelnzl/ms/onc/mt/1702371933/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
2404:6800:4004:2a::8 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:13 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
6390543
Last-Modified
Wed, 09 Aug 2023 07:50:55 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 12 Dec 2023 09:15:13 GMT

Redirect headers

date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
location
https://r3---sn-oguelnzl.c.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/727C46366E31D47BAC409AE22F710DF295C2BFA1.014A4F268DAA1B5A215438287900274A422D4D2B/key/cms1/cms_redirect/yes/mh/Wg/mip/2001:ac8:40:1d::1e/mm/42/mn/sn-oguelnzl/ms/onc/mt/1702371933/mv/u/mvi/3/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/ Frame 3BCC 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=AKabF3seavNRulad
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2CDF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 6D55 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caecc862a6f9263548e38276fda868885788b258263c3ab1f19f43a5394c51fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137695
x-xss-protection
0
server
cafe
etag
9785667110632684810
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:15:13 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame FAD1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4296692801820818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
17623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 04:21:30 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 04:21:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6D55 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24fe9e0f2eaa5caaca07ff3509ec72b8a4c958e80e2902f1aba39e3733cf1a04

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
6164959581259953825
tpc.googlesyndication.com/simgad/ Frame 2CDF 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6164959581259953825?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlYafdGxIPWEIRgKz0Ytk36CnHI_w
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c232bfe97c26ec02ad0b8365b3a4336a1926052fa237dd8eb5a09b8d0dede9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:48:38 GMT
x-content-type-options
nosniff
age
33995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31993
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 02:14:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:48:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2CDF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:15:25 GMT
x-content-type-options
nosniff
server
cafe
age
75588
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:15:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2CDF 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
48736
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:42:57 GMT
/
onetag-sys.com/usync/ Frame AD80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip29.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame F659 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip29.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
setuid
u.4dex.io/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=sovrn&uid=HztLDBZHQz0K2AzuQjqahty-
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=sovrn&uid=HztLDBZHQz0K2AzuQjqahty-
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Tue, 12 Dec 2023 09:15:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://u.4dex.io/setuid?bidder=sovrn&uid=HztLDBZHQz0K2AzuQjqahty-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1D56
Redirect Chain
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ae9V89aKtDJPks8AED41tMcJps8AAAGMXU8X0A
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ae9V89aKtDJPks8AED41tMcJps8AAAGMXU8X0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:27:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 12 Dec 2023 09:15:13 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ae9V89aKtDJPks8AED41tMcJps8AAAGMXU8X0A
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma
no-cache
server
Logicad
via
1.1 4ca8d239c2b4b1a578fa3c7797e67c10.cloudfront.net (CloudFront)
x-amz-cf-id
_G8-qD5NqNCUhMiluhh0NwtMMNnsMw1MKM1TaerCYwb0oRRt0z9fDA==
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
Pug
simage2.pubmatic.com/AdServer/ Frame E1E7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic
  • https://api.primecaster.net/adlogue/api/sync/bidswitch?ssp_id=pubmatic&uid-set=1
  • https://x.bidswitch.net/sync?dsp_id=191&user_id=4n9jl12sGG&expires=90&ssp=pubmatic&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:38:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:15:13 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
ecm3
s.amazon-adsystem.com/ Frame 41BA 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ADP5ZPGXXHACJFCW48EF
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F5AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yAmjWU_CTDGyxryLn8skUw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48655
accept-ranges
bytes
content-length
5622
expires
Tue, 12 Dec 2023 22:46:08 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame F5AC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817%2C%2C
date
Tue, 12 Dec 2023 09:15:13 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame F5AC 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.12.162
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame F5AC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:14:34 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:14:34 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F5AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzgwOUEzNTktNEZDMi00QzMxLUIyQzYtQkM4QjlGQ0IyNDUz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:38:15 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F5AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENyImY5HbW0KRNx5joddzeY&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENyImY5HbW0KRNx5joddzeY&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:13 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENyImY5HbW0KRNx5joddzeY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F5AC 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 11 Dec 2023 09:15:13 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F5AC
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXgkoMCo5sIAAFGloKkAAAAA
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXgkoMCo5sIAAFGloKkAAAAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:13 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 12 Dec 2023 09:15:13 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.160","key":"ZXgkoMCo5sIAAFGloKkAAAAA","privacy_sensitive":false,"uid":"ZXgkoMCo5sIAAFGloKkAAAAA","upstream_id":"a-ad40147"}
X-SO-Key
ZXgkoMCo5sIAAFGloKkAAAAA
X-SO-Upstream-ID
a-ad40147
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40147.dc2p.scaleout.jp
X-SO-UID
ZXgkoMCo5sIAAFGloKkAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
146.70.201.160
X-SO-Cluster-ID
0
Server
nginx
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZXgkoMCo5sIAAFGloKkAAAAA
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 6D95 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
422314
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 11:56:39 GMT
expires
Fri, 06 Dec 2024 11:56:39 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7923 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:12 GMT
expires
Wed, 11 Dec 2024 09:15:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 24D0 		155 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Dec 2023 21:19:14 GMT
via
1.1 53befccebe9d6058aad8082298af366e.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
42960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
ttijnpExHE901YioIm6gnu1CJsjHdhq1LqrQq4hWw_DEhVdey_5vpw==
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7923 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
410099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Dec 2024 15:20:14 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7923 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
content-encoding
br
age
12014
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9365
x-served-by
cache-fra-etou8220028-FRA, cache-nrt-rjtf7700065-NRT
x-jsd-version-type
version
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7923 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:15:13 GMT
khaos.json
token.rubiconproject.com/ Frame 2DE6 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2CDF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvxJjoSR4ZeW5A6Kgid4PhJ-P6ALiutzcdMaom5uJEsCNtwEQASD4gYREYInzxYT0E6AB74nR0ynIAQKpAkrunK72gj0-4AIAqAMByAMIqgScAk_QB3Lek6dFXOr555Oa9JXIue8BBNIo_eqA5XDHxL8LXi0ny4VcWAZig6M0UAA5mtKJYw5Wm8M80JFrDGLK0FMEPz-aB5q_zGBXvG6qgsFXslKNRUW71B9l1r2goeKiTK1E96Amv4p-QyLXr-LL6lHdYCdcEiG8YQfS6BF73tdCW5gd6ecdL2uFKTDNKbjqGn6Frpcp95rXnVrFwZIJsU0kAGwyDveiRgLX6_j2Rq7U9mVtWLsWw_75U7K3KEXcoXtf_nCWtCcBxUI12dF3P-kGUcdFOWnF-HZjHeYoRE6XtkUluDbWOwhw1aQKCt7aJCNBXFgLf6ggrf7F4urIUA8ic4DcrtE408zUhsPhi_ynSczksKhEWWSc0FVOwASA1KOfzQTgBAGIBaTdtJ5MkgUECAQYAZIFBAgFGASgBgKAB-_BobMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpvIE0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOljU1Kjnx4mDA5oJQmh0dHBzOi8vd3d3Lmh1bHUuanAvc3RhdGljL2Rpc25leXBsdXNfc2V0Lz9jbXA9MTE0NTYmd2FhZD1DMFVZenBSaIAKA8gLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChDgufWxnZun0GYSAgED4g0TCNiGqefHiYMDFSJQwgUdhM8DLdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi00Mjk2NjkyODAxODIwODE4GICFDw&sigh=3C-yvJT0S0w&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_xZfkbxaLZ16bTrr1FqWIqobZpGCazJueZBVQArqqL_PySfNHJv21Dj-J2wxhbjJrgoObG61N6oKCOcIgUgInJsSW71-e0gJGThgB&cbvp=2
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
data
bcp.crwdcntrl.net/6/ Frame 24D0 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c52e9c790b1f5915ae02dd317258dc8e084e58cd8b44bc8730d056af2de5e081

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.42.16.72
access-control-allow-credentials
true
content-length
262
expires
0
file.mp4
r3---sn-oguelnzl.c.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CB78 		224 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-oguelnzl.c.2mdn.net/videoplayback/id/dea1ade58a28916a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733908513/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/727C46366E31D47BAC409AE22F710DF295C2BFA1.014A4F268DAA1B5A215438287900274A422D4D2B/key/cms1/cms_redirect/yes/mh/Wg/mip/2001:ac8:40:1d::1e/mm/42/mn/sn-oguelnzl/ms/onc/mt/1702371933/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:2a::8 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 12 Dec 2023 09:15:13 GMT
date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-6390542/6390543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
6390543
last-modified
Wed, 09 Aug 2023 07:50:55 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
client-protocol
quic
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6D95 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
33621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:54:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlt0xk34piNJin6tPhhL3WU_59TxNvoclocFps32jMeSPLqvgDZfm7TGGisjz2xHd9TSI3-AM1IWKixrOH1IpvwZyTPOgMuf0gkoXht2n6vLS7ubWVhCyVgWYnpa_26cnP9qFxpBRRrSKWarevORS85GcmN6Js2FjGyNtiu3YP7J5foQss_CqcfjOddmuwWhP8PFjm6o3N8GIo7pOB9H8f2uPpx7Y6HgZWH19r_TpskkVyA49yZhK3o5OzTfk4BfN5jhVmiB9H-1eRcpxxbjjZXiHp3lRkrU9MKzQAV5D2ziK0Yqgjf9S2ut3e6CpEgO2m0Kkb7i2gXQ&sai=AMfl-YRc7fBLToJKSgOaCVjrGRhmdx06T6lUzecEjkYqzrssVy2SF7M-5ZDuIz95ZUI66KE1PgPvV1HQLWa_9vjrxO88l733vWSRakgwYGeP9RgSaegSbMrWsmpsB4D4mwaAEk7vvgL-1EEGkLh72WGL6Gw&sig=Cg0ArKJSzBvf--xerKUZEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 09:15:13 GMT
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-9383bfd95b83fc6bd66d5b248cd60b3b-57c2ad3c27a57ae4-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
9383bfd95b83fc6bd66d5b248cd60b3b/6323807300656397028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
adflash.
fundingchoicesmessages.google.com/f/AGSKWxWpp4KjT2G7WonUULlcxKNsOuaxz7q6tgdRHi78kBIgpWFricL9SE_Pha24k644oV-oL7CuBLdawqwPfRuDCGSiD35BJm_Ur3L9E_2Zj-3jWZMwLhU1QXN7bBqRg1PB44cZJpepl5S45uXBmSbtxv_qBWNYH... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWpp4KjT2G7WonUULlcxKNsOuaxz7q6tgdRHi78kBIgpWFricL9SE_Pha24k644oV-oL7CuBLdawqwPfRuDCGSiD35BJm_Ur3L9E_2Zj-3jWZMwLhU1QXN7bBqRg1PB44cZJpepl5S45uXBmSbtxv_qBWNYHhDL6IVaUBUQT_v1RONLt2rZldpno1TJ/_/sponsoredlisting./homepageadvertright./xtendmedia./ads/pc./adflash.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMze8y4RghRHkiILg3BhrB5feyQRkA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28b6b9f758238df0c55cd333987cbd7eee2f3c2bbfe488b0c2e20775e46d4f6e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X99g8YZupg-eba4azeNHdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-X99g8YZupg-eba4azeNHdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMze8y4RghRHkiILg3BhrB5feyQRkA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
1270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:54:03 GMT
AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AjXCsLs6fewVF3tjnaDa0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AjXCsLs6fewVF3tjnaDa0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://natalie.mu
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7923 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuletwZGlexpSga2tgNkUCqVA24zjsPDAvTy4P70i8Bl_K7HaR8qPM5ZgB50OzxgPrY4sfuJcyVcGiCl4C9w6rfPi_4DIADwV2Xbp8xF966krv5_yodkwqCoETqSu-PORIP_T3iUNx6UkU-7q7JZqN3-cjm0YNjNExvK82M6_9Km5ogWkKJLPhkfxoUJ7ufV-o7hlm3OEoli_6F-B56u5Vr5dxbRSp4IzzhW6S0ysZ26mN8x1A5CP-B4l_vqo8TVynR2SbUCT928f30eeX6_h9kBV9ylCd6XwsbsmLwaiAVSOuba-Ri2tZS0on5_wLSNjBYmTRZYJaHeLURXXx9tGQtPW6Lc4D-_l1jgz6IHw&sai=AMfl-YTCAL6DAzio6Vt8hdpUKssqRcKZSfIMYMvONecj0YLiwH28NuNEwaZfmlW_FLuUgaSfwahlZB1velRNMUlgVT0sR30wRcNZoy5PNdHdbp9QNbZelYFs0mCJw9RQJzxsgUTNo3fU4sdi2a9OmIR09KI&sig=Cg0ArKJSzJVfvUlFryoMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EA3E 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&adk=1812271804&adf=2751417943&lmt=1702372513&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=2&bdt=200&idt=246&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&nras=1&correlator=2562548046679&frm=23&ife=4&pv=2&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jpo4ae7d02qf&fsb=1&dtd=300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9E5E 		24 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec2c6dea4df893211b0dfe8cc06d87d562a0c92207da48b683469391a0dd9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6D55 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3f5fc0947a81f10b11ae80b6f5e7281a773c8908da83e184d44d709af341276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12365
x-xss-protection
0
iicon.min.js
s.yimg.jp/images/advertising/common/js/ Frame 997F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/advertising/common/js/iicon.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
b2ae6224f0ba101130c6dc10f077a29410440979850d8c1ca9897a469525a298

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 12 Dec 2023 09:14:56 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 05:39:57 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
17
vary
Accept-Encoding
content-type
application/javascript
x-ntap-sg-trace-id
a05c8bb9594d5ab2
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
4976
dispatch
cksync.yahoo.co.jp/ Frame 997F 		35 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/dispatch?ptr=10901&time=1702372512
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
x-content-type-options
nosniff
server
nghttpx
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
trk.js
cdn.adnxs.com/v/s/240/ Frame 997F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.176 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-176.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Wed, 11 Dec 2024 09:15:14 GMT
it
sin3-ib.adnxs.com/ Frame 997F 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fnatalie.mu%252F&e=wqT_3QK2DfBDtgYAAAMA1gAFAQigyeCrBhD7kpT_y7vu3ikY3NDD_e-l1tc-KjYJiASLXZfngD8RiASLXZfngD8ZAAAAoJmZ4T8hiAQJG_A-KVAlHUMMSPM_MQAAAOBRuK4_MJTctw44zxxAqkpIuANQ777BN1iD1GtgAGiXuIUBeNXUBYABAYoBA0pQWZIBAQbwW5gBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC8vxc6gITaHR0cHM6Ly9uYXRhbGllLm11L4ADAIgDAZADAJgDF6ADAaoD4QgKqQhodHRwASn0yAVwbS55YWhvby5jby5qcC8zL2k_aWk9QTZBa2VHVUFBR2p3UXltZDVKVWNVYm9rZVpNV0xMeVlvRTFhYzYzaWZWNWoyRkZPMEZMdVhsQUxFM3ZWWTBVRUdvc2VNbEdUSUhWU1hvWWc1ZnEydEpoSUJ2RkZtX1l6aG84ajBXOVI4ZWlXM3lqZm9mMHBVTTEwRGdyVlRydlRxc3diUEc2d2g2M1AzSEFlXzVtMWNnUUR4VnRNVGRfenRUWlJiZ1YwZW1INEZ6eVhuT0JjQVpyeTdiRGdPb1lNdGM4ekdudFlBYW1ldzhJRnZaRjRCY0FoWHAyel8wTGdwTGp0VTRYOUtkazRCYkR3MUZpRWZiWUkxb2hiU0l5ZjNnZmFvNjlpelVybk0zYTBaSjcxbFR2YXdZVXFHT3hWMzZadjdjSVNtR2ZzTDdUUTFpSnEzc3JLWDk3MzByWXJ4VWY0M3JXbEtnTENjRkhvVmtsVHRvMW5HTWx1cUZubFotM2JQLVBkd3k2SnkwekZzbzd6VDVQVzhwSGVnazc1LWNldVFJQmZYSWJ3My1ZekR0X3Jrc0lHQV9oZ3kycUdzT2JuVTFvb3BpY1RKQjRSV0gwbEtxOXlDYlJZOUQ2XzV4NGdUd2xfSWlmSEROcTJBSWtHMU5jVDlFRlllTTFtTTBrM2kyQzNhY0xIQjE2T0VCSzNTYUM5OVpoS21iMnBBLUk4cGF5UkJNVnZCZXlIQ2oteXo0aWJ4NG5PMWRRZEE2aVM1dzhYVGg1dTBaZVlpcTRKWDRjdS03T25rUWtrdGNMTF8xQ0ZvTEVpNFpQdzNHNzVoVlNHX2JlWVRwMXdBMi1sS0ZBRXdLcVY0ZzRCZ1MzdF9aUTg3RWRHUE1TWGRTZS0yNzBPT2txSThnazFleUMtQTBMQ21qNGQtYndCbjFabldtTk5vc0FWZXNxdkRQOUFFTnh4Wk5FcGNwUlhGcnRMdFk2NjNBbnVIOU9uZGhrSm9KczFNbG1SZE9nUnljOXVNQks5cVVseDM3YUloOGtzdlh1TmdsbVlPeV83QzczaDh4R2pPOURESkZ1QVh3YTNySjl6MXdlS1E5NFZqN2o3ZHNSRm5KcnpYRTBRbGxmVUJUa1pWdFFRUDdhdkVFWUN4eDJFX29mY2RFa1ZXYURiUFZoTXR6TFBXbWE5VTV0YkI3dnROa0t3VlBXWFdabzlBOTVERm40RVpuaV96RGdEMDRSUFQxSzdRM2g0ZU05Z2cxaEJuaDh0ODctRTJiS0J2a0NiYzk5cVpBaTJEWms3QTRFVVVGREVkaFQyT28xLW9GelJjeFVuWmN6ck8xU0JGekxxSkFGVTd2eV9ubjZNM1VGdy1ScVFwNi1lRHcmcmF3X3JhcD0ke0FVQ1RJT05fUFJJQ0V9EgExGhMzMDA3NzY0NDgzOTE2NzYxNDY3IgkxMTY0MTYzNjcqBDk1MTQ6CjE0MjkyNDI0NzjAA9gEyAMA2AOv9zvgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xNjCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBO--wTeIBQGYBQCgBfKHicXhqNqFUsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPARfoFBAgAEACQBgCYBgC4BgDBBp1oVyHlP2JA2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAfV1AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB--6GYoIRwpDAAABjF1PEQApvbncv-UJe631gWjcf7YREfCGow3_QsjQGpV7ttHedptw5s6wRQzqzvfBDu5thKc-wDYpwUknyFHjuxABlQgAAIA_mAgBwAj8Q9IICQjz_987EAAYAA..&s=e7d7000a271d323a45473c0d31a74e45098727e6
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
bd57c3c4-52d8-4255-bc84-59c0449eea8e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iAl7kJ2INT2TUyeD7o4PKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iAl7kJ2INT2TUyeD7o4PKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://natalie.mu
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6D55 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 09:15:14 GMT
khaos.json
token.rubiconproject.com/ Frame B2E2 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-b3df4ecff7a120415b850910bd3e17ac-bc7750c52ca55aec-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
b3df4ecff7a120415b850910bd3e17ac/13580412009146833644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame DEC6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
34767
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 11 Dec 2023 23:35:47 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 12edfea623a876eaab6b5e8c6eab26b2.cloudfront.net (CloudFront)
x-amz-cf-id
KSktEgTPmpERirNt99u_yRdj_Av1cwkj7MmWuiM8AJAZTn2wqxJjjA==
x-amz-cf-pop
NRT20-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iP40jg7AM-OPjK8MOzur4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-iP40jg7AM-OPjK8MOzur4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1R-k-1dIMNRHxvmH_QgZwdSGg53m25I0NBbJxmQgN21snfkphLoaMIe-lFifwj6E2IU4Ejv5SOUFGngeY4WTQu9UkbV_61D4FotJt97H01xJROOdUXwyskMgSS256l3Y38hy_hg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O-KXBMEesvKudsnEQavIfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O-KXBMEesvKudsnEQavIfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://natalie.mu
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVXwUEw2IWI1Lw-kFhcUKvuh3k77dUZDMUegQH66npz3fZuNJ45Y3MMmdUdNYk5OjTpIylVASJH4Zr5KhLIZX4m5MvJheGLZM4BvufFDJsQtar3MTcAKinYFPUC7TmR2UAd7I2vQg==
fundingchoicesmessages.google.com/f/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVXwUEw2IWI1Lw-kFhcUKvuh3k77dUZDMUegQH66npz3fZuNJ45Y3MMmdUdNYk5OjTpIylVASJH4Zr5KhLIZX4m5MvJheGLZM4BvufFDJsQtar3MTcAKinYFPUC7TmR2UAd7I2vQg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzcyNTEzLDk1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbmF0YWxpZS5tdS8iLG51bGwsW1s4LCI4cGNoZFVqTFFMOCJdLFs5LCJlbi1VUyJdLFs3LCIxMCJdLFsxMSwiW10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e4976bfe4dc43b6c6254d9acaa871262ed5ec95e4a0033080c21c3e758f1108
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-spDhF84rdtSL0C9e3mhjWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-spDhF84rdtSL0C9e3mhjWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
banner.min.js
s.yimg.jp/images/listing/tool/yads/ydn/creative/variable/ Frame 997F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/yads/ydn/creative/variable/banner.min.js
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
ea4d57f8228d2e1640f39f747b49691d9aeeded3c5f439a187e7d5abd6434756

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 12 Dec 2023 09:07:21 GMT
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 01:56:25 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
472
vary
Accept-Encoding
content-type
application/javascript
x-ntap-sg-trace-id
2d21834ed4439832
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
6931
async_usersync.html
acdn.adnxs.com/dmp/ Frame 96EE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1429092
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
2205
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 12 Dec 2023 09:15:13 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
405, 24160
X-Served-By
cache-lga13626-LGA, cache-nrt-rjtf7700064-NRT
X-Timer
S1702372514.971348,VS0,VE0
rd_log
sin3-ib.adnxs.com/ Frame 997F 		0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fnatalie.mu%2F&e=wqT_3QLRBPBDUQIAAAMA1gAFAQigyeCrBhD7kpT_y7vu3ikY3NDD_e-l1tc-KjYJiASLXZfngD8RiASLXZfngD8ZAAAAoJmZ4T8hiAQJG_A-KVAlHUMMSPM_MQAAAOBRuK4_MJTctw44zxxAqkpIuANQ777BN1iD1GtgAGiXuIUBeNXUBYABAYoBA0pQWZIBAQb0FwGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC_EPgAvL8XOoCE2h0dHBzOi8vbmF0YWxpZS5tdS-AAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AOv9zvgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xNjCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBO--wTeIBQGYBQCgBfKHicXhqNqFUsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPARfoFBAgAEACQBgCYBgC4BgDBBp1oVyHlP2JA2gYWChAAAAAAAAAAETmIABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgH1dQF0gcNCQANKwEpDNoHBggFCfBs4AcA6gcCCADwB--6GYoIRwpDAAABjF1PEQApvbncv-UJe631gWjcf7YREfCGow3_QsjQGpV7ttHedptw5s6wRQzqzvfBDu5thKc-wDYpwUknyFHjuxABlQgAAIA_mAgBwAj8Q9IIBggAEAAYAA..&s=e141c775e570cf050498e498d221c87931e69de6&bdref=https%3A%2F%2Fnatalie.mu%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fnatalie.mu%2F,https%3A%2F%2F762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
769d4392-d48e-4553-8402-eadf3fb11757
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 3845 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame BB89 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:55:11 GMT
age
408002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 15:55:11 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB89 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Dec 2023 23:54:31 GMT
age
33642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Dec 2024 23:54:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB89 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 18:34:10 GMT
age
312063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 18:34:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB89 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 06 Dec 2023 19:42:08 GMT
age
480785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Dec 2024 19:42:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB89 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:58:35 GMT
age
407798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 15:58:35 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB89 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:15:25 GMT
x-content-type-options
nosniff
server
cafe
age
75588
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:15:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB89 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
48736
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:42:57 GMT
truncated
/ Frame BB89 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0df65069bfe9b408ce6ef9cde8e9f1ce992ba78597c8e759794582c66d144756

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
18445057837716716778
tpc.googlesyndication.com/simgad/ Frame BB89 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18445057837716716778?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnuFvgTNE-mlVw6WwyaijTy6nVunw
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89dea54e9f5622abca99a3046c4658237d041dd74d22c6c3a0bb0981a05fee56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 23:38:44 GMT
x-content-type-options
nosniff
age
120989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31340
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 04:09:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Dec 2024 23:38:44 GMT
truncated
/ Frame 7923 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05970823af7be0c00f3e1e55b9d1e585e0fe37f768a489541e8f0970743868fc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
6ef87fa4a4dd8d09e692ddaac1f18d4a.jpg
im.c.yimg.jp/res/ydnstorage-media/1002651724/14492749/ Frame 997F 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://im.c.yimg.jp/res/ydnstorage-media/1002651724/14492749/6ef87fa4a4dd8d09e692ddaac1f18d4a.jpg
Requested by
Host: 762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
URL: https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
6482844c6760677bc7ca230ccb237ec7b31293b27411a4ff51de7c39284b87eb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sun, 03 Dec 2023 00:03:07 GMT
last-modified
Mon, 30 Oct 2023 05:38:58 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
0c430ca3-1170-4cfb-a3cf-3cb4feb57590
age
810727
etag
"6ef87fa4a4dd8d09e692ddaac1f18d4a"
content-type
image/jpeg
cache-control
max-age=1209600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
113278
async_usersync
ib.adnxs.com/ Frame 96EE 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3663&pub_id=1429092&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1429092
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
739ff12a-ae2f-46b0-a01a-8db2eb970a5a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixels
bcp.crwdcntrl.net/ Frame 92D7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3e45d56039c878a6f6ef00d39498e684b51d822df18dd7530a0b1bd592af6bcc

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
1117
content-type
text/html
date
Tue, 12 Dec 2023 09:15:14 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.23.209
si
googleads.g.doubleclick.net/pagead/drt/ Frame BB89
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
AGSKWxUONd74s3lYSVOhE8np2r92udpWUwAOmV85FRD67xCoMp0r81N_dCha3myL6ivK74E8ztjVFgDu-PqPm5RUhZjmvTuJiF1a7TexlANxMcS_t-utQz3swReUzxV47jjPfVuUJXcjTA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUONd74s3lYSVOhE8np2r92udpWUwAOmV85FRD67xCoMp0r81N_dCha3myL6ivK74E8ztjVFgDu-PqPm5RUhZjmvTuJiF1a7TexlANxMcS_t-utQz3swReUzxV47jjPfVuUJXcjTA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzcyNTE0LDg4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDldLG51bGwsMixudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL25hdGFsaWUubXUvIixudWxsLFtbOCwiOHBjaGRVakxRTDgiXSxbOSwiZW4tVVMiXSxbNywiMTAiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
434a27a755df624ef8e96d3cda43be29b48ae812d2c389610acea954251dafd2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KxxzRsIdlknl1hNY4i3F6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KxxzRsIdlknl1hNY4i3F6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7372 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
34004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 23:48:30 GMT
expires
Tue, 10 Dec 2024 23:48:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A15A 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf0cdefb1bbc7eb31eb18ab2263a71dc8c66a209b55b38443f4295992ee2c45d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CGsZibplPy4dxJs4WuRSkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CGsZibplPy4dxJs4WuRSkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:14 GMT
expires
Tue, 12 Dec 2023 09:15:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
18445057837716716778
tpc.googlesyndication.com/simgad/ Frame BB89 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18445057837716716778?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnuFvgTNE-mlVw6WwyaijTy6nVunw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89dea54e9f5622abca99a3046c4658237d041dd74d22c6c3a0bb0981a05fee56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 23:38:44 GMT
x-content-type-options
nosniff
age
120990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31340
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 04:09:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Dec 2024 23:38:44 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB89 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:15:25 GMT
x-content-type-options
nosniff
server
cafe
age
75589
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:15:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB89 		344 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
48737
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 12 Dec 2023 19:42:57 GMT
vevent
sin3-ib.adnxs.com/ Frame 997F 		0
697 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fnatalie.mu%2F&e=wqT_3QK2DfBDtgYAAAMA1gAFAQigyeCrBhD7kpT_y7vu3ikY3NDD_e-l1tc-KjYJiASLXZfngD8RiASLXZfngD8ZAAAAoJmZ4T8hiAQJG_A-KVAlHUMMSPM_MQAAAOBRuK4_MJTctw44zxxAqkpIuANQ777BN1iD1GtgAGiXuIUBeNXUBYABAYoBA0pQWZIBAQbwW5gBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC8vxc6gITaHR0cHM6Ly9uYXRhbGllLm11L4ADAIgDAZADAJgDF6ADAaoD4QgKqQhodHRwASn0yAVwbS55YWhvby5jby5qcC8zL2k_aWk9QTZBa2VHVUFBR2p3UXltZDVKVWNVYm9rZVpNV0xMeVlvRTFhYzYzaWZWNWoyRkZPMEZMdVhsQUxFM3ZWWTBVRUdvc2VNbEdUSUhWU1hvWWc1ZnEydEpoSUJ2RkZtX1l6aG84ajBXOVI4ZWlXM3lqZm9mMHBVTTEwRGdyVlRydlRxc3diUEc2d2g2M1AzSEFlXzVtMWNnUUR4VnRNVGRfenRUWlJiZ1YwZW1INEZ6eVhuT0JjQVpyeTdiRGdPb1lNdGM4ekdudFlBYW1ldzhJRnZaRjRCY0FoWHAyel8wTGdwTGp0VTRYOUtkazRCYkR3MUZpRWZiWUkxb2hiU0l5ZjNnZmFvNjlpelVybk0zYTBaSjcxbFR2YXdZVXFHT3hWMzZadjdjSVNtR2ZzTDdUUTFpSnEzc3JLWDk3MzByWXJ4VWY0M3JXbEtnTENjRkhvVmtsVHRvMW5HTWx1cUZubFotM2JQLVBkd3k2SnkwekZzbzd6VDVQVzhwSGVnazc1LWNldVFJQmZYSWJ3My1ZekR0X3Jrc0lHQV9oZ3kycUdzT2JuVTFvb3BpY1RKQjRSV0gwbEtxOXlDYlJZOUQ2XzV4NGdUd2xfSWlmSEROcTJBSWtHMU5jVDlFRlllTTFtTTBrM2kyQzNhY0xIQjE2T0VCSzNTYUM5OVpoS21iMnBBLUk4cGF5UkJNVnZCZXlIQ2oteXo0aWJ4NG5PMWRRZEE2aVM1dzhYVGg1dTBaZVlpcTRKWDRjdS03T25rUWtrdGNMTF8xQ0ZvTEVpNFpQdzNHNzVoVlNHX2JlWVRwMXdBMi1sS0ZBRXdLcVY0ZzRCZ1MzdF9aUTg3RWRHUE1TWGRTZS0yNzBPT2txSThnazFleUMtQTBMQ21qNGQtYndCbjFabldtTk5vc0FWZXNxdkRQOUFFTnh4Wk5FcGNwUlhGcnRMdFk2NjNBbnVIOU9uZGhrSm9KczFNbG1SZE9nUnljOXVNQks5cVVseDM3YUloOGtzdlh1TmdsbVlPeV83QzczaDh4R2pPOURESkZ1QVh3YTNySjl6MXdlS1E5NFZqN2o3ZHNSRm5KcnpYRTBRbGxmVUJUa1pWdFFRUDdhdkVFWUN4eDJFX29mY2RFa1ZXYURiUFZoTXR6TFBXbWE5VTV0YkI3dnROa0t3VlBXWFdabzlBOTVERm40RVpuaV96RGdEMDRSUFQxSzdRM2g0ZU05Z2cxaEJuaDh0ODctRTJiS0J2a0NiYzk5cVpBaTJEWms3QTRFVVVGREVkaFQyT28xLW9GelJjeFVuWmN6ck8xU0JGekxxSkFGVTd2eV9ubjZNM1VGdy1ScVFwNi1lRHcmcmF3X3JhcD0ke0FVQ1RJT05fUFJJQ0V9EgExGhMzMDA3NzY0NDgzOTE2NzYxNDY3IgkxMTY0MTYzNjcqBDk1MTQ6CjE0MjkyNDI0NzjAA9gEyAMA2AOv9zvgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xNjCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBO--wTeIBQGYBQCgBfKHicXhqNqFUsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaPARfoFBAgAEACQBgCYBgC4BgDBBp1oVyHlP2JA2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAfV1AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB--6GYoIRwpDAAABjF1PEQApvbncv-UJe631gWjcf7YREfCGow3_QsjQGpV7ttHedptw5s6wRQzqzvfBDu5thKc-wDYpwUknyFHjuxABlQgAAIA_mAgBwAj8Q9IICQjz_987EAAYAA..&s=e7d7000a271d323a45473c0d31a74e45098727e6&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4844091301208287466&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=30273044&sw=1600&sh=1200&pw=300&ph=254&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
641972f3-5f69-46b3-9042-c18c225773a9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7923 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW4nX7cLWeOZMxZBpDnIcC0xpBcmw02cf2g7gz9Sa6She2pUfxgjuonTXMp79djSKS5gbAK5Ue7FV3f1uqkSGNdQCQ2K67d-gwGC3p63VnoE8UHmA0xvKvhk9ci-0KiSV2X9O85ejiscvQx1RuCW4_ftLIoavRivSgjxMLBen8S6byZwiv9Ozpe7kjSdFrwV0ma0sZgonZCs4gcQoyyb797hUgnlN-FKjRWUqWctTaiH3E5-Ej_4_5-dzXyt9FZUQenB6sCeXWsuh3lU4U9IY8gyO0_M9qr15dA43p9buxRWHfxBgukmbQ33-apITW2WggL3ujzJNHKQRXfhIcTBWAHzmOh18lqGzc-cj7-VcW&sai=AMfl-YQRfi-_VgvnEeP2fJdf_Mf_7ewR7-iupvMmdqXTF6MmtwMK1qvIWJI2oUMSr341Ug71v5kXmpci6tNclWFdpZbFo2QzdaBXK7bBDQn9jeJ6i97mrWCpa6JGZhP9cLdeG5rsba-l8rSaQX7dBim6sbg&sig=Cg0ArKJSzBEUc87MmV_qEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 09:15:14 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Dec 2023 09:15:14 GMT
tpid=a6b4b97d-1126-4b61-a008-7d9bbf01a817
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 92D7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=dd93b491a021a2eeb22b626d71ceeb73&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Da6b4b97d-1126-4b61-a008-7d9bbf01a817%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4516927009669048412&pt=a6b4b97d-1126-4b61-a008-7d9bbf01a817%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a6b4b97d-1126-4b61-a008-7d9bbf01a817
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a6b4b97d-1126-4b61-a008-7d9bbf01a817
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.11.149
content-length
49
expires
0

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a6b4b97d-1126-4b61-a008-7d9bbf01a817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 92D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.215.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
qmap
sync.crwdcntrl.net/ Frame 92D7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160&gdpr=0&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.15.14
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590$ip$146.70.201.160&gdpr=0&gdpr_consent=
Date
Tue, 12 Dec 2023 09:15:14 GMT
Connection
keep-alive
Content-Length
168
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 92D7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=ZGQ5M2I0OTFhMDIxYTJlZWIyMmI2MjZkNzFjZWViNzM&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rand=878243237
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/ Frame 92D7
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=878243237
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=878243237
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=878243237
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.10.111
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
719aaeec-14a9-45f5-bffc-79ad0960226d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=878243237
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d4b4056c-9cff-4981-a11a-66e4858998e2/gdpr=0/ Frame 92D7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d4b4056c-9cff-4981-a11a-66e4858998e2/gdpr=0/gdpr_consent=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d4b4056c-9cff-4981-a11a-66e4858998e2/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.22.193
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d4b4056c-9cff-4981-a11a-66e4858998e2/gdpr=0/gdpr_consent=
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Kestrel
content-length
249
v3
id5-sync.com/gm/ 		697 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
33162c7518751a15ae6af0de3ac0314d9c785e1fcde09bcf9528881343a2a754
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D95 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BW6j8oSR4ZdjkFrjt7OsP5qCmyAsAAAAAOAHgBAI&bg=!k5ClkN_NAAY3kmNgF5I7ADQBe5WfOKadXY1jMJ7F-4IIYvDt8uqrAXqiDVgRBp8abqHg4YjwBgaRd2TuvmxSY1hv35q4AgAAARRSAAAAAmgBB5kDId0AOdL9rNtTJInSBsWTC2x7z3Csfj5SLu6lSaLGlB_Brd759wMr_9QMyiIkdEra7zjD5JIlWMOMn1i5OqzEIgh234sNln8DCDyM4HfkBoHgF4noE9L4WECN4R1okuJHZq5mZzMpTmx5MZO6AaPG-YuZHe-4UxOk9yNqpQGY4_JbGhfEX8RHjBQv78CqCT4nzdMQ8YiN9Nlcwz2HcCiVF-geoWQ-Asnqr1tM-f4cwPRjHvC4ii1LJkuZxdIK3DO1KMwtnUY2CsJnUIMVRNh1cCTVMZVjwDOB9m-kdJOuGNbrGS4kHRH8KGjevGqdWFQFxnVZlsSc9xFJS8o1uB-xEKBOo82CY58wdPLE27wvRQMny2ZntNS5uvkoBXNyrQZdYWXqjG-pbca_UVluSgaVeLL1oQRjsI4e4EvdtBrICX8W97cH7hd60aoP0Qk6aNUimVYBOu93s4sqP9zSpGueAIFHk2hcK6iM5stanZIT3HC6yhb8kRSw5jDcrROYEVrmSaRBrXmjHZpqLKbbW1DllGfmxetg0F21cdcTc5fFdw78fy6MRSfSrVI90wkqEaUH97WeiEiQiN-EhjUqCgT1-KlmzONOxdMd_DDbQ6mB995huk9VPiBrykq_delpqtf70rfFfS37IkplzKO4LCVK9Dse-QBcXj646zJ_2UPXWF-U9SUzOYx7MZgzCnEoPPGhYVLxlVa2dLK2MX2P9wFig5gYM-NPZ584sIvEAQ0GudCjL8_BG8CsHmKroX2_dp8KmeIaMvBUi0uTmShp_DuUBDrbRJdIeeYKgZ6St_sZYuDEuFCPFBztaLyvRPbQTsf9DJCbVmaUvSwW7at4kg_vG-6NnqC7GcVok6-0SZKkS3EHKzOz3EYrbS1DA7ZPpNQkuTz1zXkLI-6Io_fCtqUXGpFQnK3FHbu6TJCVMBNOUqjqxEobi8TydVgxss7P9Wl2Eoxdl3hufjf6eTuplvoAYgnTcF3L47A4HKiF4fHI26r92HksHx9806OEZANNqpuJE1fEnF4GTZVQoEwQLuqh22k-QZE3ipaqyezuMOgbeSOytg
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4A89 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48654
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:14 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
log
pp.d2-apps.net/v1/a/i/ Frame BB89 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pp.d2-apps.net/v1/a/i/log?client_id=150&campaign_id=3295&segment_id=103738&c_1=smoj-brand-headphone102-202307&c_2=103738&c_3=other&ord=1284592580&cbvp=2
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.29.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-29-35.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
last-modified
Tue, 12 Dec 2023 09:15:14 GMT
p3p
CP="CAO CUR ADM DEV PSA PSD OUR"
content-type
image/gif; charset=utf8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
cross-origin-resource-policy
cross-origin
content-length
43
expires
-1
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Dec 2023 09:15:14 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BB89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBI6FoSR4ZdWpHOOlid4Px86MmATLiu7hdKSV64XKEc3cmI0HEAEg-IGERGCJ88WE9BOgAdT3kMApyAECqQJK7pyu9oI9PuACAKgDAcgDCKoEoAJP0OpmNhrmfc9nkBQo_ie6tNigD5qZ1HyhhroG82Ll27eD-qW6c3C82uKA0kgeE24Op1HslPIuUepKFuqQ8fUd8f8OT9PsfzV8HtbLvUEtguWv-3_BuQhfKHXxU_UrMv3aOMuIRkDmdk3JVwqyyBO2ZDeV08yKP0pJWWIkBW8suo2XtMIPloXQ2pJ2-K4_QAQy_MJWd4jqGm1XIojHdOhFmYeXlV445ydYk5_PT5AwKlc35qrnWD3PSR5L5Dy8m4PlVK2oZHcGWDX-UZ3MXe3OY_attsGfCrCnYqcCTCFYpAkVK44UNViT7xQwku-onYQJO7-_oCgDLBWGVC4wPnpcCZczI-4a6s5LS3_q0V4UN8t4g7SLkzKum87JQ34Io9HABPzomNDUBOAEAYgF9565_0uSBQQIBBgBkgUECAUYBKAGAoAH1K_hnwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD-mgzSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WJLop-fHiYMDmgnMAWh0dHBzOi8vd3d3LnNvbnkuanAvaGVhZHBob25lL3NwZWNpYWwvV0YtMTAwMFhNNS8_c190Yz1qcF9hZHZfYWRfaGVhZHBob25lMTAyX0RfMDItMDMtMDFfaWNfcGNfYmFfMDAxMjgmdXRtX3NvdXJjZT1hZCZ1dG1fbWVkaXVtPWFkdiZ1dG1fY2FtcGFpZ249c21vai1icmFuZF9nZG5faGVhZHBob25lMTAyX0RfMDItMDMtMDFfaWNfcGNfYmFfcHJvZHVjdC1wY4AKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC2gwRCgsQ8IHwt4u41rGBARICAQPiDRMI56mo58eJgwMV41LCBR1HJwND2BMN0BUBgBcBshceChwIABIUcHViLTQyOTY2OTI4MDE4MjA4MTgYgIUP&sigh=NMkJB2a_0eE&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_5qJdaUpu4pijc1eNaKDzZSJvc49oBbjK4eQAkJ9L6Oz2pwEFbS69Ma365iKGuuDqnsR0YiNOzQt1koOiekngHRZPEBTuAdy6ZrUYAQ&cbvp=2
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
AGSKWxU2MY-WaIi4KiL1W4J0YOGJg6qFGW0edd-dy6VeEuTpsMT__L6ZK9rZTt9u-AwwToK49UWexcgsEhT_SA0AyT1TFSmuVVWxCDeOEj17gaA_XnqloaBjSYqu1vaPyoFNrocNq5f91g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU2MY-WaIi4KiL1W4J0YOGJg6qFGW0edd-dy6VeEuTpsMT__L6ZK9rZTt9u-AwwToK49UWexcgsEhT_SA0AyT1TFSmuVVWxCDeOEj17gaA_XnqloaBjSYqu1vaPyoFNrocNq5f91g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8pchdUjLQL8.es5.O/am=wA/d=1/rs=AJlcJMyJPPXdfUDzgHmL28iiKFPfe3vlDg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_Q5zO1gQxZKYXRHfQTnywg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-_Q5zO1gQxZKYXRHfQTnywg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://natalie.mu
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A15A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3734157304128697&rc=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
setuid
u.4dex.io/ Frame 2DE6
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LQ24N1B4-1M-L763
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7372 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
33622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:54:52 GMT
generate_204
tpc.googlesyndication.com/ Frame 7372 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_TBxXA
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E5E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8xnnmXZ9QbhIMeN9fL2_xlpUSFQ_VS3BoVewobbJT_ngAL-72e-aHcuaC4B0CtN1iKSLv7cGFBscaH_-DJNPFcRERXO8MKAgBy3fmbM9mPHbzS84
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9E5E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:15:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E5E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
26483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E5E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
26483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:51 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9E5E 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62114
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=Shift_JIS
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 09:55:25 GMT
ecm3
s.amazon-adsystem.com/ Frame B2E2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQ24N1B4-1M-L763
  • https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FHNF1PPV6JZRWXWCQ0M5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame BD2C 		469 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEN3KJxirroT_ATAB&v=APEucNUuzTnptaCHiZeK27oPu3lzR4X8RbvEH3cuZtoT58Ei9lD974gY2KS-mjvHPNHjTtQZgo_TiibYg5mW0f_1ytc79mygj0Na3z3nwVzrG9X1645lpVY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
199
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:14 GMT
expires
Tue, 12 Dec 2023 09:15:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 2DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyNE4xQjQtMU0tTDc2Mw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCXjkuCrEfZYy6yhIw7kKo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNE4xQjQtMU0tTDc2Mw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNE4xQjQtMU0tTDc2Mw==&google_push=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyNE4xQjQtMU0tTDc2Mw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 2DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DK2EJ39VWERAD8DCPJX1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ24N1B4-1M-L763&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
Expires
0
setuid
px.ads.linkedin.com/ Frame 2DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ24N1B4-1M-L763
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ24N1B4-1M-L763
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C15D1899EF5E45769398238FC250D784 Ref B: TYAEDGE0819 Ref C: 2023-12-12T09:15:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMTH0BCoWt5zBPDDwHDQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ24N1B4-1M-L763
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2DE6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JDGRNK49X2ZD603XQXEJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2DE6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=D1fRjkUaScegken4XV4CMQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D1fRjkUaScegken4XV4CMQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D1fRjkUaScegken4XV4CMQ
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JWEDMFAP3PN7M8YR5N7F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=D1fRjkUaScegken4XV4CMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2DE6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=&expires=30
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 2DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/AsdLqj1B88KN-iDzqaOC7Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-38_jl45E2oJo38OmG8LU5T7Kdl.AqU14S.jvAw--~A
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-38_jl45E2oJo38OmG8LU5T7Kdl.AqU14S.jvAw--~A
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-38_jl45E2oJo38OmG8LU5T7Kdl.AqU14S.jvAw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 2DE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBScyt3trvRxoITBetUVkcg&google_cver=1
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBScyt3trvRxoITBetUVkcg&google_cver=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBScyt3trvRxoITBetUVkcg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmExNDMxYmQ4YTdlMWY1MWMyN2I4ZmVkMzNiYTdlZDlkYWNlZWQ3OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmExNDMxYmQ4YTdlMWY1MWMyN2I4ZmVkMzNiYTdlZDlkYWNlZWQ3OQ
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmExNDMxYmQ4YTdlMWY1MWMyN2I4ZmVkMzNiYTdlZDlkYWNlZWQ3OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame 2DE6 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.153.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-153-230.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
hb.yahoo.net/ Frame 2DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ24N1B4-1M-L763&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ24N1B4-1M-L763&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IMVIwUDZaRTJ1RUlpemZjWE83MUVpelNkQTFqWVlaZX5B&ovsid=LQ24N1B4-1M-L763&dpid=58160
53 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IMVIwUDZaRTJ1RUlpemZjWE83MUVpelNkQTFqWVlaZX5B&ovsid=LQ24N1B4-1M-L763&dpid=58160
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
23.192.45.97 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-192-45-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:15 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IMVIwUDZaRTJ1RUlpemZjWE83MUVpelNkQTFqWVlaZX5B&ovsid=LQ24N1B4-1M-L763&dpid=58160
date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 2DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ24N1B4-1M-L763
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQ24N1B4-1M-L763
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
v1
match.sharethrough.com/sync/ Frame 2DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ24N1B4-1M-L763
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ24N1B4-1M-L763
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
46.137.237.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-237-145.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 2DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ24N1B4-1M-L763
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ24N1B4-1M-L763
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ24N1B4-1M-L763&ckls=true&ci=YDAI3SVs6e&nc=false&trid=-1205121987
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ24N1B4-1M-L763&ckls=true&ci=YDAI3SVs6e&nc=false&trid=-1205121987
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
18.65.185.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-129.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 358f8e46780e3a959fd761293471617e.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Nzfv6DTXy7Xn3SDUB2Xy85RZQOWjn0GktWV6WBWOabWVILPrvNfi0w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 358f8e46780e3a959fd761293471617e.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ24N1B4-1M-L763&ckls=true&ci=YDAI3SVs6e&nc=false&trid=-1205121987
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Bred-uW6_-fNV7FHReJ6tPefpe0cIRBh8ukQpsXa1ViBI09r3mnDWg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 2DE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:15 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 2DE6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ca3e76fb-b51f-4bf3-a414-46e9d3cff563&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ca3e76fb-b51f-4bf3-a414-46e9d3cff563&expires=30
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ca3e76fb-b51f-4bf3-a414-46e9d3cff563&expires=30
Date
Tue, 12 Dec 2023 09:15:15 GMT
Connection
keep-alive
X-CI-RTID
effae0d0-bdd3-4be6-97f7-891c79ca4fed
Content-Length
144
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQ24N1B4-1M-L763
  • https://usersync.gumgum.com/usersync?b=mag&i=LQ24N1B4-1M-L763
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
Expires
0
pixel
cm.g.doubleclick.net/ Frame BD2C
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ODUzZTM5NGFiYzgwNTZhZTg2YWQ1YTBmYTAyMzNlZmM=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ODUzZTM5NGFiYzgwNTZhZTg2YWQ1YTBmYTAyMzNlZmM=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEN3KJxirroT_ATAB&v=APEucNUuzTnptaCHiZeK27oPu3lzR4X8RbvEH3cuZtoT58Ei9lD974gY2KS-mjvHPNHjTtQZgo_TiibYg5mW0f_1ytc79mygj0Na3z3nwVzrG9X1645lpVY
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ODUzZTM5NGFiYzgwNTZhZTg2YWQ1YTBmYTAyMzNlZmM=
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame BD2C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1&gdpr=0
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEN3KJxirroT_ATAB&v=APEucNUuzTnptaCHiZeK27oPu3lzR4X8RbvEH3cuZtoT58Ei9lD974gY2KS-mjvHPNHjTtQZgo_TiibYg5mW0f_1ytc79mygj0Na3z3nwVzrG9X1645lpVY
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyb3LimvYxhuMyCIjTK8LRjhJTFWkmfm4rcp%2Fd4bmxpISp%2FsRThO9CWZgVF9NNtuKRyiJ%2FuJKXSqcJRCcR%2F2%2BoLOpq0y7GgDiMt5q2aHD7P14cfBAlRQkwpnfl%2F96rZiJHk72Wrmp8l0RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344dc9719d62089-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BD2C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXgkoV53WQ1V60EtPPrXJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEN3KJxirroT_ATAB&v=APEucNUuzTnptaCHiZeK27oPu3lzR4X8RbvEH3cuZtoT58Ei9lD974gY2KS-mjvHPNHjTtQZgo_TiibYg5mW0f_1ytc79mygj0Na3z3nwVzrG9X1645lpVY
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4snu9LxPmJL%2B4c2xmOIeIKthTSOFYTGsR6rkYnh72obgXHx78HQgjCAUjfaOHYm4qQKuCGpG3Brkki%2FKwtCKFNMgUycSkvbcznXq5thR4x88bjluT9cZYNKSTWHDt0625dW%2FYUt%2FYkFGFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8344dc9739ed2089-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPxa24V0Fgo-eemSWl3slQs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CB78 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq24n25p&c=7188318330678&slotId=3594159165339&qqid=CO_4n-fHiYMDFdZNwgUdKr0DRQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1930&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.ha~vil.v5&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E5E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7646450099079&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E5E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7646450099079&version=m202309260101&ct=76&x=1&cor=7787917231862537000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9E5E 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGokLO9XXxybTk7k1SgiPrIX28QEp7ww1ovCuEVyjinzN2TxgXk-WHCqo_Zat3OOlpDs6J5y6IVoVpK1-cPD8y91_YwsBXjjGPhAdZzvnR0c8UO2-LOoK6qEa7p1DZKUFH86DDs2nwArkAETnMT8rpZrzySc2efA3x7FnPFovtIs6fhX8&dbm_d=AKAmf-ARBO8PkTHp4GK6S0_VD8N6Urk5FKI7c1d3ob0vncdW62kZEaB7C54DMUWg4KfBrerVLfJffJjZ3TaVQ8sFqaCeoZJmqtRaSBFLLS0Hnox_-w4IdmLECF24FXd9eU8D4udXjWwfeWD1g7ayyke1-0fwTg_yUxlfHZlydcZTYSpd-D3VY6BOalTI2swp5WGrePC5Un-bBuuUEa07jihiiuXziBcMvXqFW7uuEOlr0l7Y8a5-3uh-JXSUMZCk8tDHjoezGqm2bVT4mglnZY4d5ReorTrp7OKzv2OWRysIlNP-8X_5JQtZLf3L5jGCWJSzeeVtpyMAV_ZOalIfT75DF_FyQk3bvUsyH_RynP4xr4d1_mvBYA21_qiZF5nyvkTgRi-2UGS-xhWAJiHNn-Bp_E095XB0JZG6YFar4HfpdRLmw5-oE1QADVIH1c9QRAC8tWWyoIbWjwEEzEjv0NBKKUFeMtBWEwtBLn8o93Oc6RHEuePI3r8UUzvj3XW2UScM_eiAmnMEK0Baw_9hT0-_0l5WKElNsLLuT7rIUnyrizz7-cJWaD-ecgSmG8lXC550-yrkrunayHGIcPjgACDQFPT8fqc3cxXRXhymzP-YlcKe0XmU2jAT2JN732LXySOF_5c3X0nw70aZCovHiKf5EBs-dywLvsqfThk3ntKQA6orsOF7ICf8JiyEiprI4maJw56pOhqVwD7voEfYQMw9-WnkQri1xaC5vWdsgqpXFWDSZmtya-chHV1mVT7Itoo1y-ik58BBoG8gWjvezKTs4s8pt_mNtJQBoAsX5CNOmZo0fnLq_AeBGEHUbY6vbkUr0ILRBgk7DoGvzPIxAZUObEg5Lx18SjBPbsvJweHsawRdLANoDN27xWToUa550k8kH6Jtz8AErM3EhfRgPztWBShXOPL1HHIJRJedErfLevrphoJDtsS0A-f47epGspnTxXbS0kp19aYnA1epIk6B-W6aOBd-yXOLlTKYhCXXTikA9Y8MZWK3YTVDGBPuZLNBdlsvPSPfNXf8KzHUDYFEzUXG96Ti-IkKAGuObQpbUSs9WNvzJhFl7UNYvHpSwcNZJ2ijX8ukJMLdWI7iqMexzrEChbRux_V935vrV9--IgqHIE2gZxevllPGFXLJawgrvWz-YmrHp9GrQp0VU3YmvvFSy-UWND_oN4ikOBBMkhfpjXCFVDTKZrMJUBlJV1EiMjwBRcSANElyHt825zHeLoI5JdRU_fNd1dK2TjJWK-h3bYWYycWaJUdLUOo-BXXrvGXzpnoH5UkYewHLOYzadEBS4qaTfEmVJbPB5c1trkXeDI2gUfGQivkeY9EmPJew1ybX4hLRRYETeGWhB9jhKywon9fdrH6wdS4aTZ6EVYaiFNaHmtd4Np9VnHktwKLyeGwc1XFEm_VNKWBYd4ezT9l6OFijZsevFzHUKol8xruENn5qCC3MEFYYJq0_PWDsPD4EwdLB1MTAtbnAKvfS0-tuS7zEgnvK7AqMkbkxysvkJrPGs2yw0FIZg5yumHa0-H86iXBp504wgdu0nTcktrmt7OzEuVnAtk_ISWpN2Xd6qPmQHPqYtlZSnaoQKEqcJ8LIqOluWvIuvsFW475GqX7388CfilkaQD8-s9uJM1Sy4JdcNaieTFXxtm2ZFhygetZ5udAeg0kBzkBa5oxSW47GNOXY1_4SQq51LtUpR9c4Cv5AMVMVEX4zoIBQpMm0esLZ_MuqDVwuNk69pM0I3ImuuuxM5wuYyNBq1AVspvrhi3LWYvLj3EDuBVw-E7YzSMFfT8rqnYgsldEgXopXIRmiXlj_mPlkZZJEQc9EXI6IdkJv5CDARoOAkdBZcW-S7xvpqsReCrRBFrHyaf6SPu_KoL3lTZV9mce9IX0tLYW8sdnUtG8JTwcQ-joe4jfvOgWzBM-H1rA3IJRu8PeIaMj9-3z2gVJgr6SKZlWqU-F5wb5SUx5n8yclzXUJQGx3Gr2hv5QavM7zThPVcYDdzCcEotelAk9qPTK2zbzRs_WNVnb8nSuVhoEOeLf_VoGXM1464ozy_jj5wRrVXW8EpaOfAFGJv9zxES8mAqk1vPDHCZx3K1E5k-QhNjt4CNa0ef51sIt7iY5iySHKe0er3JPgsz8yQfINA5iinFvoZkaC9yXFNmFFwilzPd4SIutM8UhnG-f7UrS3EaPVtI2qgm1H1pUO6MlK36t5sW3UrnDrXKc4KZ8_Znfjle4E2fx56RjKb657NymfF1Z_Vn0aw8dww_FbIMhshAiusRIJRFjRPeHYhAjJnFEdNgbHezYeuAFUtFVBk0ZNF_h7EHwY1h9i8TC-k7NzQNrWfd-JxaBUOjuHrNJIX_qd4mHOWg_qAvOoomrkPIXDmPzz2kyn9WllgVciIiSMB4BvOCmh5GBxeiAQ7cyHvd1nyUSZFH77Jj-5Fh-jSaAlBeIHan40nTM0yw-Ut6Wi8UsNYhruRiZUuaoPAKOweYNfEWPu5HeiCUE7fwyg57g0SpRlsHiEyS2dn0fjoeUHF4KEfeXo8CLHSU4vh4xPhPeuAQuq32fTXQIMPkO-7TLrCuwl-WGR8-e5Q5N6Z49I14IWahB4SQoOftFUI2NRpV2U9XuhHnoNa7VbLSeiYgsganf-3KELJdWd3AZLdCbf4loMKzHYoCugoN9qqjHOzDJS_tKwXg2aOz5mTdB409KWONKJeD-17tf3RN2tkFrQ-joGwkSPfaI6BjxEDE1w1YerVNog9th7RzjcXUXTA8ufvYGcTi0AoZ4g4Y5z_lG8AX5scZGtjw-cvIEbUMAD9KUB39tavn3LrNFdlF4d9IcK09pu9z4PO1KWZlCdjutRpD6O_xB8QfFVKjCpnb_sI5iffRf4PKwt9PdCQA_Z7MX0b_g9tn98A3i1m_CCIxTIRwh9z_XBDBHeUcRy0GFeM2pD5HHAIy2og2HUaQB57sCQhC-UNqBEBL_u0dZlUY74jBLwAVbKs4G4h3LH8ahmM_Nih9A96OK9LvbHLQMNXMEl9fBBbYXJgBhM6hRMWsY80ivCx7o-A-m3NzupZghxO1Wt0ClHI12qpXMBO3wzb5mt6zd-LE55t_pS_ZKqkPl5JzCphoviipM4hvQH4kZ0_LGh5bCcccupIuKOALvEgrRmLhdC9MIP7hYjorB9ZiSKBAU-8bYisRxCeQtlBssoSOQdlXTCabzBvX0YSsUKQLG5fe1S9lf_j8DxXm4Fy2eGnRlejmoZeVwdjDPJeD6FGMsA1GX-oMkByRhG3rIDuuqbdpSsIibW0IS0h9FspF99kizkDckg2iR7GJgIzoIr7kP4bzAz_27iV07DWKLEMICcQwZPm-lOiVlK3CgbhSnou0SkV2uZuWWz1Q_wWkxCVsawPOmUpORAcUey2_EUO56rm6IxU5xNs12IlR-dFivekIUrTUJLMnagKoLCBC6nRfB33CC4L5HFb8zdiQ5Or7fwh5JPXF4kUZTXyStixFypG4Uyok8FrkN3lG9UlxbJTb73bdTxlCwU_eitaWRmonza3_8SRa-VthLZejPTy631FRvgG-TH_7-YtlkZ0PEt_lQZS3VJ56WmIZwg9Ddz&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnatalie.mu&ds=l&xdt=1&iif=1&cor=7787917231862537000&adk=2598027411&idt=82&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a38abfa305ffadc6906662b8c99423293bf1b510c16a818d2a3c2186062af378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23841
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame B2E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQ24N1B4-1M-L763&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQ24N1B4-1M-L763&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQ24N1B4-1M-L763&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8344dc9afed2266a-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Dec 2023 09:15:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQ24N1B4-1M-L763&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8344dc99ed8c266a-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame B2E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
a7f13a5f-3878-4479-8af7-2633ac18762d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame B2E2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ24N1B4-1M-L763
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ24N1B4-1M-L763
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=92cf34d5-393c-4dd6-ad7e-8e530fc660d1
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=92cf34d5-393c-4dd6-ad7e-8e530fc660d1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:13 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=92cf34d5-393c-4dd6-ad7e-8e530fc660d1
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3013746
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6265997732731674459
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6265997732731674459
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6265997732731674459
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=897b0308-2811-4258-afd7-61ff7b617d44
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=897b0308-2811-4258-afd7-61ff7b617d44
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
track007-sjc
pragma
no-cache
date
Tue, 12 Dec 2023 09:14:04 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=897b0308-2811-4258-afd7-61ff7b617d44
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA
Date
Tue, 12 Dec 2023 09:15:14 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Rubicon
s.seedtag.com/cs/cookiesync/ Frame B2E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ24N1B4-1M-L763
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2967119334666753022&expires=60&gdpr=&gdpr_consent=
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2967119334666753022&expires=60&gdpr=&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2967119334666753022&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4516927009669048412&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4516927009669048412&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
ca46bc6e-07cb-4dde-a23a-59130ac6e6e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4516927009669048412&expires=30
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=5513885832
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-AFs737hE2oXNba3h9T02qyXpV6ECOWgLEYxh~A
  • https://sync.1rx.io/usersync/verizon/y-AFs737hE2oXNba3h9T02qyXpV6ECOWgLEYxh~A
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-f6e80dd6-6e04-4a...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004&expires=30
date
Tue, 12 Dec 2023 09:15:14 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf6e80dd66e044aa18622d13d77f432d3004
content-type
text/html
esync
token.rubiconproject.com/ Frame B2E2
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
s2s.t13.io/ Frame B2E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
86 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame B2E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ24N1B4-1M-L763&name=RUBICON
49 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ24N1B4-1M-L763&name=RUBICON
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
39
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ24N1B4-1M-L763&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame B2E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ24N1B4-1M-L763
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
54.183.183.27 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-183-27.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
Expires
0
cs
cs.minutemedia-prebid.com/ Frame B2E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ24N1B4-1M-L763
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.38.45.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-45-160.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
Expires
0
match
events-ssc.33across.com/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LQ24N1B4-1M-L763
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ24N1B4-1M-L763&ts=1702372515&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ24N1B4-1M-L763&ts=1702372515&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQ24N1B4-1M-L763&ts=1702372515&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage
  • https://cs.yellowblue.io/cs?aid=11590&id=LQ24N1B4-1M-L763
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.215.54.7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-54-7.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
sync.targeting.unrulymedia.com/csync/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly
  • https://sync.1rx.io/usersync/rubicon/LQ24N1B4-1M-L763
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ24N1B4-1M-L763&obUid=&initiator=
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ24N1B4-1M-L763&obUid=&initiator=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
38.133.127.31 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:15 GMT
Cache-Control
no-cache
X-TraceId
ca7578670366e040c404fe418027c2ed
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ24N1B4-1M-L763&obUid=&initiator=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3845 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
60909
i6.liadm.com/s/ Frame 3845
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ24N1B4-1M-L763
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ24N1B4-1M-L763
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:19cd:1b39:81f3:b82c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ24N1B4-1M-L763
Date
Tue, 12 Dec 2023 09:15:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
143
match.deepintent.com/usersync/ Frame 3845 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-length
0
server
c
tap.php
pixel.rubiconproject.com/ Frame 3845
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXgkoQAGWdaM5gBH
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXgkoQAGWdaM5gBH
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-nrt-rjtf7700057-NRT
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702372514.477223,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZXgkoQAGWdaM5gBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
bridge
cm.adgrx.com/ Frame 3845 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.118.249 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Cowboy
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
aws-apsoutheast1b-delivery-2
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 3845
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA1DE816A79C4D878295157B03978D9B&expires=365
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA1DE816A79C4D878295157B03978D9B&expires=365
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5a1ada9cce9036d4571776c901dc3c47
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA1DE816A79C4D878295157B03978D9B&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 09:15:14 GMT
tap.php
pixel.rubiconproject.com/ Frame 3845
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=38f016a9842122ad&is_secure=true&networkId=12783&version=1&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMBFIlXbaD-wMLsP7KAAAAAAA&expiration=1702458915&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMBFIlXbaD-wMLsP7KAAAAAAA&expiration=1702458915&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
187e82019178d54b7a252bfda4b0880c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMBFIlXbaD-wMLsP7KAAAAAAA&expiration=1702458915&nuid=XKozjaYDaOD7Dz_dO0t5QoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rubicon
tr.blismedia.com/v1/api/sync/ Frame 3845 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Rubicon
crb.kargo.com/api/v1/dsync/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ24N1B4-1M-L763
43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.250.150.236 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-150-236.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
sync
usr.undertone.com/userPixel/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ24N1B4-1M-L763
0
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
99.84.133.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-72.nrt57.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 12632bbc89afe55228d7f1ab9e5993a6.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
content-length
0
x-amz-cf-id
ntFqFiPtEksHNR6EndMhPMf3OMFRDuUMsxOJPn75nK7pN1v3J4KRIA==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ24N1B4-1M-L763
0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
setuid
prebid-s2s.media.net/ Frame 3845
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
86 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ss_gg_yj_p1_n-index_pm-db5_rbd_rx_n-MediaNet_ox-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
content-encoding
gzip
via
1.1 google
server
envoy
content-type
image/png
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
alt-svc
clear
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
loader.js
video.seenthis.se/public/tag-loader/2/ Frame 9E5E 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.seenthis.se/public/tag-loader/2/loader.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGokLO9XXxybTk7k1SgiPrIX28QEp7ww1ovCuEVyjinzN2TxgXk-WHCqo_Zat3OOlpDs6J5y6IVoVpK1-cPD8y91_YwsBXjjGPhAdZzvnR0c8UO2-LOoK6qEa7p1DZKUFH86DDs2nwArkAETnMT8rpZrzySc2efA3x7FnPFovtIs6fhX8&dbm_d=AKAmf-ARBO8PkTHp4GK6S0_VD8N6Urk5FKI7c1d3ob0vncdW62kZEaB7C54DMUWg4KfBrerVLfJffJjZ3TaVQ8sFqaCeoZJmqtRaSBFLLS0Hnox_-w4IdmLECF24FXd9eU8D4udXjWwfeWD1g7ayyke1-0fwTg_yUxlfHZlydcZTYSpd-D3VY6BOalTI2swp5WGrePC5Un-bBuuUEa07jihiiuXziBcMvXqFW7uuEOlr0l7Y8a5-3uh-JXSUMZCk8tDHjoezGqm2bVT4mglnZY4d5ReorTrp7OKzv2OWRysIlNP-8X_5JQtZLf3L5jGCWJSzeeVtpyMAV_ZOalIfT75DF_FyQk3bvUsyH_RynP4xr4d1_mvBYA21_qiZF5nyvkTgRi-2UGS-xhWAJiHNn-Bp_E095XB0JZG6YFar4HfpdRLmw5-oE1QADVIH1c9QRAC8tWWyoIbWjwEEzEjv0NBKKUFeMtBWEwtBLn8o93Oc6RHEuePI3r8UUzvj3XW2UScM_eiAmnMEK0Baw_9hT0-_0l5WKElNsLLuT7rIUnyrizz7-cJWaD-ecgSmG8lXC550-yrkrunayHGIcPjgACDQFPT8fqc3cxXRXhymzP-YlcKe0XmU2jAT2JN732LXySOF_5c3X0nw70aZCovHiKf5EBs-dywLvsqfThk3ntKQA6orsOF7ICf8JiyEiprI4maJw56pOhqVwD7voEfYQMw9-WnkQri1xaC5vWdsgqpXFWDSZmtya-chHV1mVT7Itoo1y-ik58BBoG8gWjvezKTs4s8pt_mNtJQBoAsX5CNOmZo0fnLq_AeBGEHUbY6vbkUr0ILRBgk7DoGvzPIxAZUObEg5Lx18SjBPbsvJweHsawRdLANoDN27xWToUa550k8kH6Jtz8AErM3EhfRgPztWBShXOPL1HHIJRJedErfLevrphoJDtsS0A-f47epGspnTxXbS0kp19aYnA1epIk6B-W6aOBd-yXOLlTKYhCXXTikA9Y8MZWK3YTVDGBPuZLNBdlsvPSPfNXf8KzHUDYFEzUXG96Ti-IkKAGuObQpbUSs9WNvzJhFl7UNYvHpSwcNZJ2ijX8ukJMLdWI7iqMexzrEChbRux_V935vrV9--IgqHIE2gZxevllPGFXLJawgrvWz-YmrHp9GrQp0VU3YmvvFSy-UWND_oN4ikOBBMkhfpjXCFVDTKZrMJUBlJV1EiMjwBRcSANElyHt825zHeLoI5JdRU_fNd1dK2TjJWK-h3bYWYycWaJUdLUOo-BXXrvGXzpnoH5UkYewHLOYzadEBS4qaTfEmVJbPB5c1trkXeDI2gUfGQivkeY9EmPJew1ybX4hLRRYETeGWhB9jhKywon9fdrH6wdS4aTZ6EVYaiFNaHmtd4Np9VnHktwKLyeGwc1XFEm_VNKWBYd4ezT9l6OFijZsevFzHUKol8xruENn5qCC3MEFYYJq0_PWDsPD4EwdLB1MTAtbnAKvfS0-tuS7zEgnvK7AqMkbkxysvkJrPGs2yw0FIZg5yumHa0-H86iXBp504wgdu0nTcktrmt7OzEuVnAtk_ISWpN2Xd6qPmQHPqYtlZSnaoQKEqcJ8LIqOluWvIuvsFW475GqX7388CfilkaQD8-s9uJM1Sy4JdcNaieTFXxtm2ZFhygetZ5udAeg0kBzkBa5oxSW47GNOXY1_4SQq51LtUpR9c4Cv5AMVMVEX4zoIBQpMm0esLZ_MuqDVwuNk69pM0I3ImuuuxM5wuYyNBq1AVspvrhi3LWYvLj3EDuBVw-E7YzSMFfT8rqnYgsldEgXopXIRmiXlj_mPlkZZJEQc9EXI6IdkJv5CDARoOAkdBZcW-S7xvpqsReCrRBFrHyaf6SPu_KoL3lTZV9mce9IX0tLYW8sdnUtG8JTwcQ-joe4jfvOgWzBM-H1rA3IJRu8PeIaMj9-3z2gVJgr6SKZlWqU-F5wb5SUx5n8yclzXUJQGx3Gr2hv5QavM7zThPVcYDdzCcEotelAk9qPTK2zbzRs_WNVnb8nSuVhoEOeLf_VoGXM1464ozy_jj5wRrVXW8EpaOfAFGJv9zxES8mAqk1vPDHCZx3K1E5k-QhNjt4CNa0ef51sIt7iY5iySHKe0er3JPgsz8yQfINA5iinFvoZkaC9yXFNmFFwilzPd4SIutM8UhnG-f7UrS3EaPVtI2qgm1H1pUO6MlK36t5sW3UrnDrXKc4KZ8_Znfjle4E2fx56RjKb657NymfF1Z_Vn0aw8dww_FbIMhshAiusRIJRFjRPeHYhAjJnFEdNgbHezYeuAFUtFVBk0ZNF_h7EHwY1h9i8TC-k7NzQNrWfd-JxaBUOjuHrNJIX_qd4mHOWg_qAvOoomrkPIXDmPzz2kyn9WllgVciIiSMB4BvOCmh5GBxeiAQ7cyHvd1nyUSZFH77Jj-5Fh-jSaAlBeIHan40nTM0yw-Ut6Wi8UsNYhruRiZUuaoPAKOweYNfEWPu5HeiCUE7fwyg57g0SpRlsHiEyS2dn0fjoeUHF4KEfeXo8CLHSU4vh4xPhPeuAQuq32fTXQIMPkO-7TLrCuwl-WGR8-e5Q5N6Z49I14IWahB4SQoOftFUI2NRpV2U9XuhHnoNa7VbLSeiYgsganf-3KELJdWd3AZLdCbf4loMKzHYoCugoN9qqjHOzDJS_tKwXg2aOz5mTdB409KWONKJeD-17tf3RN2tkFrQ-joGwkSPfaI6BjxEDE1w1YerVNog9th7RzjcXUXTA8ufvYGcTi0AoZ4g4Y5z_lG8AX5scZGtjw-cvIEbUMAD9KUB39tavn3LrNFdlF4d9IcK09pu9z4PO1KWZlCdjutRpD6O_xB8QfFVKjCpnb_sI5iffRf4PKwt9PdCQA_Z7MX0b_g9tn98A3i1m_CCIxTIRwh9z_XBDBHeUcRy0GFeM2pD5HHAIy2og2HUaQB57sCQhC-UNqBEBL_u0dZlUY74jBLwAVbKs4G4h3LH8ahmM_Nih9A96OK9LvbHLQMNXMEl9fBBbYXJgBhM6hRMWsY80ivCx7o-A-m3NzupZghxO1Wt0ClHI12qpXMBO3wzb5mt6zd-LE55t_pS_ZKqkPl5JzCphoviipM4hvQH4kZ0_LGh5bCcccupIuKOALvEgrRmLhdC9MIP7hYjorB9ZiSKBAU-8bYisRxCeQtlBssoSOQdlXTCabzBvX0YSsUKQLG5fe1S9lf_j8DxXm4Fy2eGnRlejmoZeVwdjDPJeD6FGMsA1GX-oMkByRhG3rIDuuqbdpSsIibW0IS0h9FspF99kizkDckg2iR7GJgIzoIr7kP4bzAz_27iV07DWKLEMICcQwZPm-lOiVlK3CgbhSnou0SkV2uZuWWz1Q_wWkxCVsawPOmUpORAcUey2_EUO56rm6IxU5xNs12IlR-dFivekIUrTUJLMnagKoLCBC6nRfB33CC4L5HFb8zdiQ5Or7fwh5JPXF4kUZTXyStixFypG4Uyok8FrkN3lG9UlxbJTb73bdTxlCwU_eitaWRmonza3_8SRa-VthLZejPTy631FRvgG-TH_7-YtlkZ0PEt_lQZS3VJ56WmIZwg9Ddz&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnatalie.mu&ds=l&xdt=1&iif=1&cor=7787917231862537000&adk=2598027411&idt=82&cac=0&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1ab13ebcd248d6428f56396352cd47366821adb58d0f811d3e5d8e13b0c4d08
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
j5V03q0rhbbdDzsg_qWsw4ks9xEojYfi
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
2HA5X8SHY65FNJMC
age
346796
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests
x-cache
HIT, HIT
content-length
7410
x-amz-id-2
GDGvSFdS2a7N45JGJoWMUJk+pi48MuU8Gnq0wsweS71fPvTiWjeJiytWlBMhj3WyUj83g+G4sWk=
x-served-by
cache-lcy-eglc8600036-LCY, cache-nrt-rjtf7700053-NRT
last-modified
Fri, 15 Sep 2023 06:27:47 GMT
server
AmazonS3
x-timer
S1702372515.583126,VS0,VE0
etag
"f57fc8864329a942c44e66d6854ba325"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
13, 136182
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9E5E 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGokLO9XXxybTk7k1SgiPrIX28QEp7ww1ovCuEVyjinzN2TxgXk-WHCqo_Zat3OOlpDs6J5y6IVoVpK1-cPD8y91_YwsBXjjGPhAdZzvnR0c8UO2-LOoK6qEa7p1DZKUFH86DDs2nwArkAETnMT8rpZrzySc2efA3x7FnPFovtIs6fhX8&dbm_d=AKAmf-ARBO8PkTHp4GK6S0_VD8N6Urk5FKI7c1d3ob0vncdW62kZEaB7C54DMUWg4KfBrerVLfJffJjZ3TaVQ8sFqaCeoZJmqtRaSBFLLS0Hnox_-w4IdmLECF24FXd9eU8D4udXjWwfeWD1g7ayyke1-0fwTg_yUxlfHZlydcZTYSpd-D3VY6BOalTI2swp5WGrePC5Un-bBuuUEa07jihiiuXziBcMvXqFW7uuEOlr0l7Y8a5-3uh-JXSUMZCk8tDHjoezGqm2bVT4mglnZY4d5ReorTrp7OKzv2OWRysIlNP-8X_5JQtZLf3L5jGCWJSzeeVtpyMAV_ZOalIfT75DF_FyQk3bvUsyH_RynP4xr4d1_mvBYA21_qiZF5nyvkTgRi-2UGS-xhWAJiHNn-Bp_E095XB0JZG6YFar4HfpdRLmw5-oE1QADVIH1c9QRAC8tWWyoIbWjwEEzEjv0NBKKUFeMtBWEwtBLn8o93Oc6RHEuePI3r8UUzvj3XW2UScM_eiAmnMEK0Baw_9hT0-_0l5WKElNsLLuT7rIUnyrizz7-cJWaD-ecgSmG8lXC550-yrkrunayHGIcPjgACDQFPT8fqc3cxXRXhymzP-YlcKe0XmU2jAT2JN732LXySOF_5c3X0nw70aZCovHiKf5EBs-dywLvsqfThk3ntKQA6orsOF7ICf8JiyEiprI4maJw56pOhqVwD7voEfYQMw9-WnkQri1xaC5vWdsgqpXFWDSZmtya-chHV1mVT7Itoo1y-ik58BBoG8gWjvezKTs4s8pt_mNtJQBoAsX5CNOmZo0fnLq_AeBGEHUbY6vbkUr0ILRBgk7DoGvzPIxAZUObEg5Lx18SjBPbsvJweHsawRdLANoDN27xWToUa550k8kH6Jtz8AErM3EhfRgPztWBShXOPL1HHIJRJedErfLevrphoJDtsS0A-f47epGspnTxXbS0kp19aYnA1epIk6B-W6aOBd-yXOLlTKYhCXXTikA9Y8MZWK3YTVDGBPuZLNBdlsvPSPfNXf8KzHUDYFEzUXG96Ti-IkKAGuObQpbUSs9WNvzJhFl7UNYvHpSwcNZJ2ijX8ukJMLdWI7iqMexzrEChbRux_V935vrV9--IgqHIE2gZxevllPGFXLJawgrvWz-YmrHp9GrQp0VU3YmvvFSy-UWND_oN4ikOBBMkhfpjXCFVDTKZrMJUBlJV1EiMjwBRcSANElyHt825zHeLoI5JdRU_fNd1dK2TjJWK-h3bYWYycWaJUdLUOo-BXXrvGXzpnoH5UkYewHLOYzadEBS4qaTfEmVJbPB5c1trkXeDI2gUfGQivkeY9EmPJew1ybX4hLRRYETeGWhB9jhKywon9fdrH6wdS4aTZ6EVYaiFNaHmtd4Np9VnHktwKLyeGwc1XFEm_VNKWBYd4ezT9l6OFijZsevFzHUKol8xruENn5qCC3MEFYYJq0_PWDsPD4EwdLB1MTAtbnAKvfS0-tuS7zEgnvK7AqMkbkxysvkJrPGs2yw0FIZg5yumHa0-H86iXBp504wgdu0nTcktrmt7OzEuVnAtk_ISWpN2Xd6qPmQHPqYtlZSnaoQKEqcJ8LIqOluWvIuvsFW475GqX7388CfilkaQD8-s9uJM1Sy4JdcNaieTFXxtm2ZFhygetZ5udAeg0kBzkBa5oxSW47GNOXY1_4SQq51LtUpR9c4Cv5AMVMVEX4zoIBQpMm0esLZ_MuqDVwuNk69pM0I3ImuuuxM5wuYyNBq1AVspvrhi3LWYvLj3EDuBVw-E7YzSMFfT8rqnYgsldEgXopXIRmiXlj_mPlkZZJEQc9EXI6IdkJv5CDARoOAkdBZcW-S7xvpqsReCrRBFrHyaf6SPu_KoL3lTZV9mce9IX0tLYW8sdnUtG8JTwcQ-joe4jfvOgWzBM-H1rA3IJRu8PeIaMj9-3z2gVJgr6SKZlWqU-F5wb5SUx5n8yclzXUJQGx3Gr2hv5QavM7zThPVcYDdzCcEotelAk9qPTK2zbzRs_WNVnb8nSuVhoEOeLf_VoGXM1464ozy_jj5wRrVXW8EpaOfAFGJv9zxES8mAqk1vPDHCZx3K1E5k-QhNjt4CNa0ef51sIt7iY5iySHKe0er3JPgsz8yQfINA5iinFvoZkaC9yXFNmFFwilzPd4SIutM8UhnG-f7UrS3EaPVtI2qgm1H1pUO6MlK36t5sW3UrnDrXKc4KZ8_Znfjle4E2fx56RjKb657NymfF1Z_Vn0aw8dww_FbIMhshAiusRIJRFjRPeHYhAjJnFEdNgbHezYeuAFUtFVBk0ZNF_h7EHwY1h9i8TC-k7NzQNrWfd-JxaBUOjuHrNJIX_qd4mHOWg_qAvOoomrkPIXDmPzz2kyn9WllgVciIiSMB4BvOCmh5GBxeiAQ7cyHvd1nyUSZFH77Jj-5Fh-jSaAlBeIHan40nTM0yw-Ut6Wi8UsNYhruRiZUuaoPAKOweYNfEWPu5HeiCUE7fwyg57g0SpRlsHiEyS2dn0fjoeUHF4KEfeXo8CLHSU4vh4xPhPeuAQuq32fTXQIMPkO-7TLrCuwl-WGR8-e5Q5N6Z49I14IWahB4SQoOftFUI2NRpV2U9XuhHnoNa7VbLSeiYgsganf-3KELJdWd3AZLdCbf4loMKzHYoCugoN9qqjHOzDJS_tKwXg2aOz5mTdB409KWONKJeD-17tf3RN2tkFrQ-joGwkSPfaI6BjxEDE1w1YerVNog9th7RzjcXUXTA8ufvYGcTi0AoZ4g4Y5z_lG8AX5scZGtjw-cvIEbUMAD9KUB39tavn3LrNFdlF4d9IcK09pu9z4PO1KWZlCdjutRpD6O_xB8QfFVKjCpnb_sI5iffRf4PKwt9PdCQA_Z7MX0b_g9tn98A3i1m_CCIxTIRwh9z_XBDBHeUcRy0GFeM2pD5HHAIy2og2HUaQB57sCQhC-UNqBEBL_u0dZlUY74jBLwAVbKs4G4h3LH8ahmM_Nih9A96OK9LvbHLQMNXMEl9fBBbYXJgBhM6hRMWsY80ivCx7o-A-m3NzupZghxO1Wt0ClHI12qpXMBO3wzb5mt6zd-LE55t_pS_ZKqkPl5JzCphoviipM4hvQH4kZ0_LGh5bCcccupIuKOALvEgrRmLhdC9MIP7hYjorB9ZiSKBAU-8bYisRxCeQtlBssoSOQdlXTCabzBvX0YSsUKQLG5fe1S9lf_j8DxXm4Fy2eGnRlejmoZeVwdjDPJeD6FGMsA1GX-oMkByRhG3rIDuuqbdpSsIibW0IS0h9FspF99kizkDckg2iR7GJgIzoIr7kP4bzAz_27iV07DWKLEMICcQwZPm-lOiVlK3CgbhSnou0SkV2uZuWWz1Q_wWkxCVsawPOmUpORAcUey2_EUO56rm6IxU5xNs12IlR-dFivekIUrTUJLMnagKoLCBC6nRfB33CC4L5HFb8zdiQ5Or7fwh5JPXF4kUZTXyStixFypG4Uyok8FrkN3lG9UlxbJTb73bdTxlCwU_eitaWRmonza3_8SRa-VthLZejPTy631FRvgG-TH_7-YtlkZ0PEt_lQZS3VJ56WmIZwg9Ddz&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnatalie.mu&ds=l&xdt=1&iif=1&cor=7787917231862537000&adk=2598027411&idt=82&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:09:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 9E5E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGokLO9XXxybTk7k1SgiPrIX28QEp7ww1ovCuEVyjinzN2TxgXk-WHCqo_Zat3OOlpDs6J5y6IVoVpK1-cPD8y91_YwsBXjjGPhAdZzvnR0c8UO2-LOoK6qEa7p1DZKUFH86DDs2nwArkAETnMT8rpZrzySc2efA3x7FnPFovtIs6fhX8&dbm_d=AKAmf-ARBO8PkTHp4GK6S0_VD8N6Urk5FKI7c1d3ob0vncdW62kZEaB7C54DMUWg4KfBrerVLfJffJjZ3TaVQ8sFqaCeoZJmqtRaSBFLLS0Hnox_-w4IdmLECF24FXd9eU8D4udXjWwfeWD1g7ayyke1-0fwTg_yUxlfHZlydcZTYSpd-D3VY6BOalTI2swp5WGrePC5Un-bBuuUEa07jihiiuXziBcMvXqFW7uuEOlr0l7Y8a5-3uh-JXSUMZCk8tDHjoezGqm2bVT4mglnZY4d5ReorTrp7OKzv2OWRysIlNP-8X_5JQtZLf3L5jGCWJSzeeVtpyMAV_ZOalIfT75DF_FyQk3bvUsyH_RynP4xr4d1_mvBYA21_qiZF5nyvkTgRi-2UGS-xhWAJiHNn-Bp_E095XB0JZG6YFar4HfpdRLmw5-oE1QADVIH1c9QRAC8tWWyoIbWjwEEzEjv0NBKKUFeMtBWEwtBLn8o93Oc6RHEuePI3r8UUzvj3XW2UScM_eiAmnMEK0Baw_9hT0-_0l5WKElNsLLuT7rIUnyrizz7-cJWaD-ecgSmG8lXC550-yrkrunayHGIcPjgACDQFPT8fqc3cxXRXhymzP-YlcKe0XmU2jAT2JN732LXySOF_5c3X0nw70aZCovHiKf5EBs-dywLvsqfThk3ntKQA6orsOF7ICf8JiyEiprI4maJw56pOhqVwD7voEfYQMw9-WnkQri1xaC5vWdsgqpXFWDSZmtya-chHV1mVT7Itoo1y-ik58BBoG8gWjvezKTs4s8pt_mNtJQBoAsX5CNOmZo0fnLq_AeBGEHUbY6vbkUr0ILRBgk7DoGvzPIxAZUObEg5Lx18SjBPbsvJweHsawRdLANoDN27xWToUa550k8kH6Jtz8AErM3EhfRgPztWBShXOPL1HHIJRJedErfLevrphoJDtsS0A-f47epGspnTxXbS0kp19aYnA1epIk6B-W6aOBd-yXOLlTKYhCXXTikA9Y8MZWK3YTVDGBPuZLNBdlsvPSPfNXf8KzHUDYFEzUXG96Ti-IkKAGuObQpbUSs9WNvzJhFl7UNYvHpSwcNZJ2ijX8ukJMLdWI7iqMexzrEChbRux_V935vrV9--IgqHIE2gZxevllPGFXLJawgrvWz-YmrHp9GrQp0VU3YmvvFSy-UWND_oN4ikOBBMkhfpjXCFVDTKZrMJUBlJV1EiMjwBRcSANElyHt825zHeLoI5JdRU_fNd1dK2TjJWK-h3bYWYycWaJUdLUOo-BXXrvGXzpnoH5UkYewHLOYzadEBS4qaTfEmVJbPB5c1trkXeDI2gUfGQivkeY9EmPJew1ybX4hLRRYETeGWhB9jhKywon9fdrH6wdS4aTZ6EVYaiFNaHmtd4Np9VnHktwKLyeGwc1XFEm_VNKWBYd4ezT9l6OFijZsevFzHUKol8xruENn5qCC3MEFYYJq0_PWDsPD4EwdLB1MTAtbnAKvfS0-tuS7zEgnvK7AqMkbkxysvkJrPGs2yw0FIZg5yumHa0-H86iXBp504wgdu0nTcktrmt7OzEuVnAtk_ISWpN2Xd6qPmQHPqYtlZSnaoQKEqcJ8LIqOluWvIuvsFW475GqX7388CfilkaQD8-s9uJM1Sy4JdcNaieTFXxtm2ZFhygetZ5udAeg0kBzkBa5oxSW47GNOXY1_4SQq51LtUpR9c4Cv5AMVMVEX4zoIBQpMm0esLZ_MuqDVwuNk69pM0I3ImuuuxM5wuYyNBq1AVspvrhi3LWYvLj3EDuBVw-E7YzSMFfT8rqnYgsldEgXopXIRmiXlj_mPlkZZJEQc9EXI6IdkJv5CDARoOAkdBZcW-S7xvpqsReCrRBFrHyaf6SPu_KoL3lTZV9mce9IX0tLYW8sdnUtG8JTwcQ-joe4jfvOgWzBM-H1rA3IJRu8PeIaMj9-3z2gVJgr6SKZlWqU-F5wb5SUx5n8yclzXUJQGx3Gr2hv5QavM7zThPVcYDdzCcEotelAk9qPTK2zbzRs_WNVnb8nSuVhoEOeLf_VoGXM1464ozy_jj5wRrVXW8EpaOfAFGJv9zxES8mAqk1vPDHCZx3K1E5k-QhNjt4CNa0ef51sIt7iY5iySHKe0er3JPgsz8yQfINA5iinFvoZkaC9yXFNmFFwilzPd4SIutM8UhnG-f7UrS3EaPVtI2qgm1H1pUO6MlK36t5sW3UrnDrXKc4KZ8_Znfjle4E2fx56RjKb657NymfF1Z_Vn0aw8dww_FbIMhshAiusRIJRFjRPeHYhAjJnFEdNgbHezYeuAFUtFVBk0ZNF_h7EHwY1h9i8TC-k7NzQNrWfd-JxaBUOjuHrNJIX_qd4mHOWg_qAvOoomrkPIXDmPzz2kyn9WllgVciIiSMB4BvOCmh5GBxeiAQ7cyHvd1nyUSZFH77Jj-5Fh-jSaAlBeIHan40nTM0yw-Ut6Wi8UsNYhruRiZUuaoPAKOweYNfEWPu5HeiCUE7fwyg57g0SpRlsHiEyS2dn0fjoeUHF4KEfeXo8CLHSU4vh4xPhPeuAQuq32fTXQIMPkO-7TLrCuwl-WGR8-e5Q5N6Z49I14IWahB4SQoOftFUI2NRpV2U9XuhHnoNa7VbLSeiYgsganf-3KELJdWd3AZLdCbf4loMKzHYoCugoN9qqjHOzDJS_tKwXg2aOz5mTdB409KWONKJeD-17tf3RN2tkFrQ-joGwkSPfaI6BjxEDE1w1YerVNog9th7RzjcXUXTA8ufvYGcTi0AoZ4g4Y5z_lG8AX5scZGtjw-cvIEbUMAD9KUB39tavn3LrNFdlF4d9IcK09pu9z4PO1KWZlCdjutRpD6O_xB8QfFVKjCpnb_sI5iffRf4PKwt9PdCQA_Z7MX0b_g9tn98A3i1m_CCIxTIRwh9z_XBDBHeUcRy0GFeM2pD5HHAIy2og2HUaQB57sCQhC-UNqBEBL_u0dZlUY74jBLwAVbKs4G4h3LH8ahmM_Nih9A96OK9LvbHLQMNXMEl9fBBbYXJgBhM6hRMWsY80ivCx7o-A-m3NzupZghxO1Wt0ClHI12qpXMBO3wzb5mt6zd-LE55t_pS_ZKqkPl5JzCphoviipM4hvQH4kZ0_LGh5bCcccupIuKOALvEgrRmLhdC9MIP7hYjorB9ZiSKBAU-8bYisRxCeQtlBssoSOQdlXTCabzBvX0YSsUKQLG5fe1S9lf_j8DxXm4Fy2eGnRlejmoZeVwdjDPJeD6FGMsA1GX-oMkByRhG3rIDuuqbdpSsIibW0IS0h9FspF99kizkDckg2iR7GJgIzoIr7kP4bzAz_27iV07DWKLEMICcQwZPm-lOiVlK3CgbhSnou0SkV2uZuWWz1Q_wWkxCVsawPOmUpORAcUey2_EUO56rm6IxU5xNs12IlR-dFivekIUrTUJLMnagKoLCBC6nRfB33CC4L5HFb8zdiQ5Or7fwh5JPXF4kUZTXyStixFypG4Uyok8FrkN3lG9UlxbJTb73bdTxlCwU_eitaWRmonza3_8SRa-VthLZejPTy631FRvgG-TH_7-YtlkZ0PEt_lQZS3VJ56WmIZwg9Ddz&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnatalie.mu&ds=l&xdt=1&iif=1&cor=7787917231862537000&adk=2598027411&idt=82&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
25335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:12:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9E5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrN00Gshj8lz5PgwaUhIMFYOnnS73U82HPdnK5qKlm797U7zc2qzwU6p3NnZdQfmZs33DnXq9y2iI2H_sx0tMcyAzhuu3aQdXQQ9T4CnZ_wjwjE_6cZfAi2VyInCl1FiPg7qhbza5aFxZHn9kjn60C16UDlSiwQH4zVBrDpUXJTCMYK_l_gwKD6F9Yi9gdi39O-jHtWDUwK28-_Yt17SsS4N15CmVJ7juWrdjkrLfP19CwJm7R-e8Rru0pi5RppdRqcSDEQS3a71cb6lKzBQol-mcmCCLkzxaKIpFMJVLnc2gMkDT0lHjLsHA21anTuhZrUeRmrWT0rrqXGhqrcQ2GK3WAV6k6hX5DK-jqxElGOocusDitG4AECtmV1W70lQmGvjaVNIXhSSIhzCCCwFOunIG0Ktw4AcQSF_n-DVtZtlmgoLT6simLuGfWxbdPHoBI0WKs7SB6JIlTjd9crM5FuxdBZSiTFqqluTYODf-HJ4DdWtODrD7Hmv3ljoxsoHPuWWS078fenqMYqOk0FEYA_-oaz8QHtIEghtYe5Ra6bbvSRA0nop8La2T19H5jkOhPpQn6icJAYsXWFbEMZrO-NiiiuZKvv-RXZHVYt0zy9JaSRJFy_GyBuyQVQcx7ET00DPaPwCeP9XDCUDUOj2Cyy0xaZ4ZYvuXzNW4HhloMs-3hiLiHgWTzpEUinPMDa3F6e2Qw5D433sSwKQayV2cOu0jnQG_UDnFqCUbQQt6jIdz7e5r2LXfrs41XBTsWBCpHZ9Xb72mgfPFQleVgtm7WrogkU4Cq7XKmEM6wt8jboPKtKHa3ugQ0_TOsVCEWhYLae9bGIOwUGjGN_wKTwivFaqBDaGHobPGzA5728V-QdKcRNZ4MnUvVbcvMnKeVwfVjXgrRWtecQyTgcMTCfVUS9KINFVO0Ye6y5PEB2IHwq9PGoSglYd7SQngtexjX3wyQUErevHwozMPM2whNWVnxRfBnTNZh3YurUmwNmsuY-0PA5H9J1JefGn4QsSHSxEfFp_mQ_cPSYA7dQzuGC-5_r4ATPfdr2p_hQ-jCslKY_gtWj7W-i_-NWO-bqdPncLjuKLegFhFz16M_eEzo52TWTHapEx6BmlyfMR907X_yXg76Q0sfmkOP8vcC72_LuPQPjfgpq7QBAO0BOn9_dwWDXTM8_oLwhCL0eXwKuOl0-a8cRO-9mmq8FK-3vudcn11biZiFN-cW6ueRjVoaolmye0OSUVDp_4j56wkDI2J6FFXCdlK5j-VDGFTOV5OKxK0OacMatOoiolEMXiVumX1opgWn3apeZukJn5oDFkI3v3803u97X0XSF3Z-OfyLU4qleKAH48Cvvdi8VA&sai=AMfl-YQhD6q7-_hJg--5cFtkdi5t2SJJnwBF8ORjCNqdZ_atSmvePJwqI7QyZkvwTeFOJ86f0RY405V3njon-LjZCZ_oKX8jXa7u2-MDnVWY6pHaHczjx2tsNhIBG975gA4D8VDTp91GkXTPcqmhLhCHBWbOkUWkEfFKjDAnvh4BEitUYpNgsqJhpuyCM83Z0ShntTrTEGJNWqp7qemlVRS6mz2CPnQ270PJUlffCzhJDCnmJWk9O4-2wJl2GItcBO5PwCAMlSMXTWKTsJQZ9TvH-eXvJVcx&sig=Cg0ArKJSzLM6CjcEixwNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=6&cbvp=1&cstd=1&cisv=r20231207.51601&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGokLO9XXxybTk7k1SgiPrIX28QEp7ww1ovCuEVyjinzN2TxgXk-WHCqo_Zat3OOlpDs6J5y6IVoVpK1-cPD8y91_YwsBXjjGPhAdZzvnR0c8UO2-LOoK6qEa7p1DZKUFH86DDs2nwArkAETnMT8rpZrzySc2efA3x7FnPFovtIs6fhX8&dbm_d=AKAmf-ARBO8PkTHp4GK6S0_VD8N6Urk5FKI7c1d3ob0vncdW62kZEaB7C54DMUWg4KfBrerVLfJffJjZ3TaVQ8sFqaCeoZJmqtRaSBFLLS0Hnox_-w4IdmLECF24FXd9eU8D4udXjWwfeWD1g7ayyke1-0fwTg_yUxlfHZlydcZTYSpd-D3VY6BOalTI2swp5WGrePC5Un-bBuuUEa07jihiiuXziBcMvXqFW7uuEOlr0l7Y8a5-3uh-JXSUMZCk8tDHjoezGqm2bVT4mglnZY4d5ReorTrp7OKzv2OWRysIlNP-8X_5JQtZLf3L5jGCWJSzeeVtpyMAV_ZOalIfT75DF_FyQk3bvUsyH_RynP4xr4d1_mvBYA21_qiZF5nyvkTgRi-2UGS-xhWAJiHNn-Bp_E095XB0JZG6YFar4HfpdRLmw5-oE1QADVIH1c9QRAC8tWWyoIbWjwEEzEjv0NBKKUFeMtBWEwtBLn8o93Oc6RHEuePI3r8UUzvj3XW2UScM_eiAmnMEK0Baw_9hT0-_0l5WKElNsLLuT7rIUnyrizz7-cJWaD-ecgSmG8lXC550-yrkrunayHGIcPjgACDQFPT8fqc3cxXRXhymzP-YlcKe0XmU2jAT2JN732LXySOF_5c3X0nw70aZCovHiKf5EBs-dywLvsqfThk3ntKQA6orsOF7ICf8JiyEiprI4maJw56pOhqVwD7voEfYQMw9-WnkQri1xaC5vWdsgqpXFWDSZmtya-chHV1mVT7Itoo1y-ik58BBoG8gWjvezKTs4s8pt_mNtJQBoAsX5CNOmZo0fnLq_AeBGEHUbY6vbkUr0ILRBgk7DoGvzPIxAZUObEg5Lx18SjBPbsvJweHsawRdLANoDN27xWToUa550k8kH6Jtz8AErM3EhfRgPztWBShXOPL1HHIJRJedErfLevrphoJDtsS0A-f47epGspnTxXbS0kp19aYnA1epIk6B-W6aOBd-yXOLlTKYhCXXTikA9Y8MZWK3YTVDGBPuZLNBdlsvPSPfNXf8KzHUDYFEzUXG96Ti-IkKAGuObQpbUSs9WNvzJhFl7UNYvHpSwcNZJ2ijX8ukJMLdWI7iqMexzrEChbRux_V935vrV9--IgqHIE2gZxevllPGFXLJawgrvWz-YmrHp9GrQp0VU3YmvvFSy-UWND_oN4ikOBBMkhfpjXCFVDTKZrMJUBlJV1EiMjwBRcSANElyHt825zHeLoI5JdRU_fNd1dK2TjJWK-h3bYWYycWaJUdLUOo-BXXrvGXzpnoH5UkYewHLOYzadEBS4qaTfEmVJbPB5c1trkXeDI2gUfGQivkeY9EmPJew1ybX4hLRRYETeGWhB9jhKywon9fdrH6wdS4aTZ6EVYaiFNaHmtd4Np9VnHktwKLyeGwc1XFEm_VNKWBYd4ezT9l6OFijZsevFzHUKol8xruENn5qCC3MEFYYJq0_PWDsPD4EwdLB1MTAtbnAKvfS0-tuS7zEgnvK7AqMkbkxysvkJrPGs2yw0FIZg5yumHa0-H86iXBp504wgdu0nTcktrmt7OzEuVnAtk_ISWpN2Xd6qPmQHPqYtlZSnaoQKEqcJ8LIqOluWvIuvsFW475GqX7388CfilkaQD8-s9uJM1Sy4JdcNaieTFXxtm2ZFhygetZ5udAeg0kBzkBa5oxSW47GNOXY1_4SQq51LtUpR9c4Cv5AMVMVEX4zoIBQpMm0esLZ_MuqDVwuNk69pM0I3ImuuuxM5wuYyNBq1AVspvrhi3LWYvLj3EDuBVw-E7YzSMFfT8rqnYgsldEgXopXIRmiXlj_mPlkZZJEQc9EXI6IdkJv5CDARoOAkdBZcW-S7xvpqsReCrRBFrHyaf6SPu_KoL3lTZV9mce9IX0tLYW8sdnUtG8JTwcQ-joe4jfvOgWzBM-H1rA3IJRu8PeIaMj9-3z2gVJgr6SKZlWqU-F5wb5SUx5n8yclzXUJQGx3Gr2hv5QavM7zThPVcYDdzCcEotelAk9qPTK2zbzRs_WNVnb8nSuVhoEOeLf_VoGXM1464ozy_jj5wRrVXW8EpaOfAFGJv9zxES8mAqk1vPDHCZx3K1E5k-QhNjt4CNa0ef51sIt7iY5iySHKe0er3JPgsz8yQfINA5iinFvoZkaC9yXFNmFFwilzPd4SIutM8UhnG-f7UrS3EaPVtI2qgm1H1pUO6MlK36t5sW3UrnDrXKc4KZ8_Znfjle4E2fx56RjKb657NymfF1Z_Vn0aw8dww_FbIMhshAiusRIJRFjRPeHYhAjJnFEdNgbHezYeuAFUtFVBk0ZNF_h7EHwY1h9i8TC-k7NzQNrWfd-JxaBUOjuHrNJIX_qd4mHOWg_qAvOoomrkPIXDmPzz2kyn9WllgVciIiSMB4BvOCmh5GBxeiAQ7cyHvd1nyUSZFH77Jj-5Fh-jSaAlBeIHan40nTM0yw-Ut6Wi8UsNYhruRiZUuaoPAKOweYNfEWPu5HeiCUE7fwyg57g0SpRlsHiEyS2dn0fjoeUHF4KEfeXo8CLHSU4vh4xPhPeuAQuq32fTXQIMPkO-7TLrCuwl-WGR8-e5Q5N6Z49I14IWahB4SQoOftFUI2NRpV2U9XuhHnoNa7VbLSeiYgsganf-3KELJdWd3AZLdCbf4loMKzHYoCugoN9qqjHOzDJS_tKwXg2aOz5mTdB409KWONKJeD-17tf3RN2tkFrQ-joGwkSPfaI6BjxEDE1w1YerVNog9th7RzjcXUXTA8ufvYGcTi0AoZ4g4Y5z_lG8AX5scZGtjw-cvIEbUMAD9KUB39tavn3LrNFdlF4d9IcK09pu9z4PO1KWZlCdjutRpD6O_xB8QfFVKjCpnb_sI5iffRf4PKwt9PdCQA_Z7MX0b_g9tn98A3i1m_CCIxTIRwh9z_XBDBHeUcRy0GFeM2pD5HHAIy2og2HUaQB57sCQhC-UNqBEBL_u0dZlUY74jBLwAVbKs4G4h3LH8ahmM_Nih9A96OK9LvbHLQMNXMEl9fBBbYXJgBhM6hRMWsY80ivCx7o-A-m3NzupZghxO1Wt0ClHI12qpXMBO3wzb5mt6zd-LE55t_pS_ZKqkPl5JzCphoviipM4hvQH4kZ0_LGh5bCcccupIuKOALvEgrRmLhdC9MIP7hYjorB9ZiSKBAU-8bYisRxCeQtlBssoSOQdlXTCabzBvX0YSsUKQLG5fe1S9lf_j8DxXm4Fy2eGnRlejmoZeVwdjDPJeD6FGMsA1GX-oMkByRhG3rIDuuqbdpSsIibW0IS0h9FspF99kizkDckg2iR7GJgIzoIr7kP4bzAz_27iV07DWKLEMICcQwZPm-lOiVlK3CgbhSnou0SkV2uZuWWz1Q_wWkxCVsawPOmUpORAcUey2_EUO56rm6IxU5xNs12IlR-dFivekIUrTUJLMnagKoLCBC6nRfB33CC4L5HFb8zdiQ5Or7fwh5JPXF4kUZTXyStixFypG4Uyok8FrkN3lG9UlxbJTb73bdTxlCwU_eitaWRmonza3_8SRa-VthLZejPTy631FRvgG-TH_7-YtlkZ0PEt_lQZS3VJ56WmIZwg9Ddz&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnatalie.mu&ds=l&xdt=1&iif=1&cor=7787917231862537000&adk=2598027411&idt=82&cac=0&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
moatad.js
z.moatads.com/essencegoogleapac429604762687/ Frame 9E5E 		319 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/essencegoogleapac429604762687/moatad.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGokLO9XXxybTk7k1SgiPrIX28QEp7ww1ovCuEVyjinzN2TxgXk-WHCqo_Zat3OOlpDs6J5y6IVoVpK1-cPD8y91_YwsBXjjGPhAdZzvnR0c8UO2-LOoK6qEa7p1DZKUFH86DDs2nwArkAETnMT8rpZrzySc2efA3x7FnPFovtIs6fhX8&dbm_d=AKAmf-ARBO8PkTHp4GK6S0_VD8N6Urk5FKI7c1d3ob0vncdW62kZEaB7C54DMUWg4KfBrerVLfJffJjZ3TaVQ8sFqaCeoZJmqtRaSBFLLS0Hnox_-w4IdmLECF24FXd9eU8D4udXjWwfeWD1g7ayyke1-0fwTg_yUxlfHZlydcZTYSpd-D3VY6BOalTI2swp5WGrePC5Un-bBuuUEa07jihiiuXziBcMvXqFW7uuEOlr0l7Y8a5-3uh-JXSUMZCk8tDHjoezGqm2bVT4mglnZY4d5ReorTrp7OKzv2OWRysIlNP-8X_5JQtZLf3L5jGCWJSzeeVtpyMAV_ZOalIfT75DF_FyQk3bvUsyH_RynP4xr4d1_mvBYA21_qiZF5nyvkTgRi-2UGS-xhWAJiHNn-Bp_E095XB0JZG6YFar4HfpdRLmw5-oE1QADVIH1c9QRAC8tWWyoIbWjwEEzEjv0NBKKUFeMtBWEwtBLn8o93Oc6RHEuePI3r8UUzvj3XW2UScM_eiAmnMEK0Baw_9hT0-_0l5WKElNsLLuT7rIUnyrizz7-cJWaD-ecgSmG8lXC550-yrkrunayHGIcPjgACDQFPT8fqc3cxXRXhymzP-YlcKe0XmU2jAT2JN732LXySOF_5c3X0nw70aZCovHiKf5EBs-dywLvsqfThk3ntKQA6orsOF7ICf8JiyEiprI4maJw56pOhqVwD7voEfYQMw9-WnkQri1xaC5vWdsgqpXFWDSZmtya-chHV1mVT7Itoo1y-ik58BBoG8gWjvezKTs4s8pt_mNtJQBoAsX5CNOmZo0fnLq_AeBGEHUbY6vbkUr0ILRBgk7DoGvzPIxAZUObEg5Lx18SjBPbsvJweHsawRdLANoDN27xWToUa550k8kH6Jtz8AErM3EhfRgPztWBShXOPL1HHIJRJedErfLevrphoJDtsS0A-f47epGspnTxXbS0kp19aYnA1epIk6B-W6aOBd-yXOLlTKYhCXXTikA9Y8MZWK3YTVDGBPuZLNBdlsvPSPfNXf8KzHUDYFEzUXG96Ti-IkKAGuObQpbUSs9WNvzJhFl7UNYvHpSwcNZJ2ijX8ukJMLdWI7iqMexzrEChbRux_V935vrV9--IgqHIE2gZxevllPGFXLJawgrvWz-YmrHp9GrQp0VU3YmvvFSy-UWND_oN4ikOBBMkhfpjXCFVDTKZrMJUBlJV1EiMjwBRcSANElyHt825zHeLoI5JdRU_fNd1dK2TjJWK-h3bYWYycWaJUdLUOo-BXXrvGXzpnoH5UkYewHLOYzadEBS4qaTfEmVJbPB5c1trkXeDI2gUfGQivkeY9EmPJew1ybX4hLRRYETeGWhB9jhKywon9fdrH6wdS4aTZ6EVYaiFNaHmtd4Np9VnHktwKLyeGwc1XFEm_VNKWBYd4ezT9l6OFijZsevFzHUKol8xruENn5qCC3MEFYYJq0_PWDsPD4EwdLB1MTAtbnAKvfS0-tuS7zEgnvK7AqMkbkxysvkJrPGs2yw0FIZg5yumHa0-H86iXBp504wgdu0nTcktrmt7OzEuVnAtk_ISWpN2Xd6qPmQHPqYtlZSnaoQKEqcJ8LIqOluWvIuvsFW475GqX7388CfilkaQD8-s9uJM1Sy4JdcNaieTFXxtm2ZFhygetZ5udAeg0kBzkBa5oxSW47GNOXY1_4SQq51LtUpR9c4Cv5AMVMVEX4zoIBQpMm0esLZ_MuqDVwuNk69pM0I3ImuuuxM5wuYyNBq1AVspvrhi3LWYvLj3EDuBVw-E7YzSMFfT8rqnYgsldEgXopXIRmiXlj_mPlkZZJEQc9EXI6IdkJv5CDARoOAkdBZcW-S7xvpqsReCrRBFrHyaf6SPu_KoL3lTZV9mce9IX0tLYW8sdnUtG8JTwcQ-joe4jfvOgWzBM-H1rA3IJRu8PeIaMj9-3z2gVJgr6SKZlWqU-F5wb5SUx5n8yclzXUJQGx3Gr2hv5QavM7zThPVcYDdzCcEotelAk9qPTK2zbzRs_WNVnb8nSuVhoEOeLf_VoGXM1464ozy_jj5wRrVXW8EpaOfAFGJv9zxES8mAqk1vPDHCZx3K1E5k-QhNjt4CNa0ef51sIt7iY5iySHKe0er3JPgsz8yQfINA5iinFvoZkaC9yXFNmFFwilzPd4SIutM8UhnG-f7UrS3EaPVtI2qgm1H1pUO6MlK36t5sW3UrnDrXKc4KZ8_Znfjle4E2fx56RjKb657NymfF1Z_Vn0aw8dww_FbIMhshAiusRIJRFjRPeHYhAjJnFEdNgbHezYeuAFUtFVBk0ZNF_h7EHwY1h9i8TC-k7NzQNrWfd-JxaBUOjuHrNJIX_qd4mHOWg_qAvOoomrkPIXDmPzz2kyn9WllgVciIiSMB4BvOCmh5GBxeiAQ7cyHvd1nyUSZFH77Jj-5Fh-jSaAlBeIHan40nTM0yw-Ut6Wi8UsNYhruRiZUuaoPAKOweYNfEWPu5HeiCUE7fwyg57g0SpRlsHiEyS2dn0fjoeUHF4KEfeXo8CLHSU4vh4xPhPeuAQuq32fTXQIMPkO-7TLrCuwl-WGR8-e5Q5N6Z49I14IWahB4SQoOftFUI2NRpV2U9XuhHnoNa7VbLSeiYgsganf-3KELJdWd3AZLdCbf4loMKzHYoCugoN9qqjHOzDJS_tKwXg2aOz5mTdB409KWONKJeD-17tf3RN2tkFrQ-joGwkSPfaI6BjxEDE1w1YerVNog9th7RzjcXUXTA8ufvYGcTi0AoZ4g4Y5z_lG8AX5scZGtjw-cvIEbUMAD9KUB39tavn3LrNFdlF4d9IcK09pu9z4PO1KWZlCdjutRpD6O_xB8QfFVKjCpnb_sI5iffRf4PKwt9PdCQA_Z7MX0b_g9tn98A3i1m_CCIxTIRwh9z_XBDBHeUcRy0GFeM2pD5HHAIy2og2HUaQB57sCQhC-UNqBEBL_u0dZlUY74jBLwAVbKs4G4h3LH8ahmM_Nih9A96OK9LvbHLQMNXMEl9fBBbYXJgBhM6hRMWsY80ivCx7o-A-m3NzupZghxO1Wt0ClHI12qpXMBO3wzb5mt6zd-LE55t_pS_ZKqkPl5JzCphoviipM4hvQH4kZ0_LGh5bCcccupIuKOALvEgrRmLhdC9MIP7hYjorB9ZiSKBAU-8bYisRxCeQtlBssoSOQdlXTCabzBvX0YSsUKQLG5fe1S9lf_j8DxXm4Fy2eGnRlejmoZeVwdjDPJeD6FGMsA1GX-oMkByRhG3rIDuuqbdpSsIibW0IS0h9FspF99kizkDckg2iR7GJgIzoIr7kP4bzAz_27iV07DWKLEMICcQwZPm-lOiVlK3CgbhSnou0SkV2uZuWWz1Q_wWkxCVsawPOmUpORAcUey2_EUO56rm6IxU5xNs12IlR-dFivekIUrTUJLMnagKoLCBC6nRfB33CC4L5HFb8zdiQ5Or7fwh5JPXF4kUZTXyStixFypG4Uyok8FrkN3lG9UlxbJTb73bdTxlCwU_eitaWRmonza3_8SRa-VthLZejPTy631FRvgG-TH_7-YtlkZ0PEt_lQZS3VJ56WmIZwg9Ddz&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnatalie.mu&ds=l&xdt=1&iif=1&cor=7787917231862537000&adk=2598027411&idt=82&cac=0&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
11b97f0d2bf0d06578ca65b07d0cc1044e8ebba5ee341db2dbd30dee3287508e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:35:05 GMT
server
AmazonS3
x-amz-request-id
FFQKXGXRSN5WCTV1
etag
"49138b820018af0818b53fd10c890a7c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=14728
accept-ranges
bytes
content-length
111594
x-amz-id-2
K19g6TrrYVl/W7+OJGtx2Lva36z39GPEmczpf5kd1xHBtnvmaw0zvui7QVl92ZaEsTXgRhTyxLE=
m
secure-gg.imrworldwide.com/cgi-bin/ Frame 9E5E 		44 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn527701&cr=crtve&ce=japan-dv360-dar&pc=japan-dv360-dar_plc0001&ci=nlsnci1799&am=3&at=view&rt=banner&st=image&r=2113462186&C78=G1,DCM&uoo=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.139.8 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-139-8.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
3000698414-img-30
img.macromill.com/imp/us002676tay/ Frame 9E5E 		68 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.macromill.com/imp/us002676tay/3000698414-img-30
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.160.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-160-37.nrt12.r.cloudfront.net
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 0ad301ca10327c098ca0386f844a3652.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 09:15:14 GMT
x-amz-cf-pop
NRT12-C3
etag
"b57248e07c365005a74c4e5d8def9fbb"
x-cache
Miss from cloudfront
content-type
image/png
p3p
CP='NON UNI CUR OUR'
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
68
x-amz-cf-id
cbNQv7iFLhFfbG9_7_o_ANEarS1k8m6GWKTj5z2DjEDmkR2W5ebV7Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame B4DD 		315 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c94499c964dd9a10f0b783e624b4ff4317f5681d1120c7d6d8caba39494f3ae5

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
315
content-type
text/html
date
Tue, 12 Dec 2023 09:15:14 GMT
expires
Tue, 12 Dec 2023 09:15:14 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726
sync
ssbsync.smartadserver.com/api/ Frame 56F2 		794 B
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
08d1d63ea6c2863ab1470846acad68964cd766b70d124102c400330e736e4ab8

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
794
content-type
text/html
date
Tue, 12 Dec 2023 09:15:14 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZXgkoV53WQ1V60EtPPrXJwAAFXAAAAAB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZXgkoV53WQ1V60EtPPrXJwAAFXAAAAAB
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpMfm66HULEU7orsfTSyfYpedckJh1xEFBbxNiW5kdyhh8HoychJiIY6k2Dl1rzHhs9UTg9lOloiLp53Tk1cOWOT%2FrLjfCRQEG8dkMcUr6%2F8aZT8uf9x01oJ7Af05BR4iCDAMX6KbS2MUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZXgkoV53WQ1V60EtPPrXJwAAFXAAAAAB
cache-control
no-cache
cf-ray
8344dc981a792089-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel.gif
px.moatads.com/ Frame 9E5E 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ESSENCEGOOGLE_APAC1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fnatalie.mu&lp=https%3A%2F%2Fnatalie.mu&t=1702372514587&de=593353192875&m=0&ar=cc84ca2002d-clean&iw=a231459&q=2&cb=0&ym=0&cu=1702372514587&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30831413%3A6038887%3A381652502%3A205078366&zMoatEXTID=-&zMoatENV=j&zMoatADV=4508247&zMoatVH=-&zGSRC=1&gu=https%3A%2F%2Fnatalie.mu%2F&id=0&ii=6&bo=natalie.mu&bd=natalie.mu&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=essencegoogleapac429604762687&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&fs=206701&na=400141064&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 09:15:14 GMT
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame B4DD 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 10 Dec 2028 09:15:14 GMT
sync
x.bidswitch.net/ Frame B4DD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=eplanning
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=eplanning
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4033ac60-0bd9-4992-9e10-da19b6084055&ssp=eplanning
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4033ac60-0bd9-4992-9e10-da19b6084055&ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4033ac60-0bd9-4992-9e10-da19b6084055&ssp=eplanning
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
u.4dex.io/ Frame 56F2 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=8160195145739520768&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
redir
rtb-csync.smartadserver.com/ Frame 56F2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAIJfk7K8EkAABSLrjEArA&partnerid=127&gdpr=0
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAIJfk7K8EkAABSLrjEArA&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAIJfk7K8EkAABSLrjEArA&partnerid=127&gdpr=0
Date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 56F2
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
an-x-request-uuid
e8fa3b57-d5e6-43fb-b949-26872987cbf6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
p
a.audrte.com/ Frame 56F2
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2JkLXdxT3RnLTNTZDZJdTdyV0NDc21DZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDdiZC13cU90Zy0zU2Q2SXU3...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=6265997732731674459&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=7bd-wqOtg-3Sd6Iu7rWCCsmCg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=8160195145739520768&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.246.67.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-67-235.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:16 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 12 Dec 2023 09:15:16 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 56F2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
951036
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
index.html
video.seenthis.se/v2/builds/bhJOezqNZn/ Frame 9E5E 		8 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.seenthis.se/v2/builds/bhJOezqNZn/index.html
Requested by
Host: video.seenthis.se
URL: https://video.seenthis.se/public/tag-loader/2/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1e2098d1f9bdbc45c2fc6110c484d673440b7bb1950da5cbb320b3cbc53da33
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
xZylcDB_QHLwTcGb0o4odTgIoBiS8hl1
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000
x-amz-request-id
XKJ0AVFRSDZ9G3CP
age
755192
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests
x-cache
HIT, HIT
content-length
3227
x-amz-id-2
4rpg0wE4mZ6I8UmGW6X3HsxE0EyJmiz7995CgJUQYchpmYY/tYN6mYSGeWw5oUNQmvvAX0VBsGE=
x-served-by
cache-lcy-eglc8600065-LCY, cache-nrt-rjtf7700022-NRT
referrer-policy
no-referrer
last-modified
Wed, 15 Nov 2023 08:57:10 GMT
server
AmazonS3
x-timer
S1702372515.676367,VS0,VE0
etag
"13fc9182a1c777656ba651c348fee493"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
2, 153985
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2805 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
34591
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Dec 2023 23:38:43 GMT
etag
48472445140208031
expires
Tue, 12 Dec 2023 23:38:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9E5E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
841de43316a3de4228310425ca43bd49df9cc8311512db2487916bbdf1e6c1cd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 2805
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEM7uSBSWgP4Nr98cSJjz3RQ&google_cver=1&google_push=AXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM7uSBSWgP4Nr98cSJjz3RQ&google_cver=1&google_push=AXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t...
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM7uSBSWgP4Nr98cSJjz3RQ&google_cver=1&google_push=AXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8344dc9a18556845-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
812
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEM7uSBSWgP4Nr98cSJjz3RQ&google_cver=1&google_push=AXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTMFDkQ7hGvXhpMM_XNQblEGevNYD8bwPflWrBnBptRt3soxjeEZZ1khnR8QczSpJmZj1xBA9Zhfv3V_NZakfuGxZEVW-t1H6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8344dc993fa26845-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2805
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFIlb9_PcvX5PDdagEwvhIk&google_cver=1&google_push=AXcoOmR3pSxfITnw0OVHxHZJPAQnWhaPaDNbBUaQFpE5qSuHAYldIazQOfsqeH0md39r0ffEOC3eY-PNtLgV2lKJuQcc8PHSgUl0EvBO
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1DE816A79C4D878295157B03978D9B&google_push=AXcoOmR3pSxfITnw0OVHxHZJPAQnWhaPaDNbBUaQFpE5qSuHAYldIazQOfsqeH0md39r0ffEOC3eY-PNtLgV2lK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1DE816A79C4D878295157B03978D9B&google_push=AXcoOmR3pSxfITnw0OVHxHZJPAQnWhaPaDNbBUaQFpE5qSuHAYldIazQOfsqeH0md39r0ffEOC3eY-PNtLgV2lKJuQcc8PHSgUl0EvBO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA1DE816A79C4D878295157B03978D9B&google_push=AXcoOmR3pSxfITnw0OVHxHZJPAQnWhaPaDNbBUaQFpE5qSuHAYldIazQOfsqeH0md39r0ffEOC3eY-PNtLgV2lKJuQcc8PHSgUl0EvBO
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 09:15:14 GMT
pixel
cm.g.doubleclick.net/ Frame 2805
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMX35QWyCxgVIO1x-Ws-c0g&google_cver=1&google_push=AXcoOmSwkZ4u-G8l7KrddWBdU6unJouMw3Bzj8iHxIEG2igvfYYVJME6qaoHW4CqknFpSp33lkJDzn6uqju3gJ7MW_...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDRiNDA1NmMtOWNmZi00OTgxLWExMWEtNjZlNDg1ODk5OGUy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d4b4056c-9cff-4981-a11a-66e4858998e2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDRiNDA1NmMtOWNmZi00OTgxLWExMWEtNjZlNDg1ODk5OGUy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d4b4056c-9cff-4981-a11a-66e4858998e2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDRiNDA1NmMtOWNmZi00OTgxLWExMWEtNjZlNDg1ODk5OGUy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d4b4056c-9cff-4981-a11a-66e4858998e2
date
Tue, 12 Dec 2023 09:15:14 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 2805
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTif55dvL6RD8PEH9N2_iByEgo3fbOVK_XqjdH-83OCCBzrtIaKQ9CIAu35tBNZJD_sw-tto39IAiN2KIDhCx5ojrbjR6ZjXOYT&google_gid=CAESEEPztuGQOG3htiLHJwgMzxs...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd1pLU1VKeHJhZmdzVG44Rm5rQ1hkUmQtR2tJblVycmJ6bGNaTGFMWnoxbw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd1pLU1VKeHJhZmdzVG44Rm5rQ1hkUmQtR2tJblVycmJ6bGNaTGFMWnoxbw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 09:15:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd1pLU1VKeHJhZmdzVG44Rm5rQ1hkUmQtR2tJblVycmJ6bGNaTGFMWnoxbw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2805
Redirect Chain
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEPLdMrHI1fBGJpqdqkG_8Tc&google_cver=1&google_push=AXcoOmSL62O_wnY8sZS1FLKIG4Ed7MLz5SNFsQweQhjk7gW6stnMprqD0hawc1o2xl6_IauQ1DIvWKjxaqe1Lpx...
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=WiWoMP9uj5iTjKU1yLnm-8&tap=gAds&google_gid=CAESEPLdMrHI1fBGJpqdqkG_8Tc&google_cver=1&google_push=AXcoOmSL62O_wnY8sZS1FLKIG4Ed7MLz5SNF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=WiWoMP9uj5iTjKU1yLnm-8&tap=gAds&google_gid=CAESEPLdMrHI1fBGJpqdqkG_8Tc&google_cver=1&google_push=AXcoOmSL62O_wnY8sZS1FLKIG4Ed7MLz5SNFsQweQhjk7gW6stnMprqD0hawc1o2xl6_IauQ1DIvWKjxaqe1LpxljSXH1S6BR9QIpzR0
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
HTTP/1.1 odnd
Date
Tue, 12 Dec 2023 09:15:15 GMT
Last-Modified
Wed, 06 Dec 2023 07:21:35 GMT
Content-Type
text/plain; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=WiWoMP9uj5iTjKU1yLnm-8&tap=gAds&google_gid=CAESEPLdMrHI1fBGJpqdqkG_8Tc&google_cver=1&google_push=AXcoOmSL62O_wnY8sZS1FLKIG4Ed7MLz5SNFsQweQhjk7gW6stnMprqD0hawc1o2xl6_IauQ1DIvWKjxaqe1LpxljSXH1S6BR9QIpzR0
Cache-Control
no-store, no-cache, must-revalidate
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
0
X-Tb
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2805
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPEaCEqWyLXx6RqpjgCcQ08&google_cver=1&google_push=AXcoOmRt_xLrLPex62OfX2ChGiTsWU0MBImKNYqJgPOMy3KOQv3Eedv9klA7QMkevNLkVXYf1cBrQxtZR0EvL_uypJc6...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRt_xLrLPex62OfX2ChGiTsWU0MBImKNYqJgPOMy3KOQv3Eedv9klA7QMkevNLkVXYf1cBrQxtZR0EvL_uypJc6_ZtBlD9sjw_Y&google_hm=3rSlXOMcSLiad6JrAoQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRt_xLrLPex62OfX2ChGiTsWU0MBImKNYqJgPOMy3KOQv3Eedv9klA7QMkevNLkVXYf1cBrQxtZR0EvL_uypJc6_ZtBlD9sjw_Y&google_hm=3rSlXOMcSLiad6JrAoQy6Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRt_xLrLPex62OfX2ChGiTsWU0MBImKNYqJgPOMy3KOQv3Eedv9klA7QMkevNLkVXYf1cBrQxtZR0EvL_uypJc6_ZtBlD9sjw_Y&google_hm=3rSlXOMcSLiad6JrAoQy6Q==
Date
Tue, 12 Dec 2023 09:15:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
spacer.gif
an.yandex.ru/resource/ Frame 2805
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEIX_TMjH39HAn0u_WZ21bbw?ext-param=AXcoOmSlqFB34o6i4eaBmkUNHYrvLaDBFUr3FzfVlKQPNmzU88marb_ty56m4D16Q7ffcnZDqdY66qRTJyaU3WsYFR_JhH_m3b7e7AZS_w&partner-tag=yande...
  • https://an.yandex.ru/mapuid/google/CAESEIX_TMjH39HAn0u_WZ21bbw?redir-setuniq=1&ext-param=AXcoOmSlqFB34o6i4eaBmkUNHYrvLaDBFUr3FzfVlKQPNmzU88marb_ty56m4D16Q7ffcnZDqdY66qRTJyaU3WsYFR_JhH_m3b7e7AZS_w&p...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIX_TMjH39HAn0u_WZ21bbw&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 26 Nov 2024 09:15:16 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2805 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Luxw82WNWxC2j4gQ0zM_zqHdKIM9SsK1KnaOHvlUku5mR1ehmGvo1vy-y5waRs6GxLfUAfZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4296692801820818&output=html&h=250&slotname=3985261949&adk=3401233556&adf=776186319&pi=t.ma~as.3985261949&w=300&fwrn=3&lmt=1702372513&format=300x250&url=https%3A%2F%2Fnatalie.mu%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702372513539&bpp=1&bdt=200&idt=257&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D2efcfbd936fee8b1%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MY8DtsdO10lu4lk5BV1ywCz_83gPg&gpic=UID%3D00000caa903b3c30%3AT%3D1702372512%3ART%3D1702372512%3AS%3DALNI_MbIqfakSp9Jl_acqs0MznrxKa5SDQ&prev_fmts=0x0&nras=1&correlator=2562548046679&frm=23&ife=4&pv=1&ga_vid=460445772.1702372512&ga_sid=1702372514&ga_hid=1622257974&ga_fc=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=523&biw=1600&bih=1200&isw=300&ish=250&ifk=1114367609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C31079919%2C31079930%2C44809531%2C95320868%2C95320884&oid=2&pvsid=3734157304128697&tmod=1402214926&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xkytp3sw7k06&fsb=1&dtd=305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 2CDF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzPF83_g6yA9u9iLqzJhk2WHAZfjVHE9-zepA04M9YmLG7LhkYEHIg7UGsxnUUigLbhXwhZnIr5K9Rjwz4yQaNLzfdxaV6YqbD_vLf8hrY72oSX8aJyxJ9cpJv9up3RpRdD0wWr3F9rV3ii1OPOTd2olqM&sai=AMfl-YS4Y9ruX_jM9tlT4F88m4PaAOUvDGJNtVJcirauufSppCiTrT9ZPeHyOZ4RMxVBiWMO6D2xlAARMUp8vvTKBxvx5yY3sGc7Ej1quQkDxRmO74CHP6XIOSDA7gezBNMUwQBlfcMSt-qbhe9sDVdk&sig=Cg0ArKJSzKuvoe5LuDrQEAE&cid=CAQSTgAvHhf_xZfkbxaLZ16bTrr1FqWIqobZpGCazJueZBVQArqqL_PySfNHJv21Dj-J2wxhbjJrgoObG61N6oKCOcIgUgInJsSW71-e0gJGThgB&id=ampim&o=602,50&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=444&tls=1444&g=100&h=100&tt=1444&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame B4DD 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 16:17:29 GMT
content-encoding
gzip
via
1.1 12edfea623a876eaab6b5e8c6eab26b2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C1
age
61066
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
rDN6l5t6sgurYOhHvNY5bTANWy_QNKm7cxaUQPVcV_G7qK-30Nwmfw==
setuid
u.4dex.io/ Frame 288B 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&uid=AKabF3seavNRulad
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 09:15:14 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
activeview
pagead2.googlesyndication.com/pcs/ Frame 6D55 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWUT5ZzzTVUDFKRYCmM20kjWQnWQ_KASpPh5jVDq-XA6RpAug2j6P3aOGQh2dRKjaaKW58Ilk8n1xe_J13fdgCWKdLNWtHeLrRhzzCD7KiMLXXhOAjMzXHZM8eQjj8-CSKV3r9yqVFsIkTCfvAnGtMCaJ-&sig=Cg0ArKJSzAk9GvgbM58VEAE&id=lidar2&mcvt=1000&p=523,1025,773,1325&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1147668949&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702372513339&rpt=459&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3734157304128697&bg=!Dg2lDULNAAY3kmNgF5I7ADQBe5WfON33pwGLWQkcU1G_GHfF1pnU_fgL_h0YoWOeCWBWubZOcJ--5aH9eXqA6GgnPrLmAgAAAFBSAAAAA2gBBwoAZ7xg1esCCiqiEFvrq-XgIz5KwZVSG3sP2cPx4kmka5hpjKYr_bu7yYOGIwhFdWAWQJRhOvE5bNb9Rg1rsBJj3y_80HVl5hde1oFOjoAxedUp6eOBwtISok3d3eFa2eE9lEWyLbZK72qZAvVvMHXfB9BPmwVWIlwjFE8AfcpQWeVtTLR9VFxSVS0Cj9EsZ129oKTuP6wnohVYh7U5JbF5L2mdl2mdGtTOmRnFHpXMoELoLhtaq8EYCZC7d2S2MMiRqe2z8oHo1dPe2fSwmGgGJKdyV-qw3R_s_MluP5iwvPtOo-gPqXze_HlOV9vj4og8_fs_23lmyn59j2nsOKFxDAMPTS-PhYNpJZsmt4yzdINgDdxtxOSmW7wZg8XF7Tx7-WZONzfStmroy-vTWNPjfBsCDD1PQcm1-IGo-4f2-ctt-RXsf5I6BJ42IrThfKXDeiKBLgwuoLsA0eIEG1rye1BDsDsDZLXNXhmluVwE9CtcV7WAJG9jOpC-egHHeQufCRAchg1KlA6kbmW-YpFFbcmZcw5K9otMACDoQe1KLXhPVyzefF0AlC9HyNrZWyz1mwKXvMTHlpoZJZRvAWV4Xnt8m7r8mISSIEQyn7KknYMkaL-BA_k8JgEmbXwCwRQMPRwI1yenXzJSOzHxIkRSylCPXvdhPsyiYjZb7cGmG3ib4lyGU2xLLdBWl69YCm5VMuA47bm70iKCPD-5E6WTj0inKeJu2Da5MoLBwWKIacBOS9ziLo2nyD4NklqyOcdK8RHvp_gaI7PdCcVmOW1fMCiSIznTzxG1PNl0FjWh9QmbTnTO1ZABlHea4a6G0fr7sItEF3I5w3S2RcCKkmd4PZgWGqy9DFzVu860F04yWaG_kM2lV73iH3_5rupBG7IZkdYjS6W_5GQj272t-qlLWmuIS0CvjMs5K0MeZBiwTwVzbHMxtjwKjpYGaaHIaJmRe-bwgRXd0mEYL7GlZ8B4Cfjlslwimmi1XnGLKaVsKDX12V9PqCj8QG8epILM1URMBhka0IPy4EIBV8K7CxSdWaOiVgGY7V9gGFhzKiqtYodO0Dip5PsuAlevzoF8zp9IE_mtKTD4fyjs1wEeymNPHL1d4A09H3kZRXIMeRukbQiinmId2u00gQWo6CjIzU1J
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 9E5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrN00Gshj8lz5PgwaUhIMFYOnnS73U82HPdnK5qKlm797U7zc2qzwU6p3NnZdQfmZs33DnXq9y2iI2H_sx0tMcyAzhuu3aQdXQQ9T4CnZ_wjwjE_6cZfAi2VyInCl1FiPg7qhbza5aFxZHn9kjn60C16UDlSiwQH4zVBrDpUXJTCMYK_l_gwKD6F9Yi9gdi39O-jHtWDUwK28-_Yt17SsS4N15CmVJ7juWrdjkrLfP19CwJm7R-e8Rru0pi5RppdRqcSDEQS3a71cb6lKzBQol-mcmCCLkzxaKIpFMJVLnc2gMkDT0lHjLsHA21anTuhZrUeRmrWT0rrqXGhqrcQ2GK3WAV6k6hX5DK-jqxElGOocusDitG4AECtmV1W70lQmGvjaVNIXhSSIhzCCCwFOunIG0Ktw4AcQSF_n-DVtZtlmgoLT6simLuGfWxbdPHoBI0WKs7SB6JIlTjd9crM5FuxdBZSiTFqqluTYODf-HJ4DdWtODrD7Hmv3ljoxsoHPuWWS078fenqMYqOk0FEYA_-oaz8QHtIEghtYe5Ra6bbvSRA0nop8La2T19H5jkOhPpQn6icJAYsXWFbEMZrO-NiiiuZKvv-RXZHVYt0zy9JaSRJFy_GyBuyQVQcx7ET00DPaPwCeP9XDCUDUOj2Cyy0xaZ4ZYvuXzNW4HhloMs-3hiLiHgWTzpEUinPMDa3F6e2Qw5D433sSwKQayV2cOu0jnQG_UDnFqCUbQQt6jIdz7e5r2LXfrs41XBTsWBCpHZ9Xb72mgfPFQleVgtm7WrogkU4Cq7XKmEM6wt8jboPKtKHa3ugQ0_TOsVCEWhYLae9bGIOwUGjGN_wKTwivFaqBDaGHobPGzA5728V-QdKcRNZ4MnUvVbcvMnKeVwfVjXgrRWtecQyTgcMTCfVUS9KINFVO0Ye6y5PEB2IHwq9PGoSglYd7SQngtexjX3wyQUErevHwozMPM2whNWVnxRfBnTNZh3YurUmwNmsuY-0PA5H9J1JefGn4QsSHSxEfFp_mQ_cPSYA7dQzuGC-5_r4ATPfdr2p_hQ-jCslKY_gtWj7W-i_-NWO-bqdPncLjuKLegFhFz16M_eEzo52TWTHapEx6BmlyfMR907X_yXg76Q0sfmkOP8vcC72_LuPQPjfgpq7QBAO0BOn9_dwWDXTM8_oLwhCL0eXwKuOl0-a8cRO-9mmq8FK-3vudcn11biZiFN-cW6ueRjVoaolmye0OSUVDp_4j56wkDI2J6FFXCdlK5j-VDGFTOV5OKxK0OacMatOoiolEMXiVumX1opgWn3apeZukJn5oDFkI3v3803u97X0XSF3Z-OfyLU4qleKAH48Cvvdi8VA&sai=AMfl-YQhD6q7-_hJg--5cFtkdi5t2SJJnwBF8ORjCNqdZ_atSmvePJwqI7QyZkvwTeFOJ86f0RY405V3njon-LjZCZ_oKX8jXa7u2-MDnVWY6pHaHczjx2tsNhIBG975gA4D8VDTp91GkXTPcqmhLhCHBWbOkUWkEfFKjDAnvh4BEitUYpNgsqJhpuyCM83Z0ShntTrTEGJNWqp7qemlVRS6mz2CPnQ270PJUlffCzhJDCnmJWk9O4-2wJl2GItcBO5PwCAMlSMXTWKTsJQZ9TvH-eXvJVcx&sig=Cg0ArKJSzLM6CjcEixwNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=397&vt=11&dtpt=391&dett=4&cstd=1&cisv=r20231207.51601&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGokLO9XXxybTk7k1SgiPrIX28QEp7ww1ovCuEVyjinzN2TxgXk-WHCqo_Zat3OOlpDs6J5y6IVoVpK1-cPD8y91_YwsBXjjGPhAdZzvnR0c8UO2-LOoK6qEa7p1DZKUFH86DDs2nwArkAETnMT8rpZrzySc2efA3x7FnPFovtIs6fhX8&dbm_d=AKAmf-ARBO8PkTHp4GK6S0_VD8N6Urk5FKI7c1d3ob0vncdW62kZEaB7C54DMUWg4KfBrerVLfJffJjZ3TaVQ8sFqaCeoZJmqtRaSBFLLS0Hnox_-w4IdmLECF24FXd9eU8D4udXjWwfeWD1g7ayyke1-0fwTg_yUxlfHZlydcZTYSpd-D3VY6BOalTI2swp5WGrePC5Un-bBuuUEa07jihiiuXziBcMvXqFW7uuEOlr0l7Y8a5-3uh-JXSUMZCk8tDHjoezGqm2bVT4mglnZY4d5ReorTrp7OKzv2OWRysIlNP-8X_5JQtZLf3L5jGCWJSzeeVtpyMAV_ZOalIfT75DF_FyQk3bvUsyH_RynP4xr4d1_mvBYA21_qiZF5nyvkTgRi-2UGS-xhWAJiHNn-Bp_E095XB0JZG6YFar4HfpdRLmw5-oE1QADVIH1c9QRAC8tWWyoIbWjwEEzEjv0NBKKUFeMtBWEwtBLn8o93Oc6RHEuePI3r8UUzvj3XW2UScM_eiAmnMEK0Baw_9hT0-_0l5WKElNsLLuT7rIUnyrizz7-cJWaD-ecgSmG8lXC550-yrkrunayHGIcPjgACDQFPT8fqc3cxXRXhymzP-YlcKe0XmU2jAT2JN732LXySOF_5c3X0nw70aZCovHiKf5EBs-dywLvsqfThk3ntKQA6orsOF7ICf8JiyEiprI4maJw56pOhqVwD7voEfYQMw9-WnkQri1xaC5vWdsgqpXFWDSZmtya-chHV1mVT7Itoo1y-ik58BBoG8gWjvezKTs4s8pt_mNtJQBoAsX5CNOmZo0fnLq_AeBGEHUbY6vbkUr0ILRBgk7DoGvzPIxAZUObEg5Lx18SjBPbsvJweHsawRdLANoDN27xWToUa550k8kH6Jtz8AErM3EhfRgPztWBShXOPL1HHIJRJedErfLevrphoJDtsS0A-f47epGspnTxXbS0kp19aYnA1epIk6B-W6aOBd-yXOLlTKYhCXXTikA9Y8MZWK3YTVDGBPuZLNBdlsvPSPfNXf8KzHUDYFEzUXG96Ti-IkKAGuObQpbUSs9WNvzJhFl7UNYvHpSwcNZJ2ijX8ukJMLdWI7iqMexzrEChbRux_V935vrV9--IgqHIE2gZxevllPGFXLJawgrvWz-YmrHp9GrQp0VU3YmvvFSy-UWND_oN4ikOBBMkhfpjXCFVDTKZrMJUBlJV1EiMjwBRcSANElyHt825zHeLoI5JdRU_fNd1dK2TjJWK-h3bYWYycWaJUdLUOo-BXXrvGXzpnoH5UkYewHLOYzadEBS4qaTfEmVJbPB5c1trkXeDI2gUfGQivkeY9EmPJew1ybX4hLRRYETeGWhB9jhKywon9fdrH6wdS4aTZ6EVYaiFNaHmtd4Np9VnHktwKLyeGwc1XFEm_VNKWBYd4ezT9l6OFijZsevFzHUKol8xruENn5qCC3MEFYYJq0_PWDsPD4EwdLB1MTAtbnAKvfS0-tuS7zEgnvK7AqMkbkxysvkJrPGs2yw0FIZg5yumHa0-H86iXBp504wgdu0nTcktrmt7OzEuVnAtk_ISWpN2Xd6qPmQHPqYtlZSnaoQKEqcJ8LIqOluWvIuvsFW475GqX7388CfilkaQD8-s9uJM1Sy4JdcNaieTFXxtm2ZFhygetZ5udAeg0kBzkBa5oxSW47GNOXY1_4SQq51LtUpR9c4Cv5AMVMVEX4zoIBQpMm0esLZ_MuqDVwuNk69pM0I3ImuuuxM5wuYyNBq1AVspvrhi3LWYvLj3EDuBVw-E7YzSMFfT8rqnYgsldEgXopXIRmiXlj_mPlkZZJEQc9EXI6IdkJv5CDARoOAkdBZcW-S7xvpqsReCrRBFrHyaf6SPu_KoL3lTZV9mce9IX0tLYW8sdnUtG8JTwcQ-joe4jfvOgWzBM-H1rA3IJRu8PeIaMj9-3z2gVJgr6SKZlWqU-F5wb5SUx5n8yclzXUJQGx3Gr2hv5QavM7zThPVcYDdzCcEotelAk9qPTK2zbzRs_WNVnb8nSuVhoEOeLf_VoGXM1464ozy_jj5wRrVXW8EpaOfAFGJv9zxES8mAqk1vPDHCZx3K1E5k-QhNjt4CNa0ef51sIt7iY5iySHKe0er3JPgsz8yQfINA5iinFvoZkaC9yXFNmFFwilzPd4SIutM8UhnG-f7UrS3EaPVtI2qgm1H1pUO6MlK36t5sW3UrnDrXKc4KZ8_Znfjle4E2fx56RjKb657NymfF1Z_Vn0aw8dww_FbIMhshAiusRIJRFjRPeHYhAjJnFEdNgbHezYeuAFUtFVBk0ZNF_h7EHwY1h9i8TC-k7NzQNrWfd-JxaBUOjuHrNJIX_qd4mHOWg_qAvOoomrkPIXDmPzz2kyn9WllgVciIiSMB4BvOCmh5GBxeiAQ7cyHvd1nyUSZFH77Jj-5Fh-jSaAlBeIHan40nTM0yw-Ut6Wi8UsNYhruRiZUuaoPAKOweYNfEWPu5HeiCUE7fwyg57g0SpRlsHiEyS2dn0fjoeUHF4KEfeXo8CLHSU4vh4xPhPeuAQuq32fTXQIMPkO-7TLrCuwl-WGR8-e5Q5N6Z49I14IWahB4SQoOftFUI2NRpV2U9XuhHnoNa7VbLSeiYgsganf-3KELJdWd3AZLdCbf4loMKzHYoCugoN9qqjHOzDJS_tKwXg2aOz5mTdB409KWONKJeD-17tf3RN2tkFrQ-joGwkSPfaI6BjxEDE1w1YerVNog9th7RzjcXUXTA8ufvYGcTi0AoZ4g4Y5z_lG8AX5scZGtjw-cvIEbUMAD9KUB39tavn3LrNFdlF4d9IcK09pu9z4PO1KWZlCdjutRpD6O_xB8QfFVKjCpnb_sI5iffRf4PKwt9PdCQA_Z7MX0b_g9tn98A3i1m_CCIxTIRwh9z_XBDBHeUcRy0GFeM2pD5HHAIy2og2HUaQB57sCQhC-UNqBEBL_u0dZlUY74jBLwAVbKs4G4h3LH8ahmM_Nih9A96OK9LvbHLQMNXMEl9fBBbYXJgBhM6hRMWsY80ivCx7o-A-m3NzupZghxO1Wt0ClHI12qpXMBO3wzb5mt6zd-LE55t_pS_ZKqkPl5JzCphoviipM4hvQH4kZ0_LGh5bCcccupIuKOALvEgrRmLhdC9MIP7hYjorB9ZiSKBAU-8bYisRxCeQtlBssoSOQdlXTCabzBvX0YSsUKQLG5fe1S9lf_j8DxXm4Fy2eGnRlejmoZeVwdjDPJeD6FGMsA1GX-oMkByRhG3rIDuuqbdpSsIibW0IS0h9FspF99kizkDckg2iR7GJgIzoIr7kP4bzAz_27iV07DWKLEMICcQwZPm-lOiVlK3CgbhSnou0SkV2uZuWWz1Q_wWkxCVsawPOmUpORAcUey2_EUO56rm6IxU5xNs12IlR-dFivekIUrTUJLMnagKoLCBC6nRfB33CC4L5HFb8zdiQ5Or7fwh5JPXF4kUZTXyStixFypG4Uyok8FrkN3lG9UlxbJTb73bdTxlCwU_eitaWRmonza3_8SRa-VthLZejPTy631FRvgG-TH_7-YtlkZ0PEt_lQZS3VJ56WmIZwg9Ddz&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnatalie.mu&ds=l&xdt=1&iif=1&cor=7787917231862537000&adk=2598027411&idt=82&cac=0&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame B4DD 		155 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Dec 2023 21:19:14 GMT
via
1.1 53befccebe9d6058aad8082298af366e.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
42961
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
6-4I9xznkQoKPGIbUHkDAlpya0r2kA576m52hHceOx2gBWV7zn7xZA==
data
bcp.crwdcntrl.net/6/ Frame B4DD 		259 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fb33baf9069ba7ee938ce89a85de3a6488bb11f2400d989fc1e28d75f6f34601

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.42.4.91
access-control-allow-credentials
true
content-length
259
expires
0
9.gif
id5-sync.com/c/747/123/0/
Redirect Chain
  • https://id5-sync.com/i/747/8.gif?id5id=ID5*SzJz-AD3OuZjBKwaKaiuZbOH50p-8Hyq-pBCGU-K_4J0fqOd96cnjxngBI71nBy9dICwhNkIyIx8HlM6-Lc8gQ&o=api&gdpr_consent=undefined&gdpr=false
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/747/108/7/2.gif?puid=a6b4b97d-1126-4b61-a008-7d9bbf01a817&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/747/441/6/3.gif?puid=a_5e0b83fb-cf24-47f0-b533-3837161e5476&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/747/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/747/2/5/4.gif?puid=4516927009669048412&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=d4b4056c-9cff-4981-a11a-66e4858998e2&ttl=%%TTL%%
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=286186f0d3361ee2&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/822.gif?puid=AAAMUcUhaRKY9gNXPKHCAAAAAAA&expiration=1702458916&is_secure=true&gdpr_consent=&gdpr=0
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/747/19/2/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/747/19/2/7.gif?puid=dd93b491a021a2eeb22b626d71ceeb73&gdpr=0&gdpr_consent=
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F821%2F1%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/747/821/1/8.gif?puid=dbf1cadb-5edc-4318-a629-a28e8c45b808&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F747%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/747/123/0/9.gif?puid=18c5d4f27b7-1c170000010e42e7&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/747/123/0/9.gif?puid=18c5d4f27b7-1c170000010e42e7&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 12 Dec 2023 09:15:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/747/123/0/9.gif?puid=18c5d4f27b7-1c170000010e42e7&gdpr=0&gdpr_consent=
Date
Tue, 12 Dec 2023 09:15:17 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=29&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784&delta=2645
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=27&pc=2582374728366616&lid=id5-sync.com&eids=31077978%2C31079828%2C31079784
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 6D35 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-117.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
34769
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 11 Dec 2023 23:35:47 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 12edfea623a876eaab6b5e8c6eab26b2.cloudfront.net (CloudFront)
x-amz-cf-id
tCMktFoWfc4weer_Qx-pt5pFrXz5lUTMiEM3-rd1nBfqm8oroduaxw==
x-amz-cf-pop
NRT20-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame E365 		964 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
aa8683ee5396b1708847b8b1d75229976822afa279c40de023f5dd934b108d5a

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
964
content-type
text/html
date
Tue, 12 Dec 2023 09:15:15 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.12.95
pixel
cm.g.doubleclick.net/ Frame E365 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZGQ5M2I0OTFhMDIxYTJlZWIyMmI2MjZkNzFjZWViNzM&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E365
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-aTxQgapE2pwZHc6iykXBESTsQPzeFfacvGg-~A&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-aTxQgapE2pwZHc6iykXBESTsQPzeFfacvGg-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.23.210
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-aTxQgapE2pwZHc6iykXBESTsQPzeFfacvGg-~A&gdpr=0
date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
5907
tags.bluekai.com/site/ Frame E365 		62 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=33eff0d9bb72352bf071099b999a8031
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.17.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-17-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 12 Dec 2023 09:15:15 GMT
content-length
62
content-type
image/gif
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame E365 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2967119334666753022/ Frame E365
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/dd93b491a021a2eeb22b626d71ceeb73/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2967119334666753022/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2967119334666753022/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.1.3
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2967119334666753022/gdpr=0
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=482466288
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/ Frame E365
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=482466288
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=482466288
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=482466288
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C41%2C12%2C33%2C3%2C2&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.28.211
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
ec342ae3-57f0-4fe6-a909-a50c8eb4c723
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4516927009669048412/gdpr=0/rand=482466288
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3656
  • https://u.4dex.io/setuid?bidder=freewheel&uid=cb6067db9fc87a7d5083523878a8d
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=freewheel&uid=cb6067db9fc87a7d5083523878a8d
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:15 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=freewheel&uid=cb6067db9fc87a7d5083523878a8d
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702372515866097-78
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=4516927009669048412
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=4516927009669048412
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
e011e748-9bca-4c9d-872c-09df03c5acc3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u.4dex.io/setuid?bidder=appnexus&uid=4516927009669048412
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
eb2.3lift.com/ Frame F379 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
97ce2163d16034b914986061d0d9d78c3d8ac6c83a589aefa1f90bc0f9f6889b

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1431
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:15 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
SPug
simage4.pubmatic.com/AdServer/ Frame F5AC 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:32:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E5E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWDgSooxhZjPyNIy3M_9b_WCxyF2Vh8G1qUvZcuRASlEroRwSMMwSZQRQ4IP6P9ZVNkNYJJwV2pSqTmS9bPi6TQg6sMSm-ZDRlFSkLpg_qUEXzSIP50bWhJBF33-h7a4l6aJN0x6ym0Ns&sai=AMfl-YQgAS5hbyjHXG9vx7rWvqwqeu1wFKTmnBOF6NFAKQ0UYr-Gr4dOdyTnOoi2IFzNHobY9ua4ROXXR1dhMJQCcFsYRo83GogYDYyFRSh1fdlUwWP11rO1cfYk_F0&sig=Cg0ArKJSzDJmZ6ZYezryEAE&cid=CAQSOwAvHhf_TsQQIUggUDSVDRR_W0eueZg8j_4pXP0EPHn552uzcix_2sMzOaCKuKCgDlN-XVam4-eKbe7LGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3401233556&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702372513845&rpt=940&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnatalie.mu%2F&domain=natalie.mu&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://natalie.mu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://natalie.mu
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Dec 2023 09:15:15 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
275327
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnatalie.mu%2F&domain=natalie.mu&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=OfTvyXxvQXlQdXVnUGJkeHE1bkFoS0s5ODFEdWw2OFkwZnA2emQzYlk3emVWVmZkRXE5OWFLUW9rT1I0ZStoQlZHMUZtN3MydjhrYkUvRzhKRmhQS3EvSnJtQlZ2VDhKR2dERk1RMllkZXJNdUZ1cWdqWU9nNHFWZnMrRj...
424 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OfTvyXxvQXlQdXVnUGJkeHE1bkFoS0s5ODFEdWw2OFkwZnA2emQzYlk3emVWVmZkRXE5OWFLUW9rT1I0ZStoQlZHMUZtN3MydjhrYkUvRzhKRmhQS3EvSnJtQlZ2VDhKR2dERk1RMllkZXJNdUZ1cWdqWU9nNHFWZnMrRjk3V3lXZlN4M2hnYm9sMEhYbmdqdFJnbTI4eGV5UW84ZmNPQ29rTFpDZHkyUm1IcmVySGZ3MHJNL29MbC9DSWtYMXAvdFRDaDlYdTNuRVdCVDJEQjJzbXAvVGZFdC96b1NlK244eE41TnFLc08vc3A4V2tzaWRCSlYrazZjQWlER2d3b3lCU2YxZ0xzMnhYakM5WEJWOGdoeCsyWXVqUT09fA&cppv=2
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f4db6dd6208be3dcb20d2ddbb890cd1d21a0e18550621e21785eb90f3a382cf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1269615
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://natalie.mu
location
https://mug.criteo.com/sid?cpp=OfTvyXxvQXlQdXVnUGJkeHE1bkFoS0s5ODFEdWw2OFkwZnA2emQzYlk3emVWVmZkRXE5OWFLUW9rT1I0ZStoQlZHMUZtN3MydjhrYkUvRzhKRmhQS3EvSnJtQlZ2VDhKR2dERk1RMllkZXJNdUZ1cWdqWU9nNHFWZnMrRjk3V3lXZlN4M2hnYm9sMEhYbmdqdFJnbTI4eGV5UW84ZmNPQ29rTFpDZHkyUm1IcmVySGZ3MHJNL29MbC9DSWtYMXAvdFRDaDlYdTNuRVdCVDJEQjJzbXAvVGZFdC96b1NlK244eE41TnFLc08vc3A4V2tzaWRCSlYrazZjQWlER2d3b3lCU2YxZ0xzMnhYakM5WEJWOGdoeCsyWXVqUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
311604
content-length
0
expires
0
pid
sync6.im-apps.net/1008852/ 		70 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/1008852/pid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:6ede:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
39cf9db0529ac86c087d148330d7f4ae2e08655a7df99c9e2331a07fc3da91cc

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 google
content-type
application/json
access-control-allow-origin
https://natalie.mu
cache-control
private, max-age=1800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
prebid
id5-sync.com/api/config/ 		135 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
802dcdd50c71f2f2fc1f72b0af6fb13be6f999fc72ce1abe1707dc7a0ec4032c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
actualizar
penta.a.one.impact-ad.jp/psm/1.0/ Frame F5EE
Redirect Chain
  • https://y.one.impact-ad.jp/push_sync
  • https://x.bidswitch.net/sync?ssp=yieldone&bsw=2e04749e-02d1-4858-b05e-38700c1eb143
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=yieldone
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=ZXgkoMCo5sIAAFGloKkAAAAA&expires=30&ssp=yieldone
  • https://y.one.impact-ad.jp/cs?d=105&uid=deb4a55c-e31c-48b8-9a77-a26b028432e9&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
42 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.248.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.248.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
content-length
42
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:15:15 GMT
Location
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Server
nginx
usync.html
eus.rubiconproject.com/ Frame B6BC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 09:15:15 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 99C3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
2207
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 12 Dec 2023 09:15:15 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
405, 24173
X-Served-By
cache-lga13626-LGA, cache-nrt-rjtf7700064-NRT
X-Timer
S1702372516.825640,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 52A8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
1009
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8344dca00e4e1ea7-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:15 GMT
expires
Tue, 12 Dec 2023 13:15:15 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
beacon
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13442524
  • https://ce.lijit.com/beacon?informer=13442524
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13442524
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c90c573886a47560b9dd06d6c0cfad152ecf1e7790a6f84fd76dc64ce0964814

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1131
Content-Type
text/html
Date
Tue, 12 Dec 2023 09:15:16 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3sfo1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13442524
checksync.php
contextual.media.net/ Frame 5283 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad51a10441f8064543712718730d11101a849e481cfc7807cd5b3ab2c68c03ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11785
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Thu, 14 Dec 2023 09:15:16 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
api.relaido.jp/tr/v1/prebid/ Frame F1C1 		566 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.149.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.149.102.34.bc.googleusercontent.com
Software
/
Resource Hash
4aff2dbc290ef946ca944eab2175274b3a803b16be762da0a29e9861ea0280da

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-length
410
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:15 GMT
vary
Accept-Encoding,User-Agent
via
1.1 google
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame C292
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
2 KB
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
cd54b1f844f2b5e636482c0ea239a277873e77e7424f1cc9544cf16161e92282

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:02 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 09:15:02 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
sync
eb2.3lift.com/ Frame 477F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
5f93c9a29577679c81093b0231938d9447bb19eab9ddd87b70982a27ebad0294

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:15 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6041 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48653
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:15 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
natasha-d.openx.net/w/1.0/ Frame 844D 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://natasha-d.openx.net/w/1.0/pd
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 12 Dec 2023 09:15:15 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
8e2a7264-1f78-4bb8-8e3a-40c2699ac6a9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4516927009669048412&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=6265997732731674459&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2967119334666753022&gdpr=0&gdpr_consent=
43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2967119334666753022&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=2967119334666753022&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dcm
aax-eu.amazon-adsystem.com/s/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8160195145739520768&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8160195145739520768&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q26A11H65TVCX7FZN5H8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=8160195145739520768&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
31
cr-p31.ladsp.com/cookiesender/ 		43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr-p31.ladsp.com/cookiesender/31
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-64.nrt57.r.cloudfront.net
Software
Logicad /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 4ca8d239c2b4b1a578fa3c7797e67c10.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control
no-cache
content-length
43
x-amz-cf-id
16clAkbX8KyVEhaYxvQv-RQ8BrL0kl6rhHHBQBDYShT_1cpTzBtrKQ==
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=846ce890-6c16-4f21-ae94-73d64e00542d&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=846ce890-6c16-4f21-ae94-73d64e00542d&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Server
nginx
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=846ce890-6c16-4f21-ae94-73d64e00542d&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OfTvyXxvQXlQdXVnUGJkeHE1bkFoS0s5ODFEdWw2OFkwZnA2emQzYlk3emVWVmZkRXE5OWFLUW9rT1I0ZStoQlZHMUZtN3MydjhrYkUvRzhKRmhQS3EvSnJtQlZ2VDhKR2dERk1RMllkZXJNdUZ1cWdqWU9nNHFWZnMrRjk3V3lXZlN4M2hnYm9sMEhYbmdqdFJnbTI4eGV5UW84ZmNPQ29rTFpDZHkyUm1IcmVySGZ3MHJNL29MbC9DSWtYMXAvdFRDaDlYdTNuRVdCVDJEQjJzbXAvVGZFdC96b1NlK244eE41TnFLc08vc3A4V2tzaWRCSlYrazZjQWlER2d3b3lCU2YxZ0xzMnhYakM5WEJWOGdoeCsyWXVqUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 12 Dec 2023 09:15:15 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
223259
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
xuid
eb2.3lift.com/ Frame F379
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame F379
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F379
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F379
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame F379 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3525346139899595283261&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 341E3379714F44DFA2BA0D3A1371637F Ref B: TYAEDGE0819 Ref C: 2023-12-12T09:15:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMTH0dLTddf8wSGGhKbA==
xuid
eb2.3lift.com/ Frame F379
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3525346139899595283261?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame F379
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3525346139899595283261&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 12 Dec 2023 09:15:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame F379
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
652225
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F379
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
42e216f4-5df3-4820-aee4-f746d7beffe3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame F379 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3525346139899595283261
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
3c974628-6295-445d-b560-a56203afc13a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/ Frame F379 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=3525346139899595283261
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame B6BC 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07fa4c276943b5d87faf65f53aad6b1b93e9c8caebde9514e0a92451f49417ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 18:30:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33287
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 18:30:02 GMT
sync.js
sync.relaido.jp/ Frame F1C1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.relaido.jp/sync.js?pid=2_4_8_11_7&uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.45.97 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-192-45-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3bbf90cc0bb83c5d8407e588a3fc8fb2fe93fe23715d1977da92771bc23cb02b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Sep 2022 03:00:12 GMT
ETag
"1f41fc55af0fcce096129efbbca2bfc4"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13819
Expires
Thu, 11 Jan 2024 09:15:16 GMT
uuid
api.relaido.jp/tr/v1/ Frame F1C1 		48 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.relaido.jp/tr/v1/uuid
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.149.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.149.102.34.bc.googleusercontent.com
Software
/
Resource Hash
6f426cfa915f36a202d5ef1ba0163d13e7732c4f3606bc2c008f7dc7a34bd30c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:15 GMT
content-encoding
gzip
via
1.1 google
etag
"b7936f5d-72d5-4619-95e4-6e9e26c7dc43"
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72
xuid
eb2.3lift.com/ Frame 477F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=d4b4056c-9cff-4981-a11a-66e4858998e2&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 477F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 477F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJutHcLsgdYx1D3FO4HSTFg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 477F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUyNTM0NjEzOTg5OTU5NTI4MzI2MQ%3D%3D
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 477F 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3525346139899595283261&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7749FFEB05194F8780966CEA9F3AE50B Ref B: TYAEDGE0819 Ref C: 2023-12-12T09:15:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMTH0dlOgqcqB4PG+LRA==
xuid
eb2.3lift.com/ Frame 477F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3525346139899595283261?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.MaRb4ZE2oSkcNPlV1pHzfenELw7Ha15KJzyVLD9Sw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 477F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3525346139899595283261&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 12 Dec 2023 09:15:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 477F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
759074
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 477F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
0c58c029-448a-4a1a-bd24-8e3729e48981
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4516927009669048412&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 477F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3525346139899595283261
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
a4ca7c8b-b675-429b-a07b-8c702d9afb42
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 99C3 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
an-x-request-uuid
9fac92db-39cd-48f8-aa41-60f9f752456f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E5E 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7646450099079&version=m202309260101&ct=76&x=1&cor=7787917231862537000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6041 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12380408&p=161818&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3ecdca80c09f6348bcc1c1199630dd33cdad2e8ae24ae213521d57a87c5fb85e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 09:15:15 GMT
content-length
1787
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 6488
Redirect Chain
  • https://ds.uncn.jp/pm/0/sync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_95095d4b-e57a-4f3b-897b-ac78678f6a15
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_95095d4b-e57a-4f3b-897b-ac78678f6a15
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 05:53:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
170
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 09:15:15 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_95095d4b-e57a-4f3b-897b-ac78678f6a15
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 1796
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4516927009669048412&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4516927009669048412&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9eb5a0b8-ef2c-4dc4-a263-249903f13dc1
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4516927009669048412&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame FEBC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iz43g48_YYqQbzWK2Got34oyMtmQMzTfjzww5Nkd
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iz43g48_YYqQbzWK2Got34oyMtmQMzTfjzww5Nkd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iz43g48_YYqQbzWK2Got34oyMtmQMzTfjzww5Nkd
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame EBA7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:27:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:15:15 GMT
expires
Tue, 12 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
889358
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 3B2B 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 12 Dec 2023 09:15:16 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-nrt-rjtf7700057-NRT
x-timer
S1702372516.976843,VS0,VE162
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame B78B 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:16 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6041
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:54 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 09:15:15 GMT
server
Kestrel
content-length
355
C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6041 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C809A359-4FC2-4C31-B2C6-BC8B9FCB2453?gdpr=0&gdpr_consent=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a01:db97:beed:e1eb:844d Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 6041
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k_lz2QNE2uXAN9Vgkn2bWSwbt_LJZjE-~A&gdpr=0
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k_lz2QNE2uXAN9Vgkn2bWSwbt_LJZjE-~A&gdpr=0
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k_lz2QNE2uXAN9Vgkn2bWSwbt_LJZjE-~A&gdpr=0
date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 6041
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6265997732731674459
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6265997732731674459
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:28 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6265997732731674459
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tracking.min.js
img.ak.impact-ad.jp/ut/a1/ Frame F1C1 		175 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.ak.impact-ad.jp/ut/a1/tracking.min.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.19 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49daf7bddb14b814b7423b31c4ff574e2c73fc909fe098a18acf44c42069e5b5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
content-encoding
br
via
1.1 varnish
age
51952
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
41116
x-served-by
cache-nrt-rjtf7700072-NRT
last-modified
Mon, 14 Aug 2023 04:08:01 GMT
server
AmazonS3
x-timer
S1702372516.054499,VS0,VE0
etag
"16c2bb6deecc622dab084598d0635d47"
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache
accept-ranges
bytes
x-cache-hits
883684
get
sync.im-apps.net/imid/ Frame F1C1 		58 B
190 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.im-apps.net/imid/get?token=t3cfQ1rNTL_GM09UZqwoBg&callback=__rld_callback_track_fn
Requested by
Host: sync.relaido.jp
URL: https://sync.relaido.jp/sync.js?pid=2_4_8_11_7&uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
235.101.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a1d2e27d0e548e0b205eb1b32fb2f07f834ea5833f2bafe014fb4e0a066b2bf2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript
im-uid.js
dmp.im-apps.net/sdk/ Frame F1C1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: sync.relaido.jp
URL: https://sync.relaido.jp/sync.js?pid=2_4_8_11_7&uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:16::6007:2786 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a4ff1a40b43ba34c62af7cf45052ceb1c13245f71b78d2f95e608cdf40f0cdb9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
L0stj9fu2baJtFSqDN5xi.x1sC_BpRf6
content-encoding
gzip
date
Tue, 12 Dec 2023 09:15:16 GMT
last-modified
Tue, 28 Nov 2023 07:46:54 GMT
etag
"e6a2a84ae62614db599e7097dbb3813f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2438
expires
Tue, 12 Dec 2023 12:15:16 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ Frame F1C1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:12:08 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99969
accept-ranges
bytes
content-length
2416
expires
Wed, 13 Dec 2023 13:01:25 GMT
log.gif
tracker.v2.relaido.jp/syncuuidlog/ Frame F1C1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=uliza&dsp_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=uliza&bsw_param=deb4a55c-e31c-48b8-9a77-a26b028432e9&google_hm=ZGViNGE1NWMtZTMxYy00OGI4LTlhNzctYTI2YjAyODQzMmU5
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFDUNiH09M_REhmhan5aAlQ&google_cver=1&ssp=uliza&bsw_param=deb4a55c-e31c-48b8-9a77-a26b028432e9
  • https://api.relaido.jp/tr/v1/sync/bsw?dsp_uuid=deb4a55c-e31c-48b8-9a77-a26b028432e9
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=4&dsp_uuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&cb=170...
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=4&dsp_uuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&cb=1702372516
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
H2
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 05:02:13 GMT
server
nginx
etag
"655ae855-0"
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Tue, 12 Dec 2023 09:15:16 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding,User-Agent
content-type
image/gif
access-control-allow-origin
*
location
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=4&dsp_uuid=deb4a55c-e31c-48b8-9a77-a26b028432e9&cb=1702372516
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
push_sync
y.one.impact-ad.jp/ Frame F1C1 		43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/push_sync
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1702372516001&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=EA1DE816A79C4D878295157B03978D9B
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=EA1DE816A79C4D878295157B03978D9B
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=EA1DE816A79C4D878295157B03978D9B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 09:15:16 GMT
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 09:15:16 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=LCFDTiggFUc3cEFHf3VZEi0tRhQ3LEASKCO2kqWn
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=LCFDTiggFUc3cEFHf3VZEi0tRhQ3LEASKCO2kqWn
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=LCFDTiggFUc3cEFHf3VZEi0tRhQ3LEASKCO2kqWn
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=4516927009669048412&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=4516927009669048412&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
an-x-request-uuid
ee533352-a069-48a0-9425-50fb10798813
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=4516927009669048412&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=AAIJfk7K8EkAABSLrjEArA&pid=85&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=AAIJfk7K8EkAABSLrjEArA&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AAIJfk7K8EkAABSLrjEArA&pid=85&gdpr=0
Date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame CFCE
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SHp0TERCWkhRejBLMkF6dVFqcWFodHkt&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
H2
Server
2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:39:31 GMT
x-content-type-options
nosniff
age
5745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 07:39:31 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CFCE
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHp0TERCWkhRejBLMkF6dVFqcWFodHkt&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHp0TERCWkhRejBLMkF6dVFqcWFodHkt&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
H3
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 12 Dec 2023 09:15:16 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHp0TERCWkhRejBLMkF6dVFqcWFodHkt&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=HztLDBZHQz0K2AzuQjqahty-&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=863785065819
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=863785065819
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=66&3pid=863785065819
content-length
0
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=0jy9Wht71a08&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=0jy9Wht71a08&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
jp-JP
location
https://ce.lijit.com/merge?pid=49&3pid=0jy9Wht71a08&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6fb8fdd894-5hz5p
expires
-1
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=657824A2AA76662B39D3A7BBBLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=657824A2AA76662B39D3A7BBBLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=657824A2AA76662B39D3A7BBBLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=657824A2AA76662B39D3A7BBBLIS&gdpr=0&gdpr_consent=
Content-length
0
qg9md9mk
rtb.gumgum.com/getuid/ Frame CFCE
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
H2
Server
13.112.217.108 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-217-108.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:17 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Server
nginx
Location
https://rtb.gumgum.com/getuid/qg9md9mk?r=https%3A%2F%2Fcs.krushmedia.com%2F0e846840cc402aa296df0cc86df135d3.gif%3Fpuid%3D%5BUID%5D&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ24N1B4-1M-L763&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
Expires
0
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU346eec17d8e847ccafb8af1e8ebaad0a&gdpr=0&gdpr_consent=&pid=103
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU346eec17d8e847ccafb8af1e8ebaad0a&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:17 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU346eec17d8e847ccafb8af1e8ebaad0a&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LQ24N1B4-1M-L763&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LQ24N1B4-1M-L763&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LQ24N1B4-1M-L763&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5c7d31e505103f093db6d1ed70deaa2
Expires
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame CFCE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=deb4a55c-e31c-48b8-9a77-a26b028432e9
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=deb4a55c-e31c-48b8-9a77-a26b028432e9
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8729bdbc-3865-4ff7-bb29-c7a51347fd94&user_group=1&ssp=fmx&bsw_param=deb4a55c-e31c-48b8-9a77-a26b028432e9
  • https://ce.lijit.com/merge?pid=26&3pid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 12 Dec 2023 09:15:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CFCE 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=sovrn&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT, Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.80%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=1711699259
  • https://sync.1rx.io/usersync3/appnexus/2069.80/4516927009669048412?zcc=0&sspret=1&rndcb=1711699259
  • https://sync.targeting.unrulymedia.com/csync/RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
  • https://ce.lijit.com/merge?pid=97&3pid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
date
Tue, 12 Dec 2023 09:15:16 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf6e80dd66e044aa18622d13d77f432d3004
content-type
text/html
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=6437d8c5-14bd-44aa-ab6d-d4f1662ac0d2
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=6437d8c5-14bd-44aa-ab6d-d4f1662ac0d2
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:18 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=6437d8c5-14bd-44aa-ab6d-d4f1662ac0d2
Date
Tue, 12 Dec 2023 09:15:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame CFCE
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=HztLDBZHQz0K2AzuQjqahty-&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:357fa7cead1bff79439d1d0134b2770e
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:357fa7cead1bff79439d1d0134b2770e
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 12 Dec 2023 09:15:16 GMT
server
Aorta/20231206.506ee7332
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:357fa7cead1bff79439d1d0134b2770e
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-west-1
x-aorta-host
28dcf78b7f1f
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 2FC0 		641 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a16c157e5c302fd401aaa628e4dc152616b6da8a23e66a448ac331b12b0def85

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
379
content-type
text/html
date
Tue, 12 Dec 2023 09:15:16 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E64F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48652
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 099E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13442524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48652
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
gum.criteo.com/ Frame 5283 		88 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
13e225b98630b9ea6c23c7cdac4e8e07b31aa3a69460176bad8c6ffcc340f7f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
726533
expires
60
usync.html
eus.rubiconproject.com/ Frame 2654
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 09:15:16 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 09:15:16 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 8694
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Drkt%26refUrl%3D%26vid%3D237251616434537411312672020...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3453741131267202000V10&type=rkt&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=2020216292188257118
227 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3453741131267202000V10&type=rkt&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=2020216292188257118
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
227
content-type
text/html;charset=UTF-8
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Tue, 12 Dec 2023 09:15:16 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 12 Dec 2023 09:15:16 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3453741131267202000V10&type=rkt&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=2020216292188257118
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B4F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Dpba%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48652
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 5283
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=son&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=son&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=712386f5-74ea-42e4-b391-8fd67d37ec37
53 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=son&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=712386f5-74ea-42e4-b391-8fd67d37ec37
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:16 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-77
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=son&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=712386f5-74ea-42e4-b391-8fd67d37ec37
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5283 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Dopx%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3D
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
4516927009669048412
sync.1rx.io/usersync3/appnexus/2057.4/ Frame 5283
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Dr1%26refUrl%3D%26vid%3D23725161643453741131...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2057.4%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=43935408
  • https://sync.1rx.io/usersync3/appnexus/2057.4/4516927009669048412?zcc=0&sspret=1&rndcb=43935408
43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/appnexus/2057.4/4516927009669048412?zcc=0&sspret=1&rndcb=43935408
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
an-x-request-uuid
b9900a13-6a5b-46a7-9042-5c967181ef0a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.1rx.io/usersync3/appnexus/2057.4/4516927009669048412?zcc=0&sspret=1&rndcb=43935408
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync
cs.media.net/ Frame 5283
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ1Mzc0MTEzMTI2NzIwMjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEv051ZkZFk9OsSfKr94dgw&google_cver=1
53 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEv051ZkZFk9OsSfKr94dgw&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.219.68.21 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-68-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 09:15:16 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEv051ZkZFk9OsSfKr94dgw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 5283
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23725161643453741131267...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23725161643453741...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=dxu&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=3jJMqARC1RcYRe5
53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=dxu&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=3jJMqARC1RcYRe5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:17 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:17 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0ad8138d56a9ec354@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=dxu&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=3jJMqARC1RcYRe5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 5283
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=&us_privacy=
53 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:16 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=92cf34d5-393c-4dd6-ad7e-8e530fc660d1&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
908949
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 5283
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=medianet
  • https://x.bidswitch.net/sync?dsp_id=151&user_id=897b0308-2811-4258-afd7-61ff7b617d44&expires=30&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=
53 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:16 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=deb4a55c-e31c-48b8-9a77-a26b028432e9&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 12 Dec 2023 09:15:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 5283
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=ZtkuDwr7_u5OKJBvO_Iw
53 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=ZtkuDwr7_u5OKJBvO_Iw
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:16 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=ZtkuDwr7_u5OKJBvO_Iw
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 5283
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3453741131267202000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3453741131267202000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=d54a22ef-c1be-4dae-b378-0542b482a31c&cs=1
53 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=d54a22ef-c1be-4dae-b378-0542b482a31c&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:18 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=d54a22ef-c1be-4dae-b378-0542b482a31c&cs=1
Date
Tue, 12 Dec 2023 09:15:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame 5283
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=d4b4056c-9cff-4981-a11a-66e4858998e2
53 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=d4b4056c-9cff-4981-a11a-66e4858998e2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.219.68.21 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-68-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 09:15:16 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=d4b4056c-9cff-4981-a11a-66e4858998e2
date
Tue, 12 Dec 2023 09:15:16 GMT
server
Kestrel
content-length
199
merge
ce.lijit.com/ Frame 2FC0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=0682caf6-1da4-4d5b-b29c-4047a9508a19&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2FC0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 2FC0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=6a6c1436-f710-7756-f520-f6e1d1e1b54b&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=6a6c1436-f710-7756-f520-f6e1d1e1b54b&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=6a6c1436-f710-7756-f520-f6e1d1e1b54b&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=d4b4056c-9cff-4981-a11a-66e4858998e2&ttd_puid=6a6c1436-f710-7756-f520-f6e1d1e1b54b&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 09:15:16 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 2FC0
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgkoMCo5sIAAFGloKkAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgkoMCo5sIAAFGloKkAAAAA
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 12 Dec 2023 09:15:16 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.160","key":"ZXgkoMCo5sIAAFGloKkAAAAA","privacy_sensitive":false,"uid":"ZXgkoMCo5sIAAFGloKkAAAAA","upstream_id":"a-ad40147"}
X-SO-Key
ZXgkoMCo5sIAAFGloKkAAAAA
X-SO-Upstream-ID
a-ad40147
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40147.dc2p.scaleout.jp
X-SO-UID
ZXgkoMCo5sIAAFGloKkAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
146.70.201.160
X-SO-Cluster-ID
0
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXgkoMCo5sIAAFGloKkAAAAA
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 2FC0
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5haoZ3IfCpks8AED41tMcJps8AAAGMXU8hsg
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5haoZ3IfCpks8AED41tMcJps8AAAGMXU8hsg
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 4ca8d239c2b4b1a578fa3c7797e67c10.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQ5haoZ3IfCpks8AED41tMcJps8AAAGMXU8hsg
cache-control
no-cache
content-length
0
x-amz-cf-id
EPljUhG1e1j35ot2AYA8NnUQzSluy93VumFjAXbaQGacTOpXpiIgPg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2FC0 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDYwM2M3ZmMtM2U2Ny0yOWYyLWUwYzAtYWM1ODFiMDM3YjJi
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2FC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELWxRXz71_uX0MqdY2N2hvs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELWxRXz71_uX0MqdY2N2hvs&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELWxRXz71_uX0MqdY2N2hvs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
audiencedata.im-apps.net/imuid/ Frame F1C1 		34 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=1000313&vid=01HHEMY8C2H4MMBSH9MDPY6KAK
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
72faaf41c178e3849db8e45aec8c03b68451c6581dd85b6e2323a69636cda4e8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://api.relaido.jp
date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
content-type
application/json
log.gif
tracker.v2.relaido.jp/dmpsynclog/ Frame F1C1 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.v2.relaido.jp/dmpsynclog/log.gif?distributorid=&event=69&event_name=sync&uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dmp_id=8&dmp_uuid=A7GsRgL4QRWfMGGJ4f7EYw
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 05:02:13 GMT
server
nginx
etag
"655ae855-0"
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4124 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://api.relaido.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48652
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Tue, 12 Dec 2023 22:46:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 2654 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07fa4c276943b5d87faf65f53aad6b1b93e9c8caebde9514e0a92451f49417ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 18:30:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33286
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 18:30:02 GMT
log.gif
tracker.v2.relaido.jp/dmpsynclog/ Frame F1C1 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.v2.relaido.jp/dmpsynclog/log.gif?distributorid=&event=69&event_name=sync&uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dmp_id=8&dmp_uuid=i.A7GsRgL4QRWfMGGJ4f7EYw&seg_id=imuid
Requested by
Host: api.relaido.jp
URL: https://api.relaido.jp/tr/v1/prebid/sync.html?uu=b7936f5d-72d5-4619-95e4-6e9e26c7dc43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 05:02:13 GMT
server
nginx
etag
"655ae855-0"
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
lb.eu-1-id5-sync.com/lb/ Frame F1C1 		33 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: img.ak.impact-ad.jp
URL: https://img.ak.impact-ad.jp/ut/a1/tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
14a9a8ab064c8e5206a70575f54410435c029868c65dd1a08f9a8f9fc6a255cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://api.relaido.jp/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://api.relaido.jp
date
Tue, 12 Dec 2023 09:15:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
log
c21lg-d.media.net/ Frame 5283 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=hjYBK8SzbDD-BvYh2J-5qZ_KT9Z9BIOM&cs=15&vsid=3453741131267202000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.68.21 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-68-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 09:15:16 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Dec 2023 09:15:16 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C6A3 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39605979&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5b99ab7834c232ed86e63cdd6a4adc11722b1901a656353539e1e1e14dc2dc82

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 09:15:16 GMT
content-length
1451
content-type
text/html; charset=UTF-8
pxd
dps.jp.cinarra.com/ Frame 1166 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.163.54 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-163-54.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
0
date
Tue, 12 Dec 2023 09:15:16 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9C9
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=dccdcbbd5ce84b9fa9313346f956eced
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=dccdcbbd5ce84b9fa9313346f956eced
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 12 Dec 2023 09:15:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=dccdcbbd5ce84b9fa9313346f956eced
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame AFEF 		43 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 1649 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame CA9A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 09:15:16 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pZ6b9Ui0WaVy_LuPMK6lkJJGyaA&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame DA81
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TqVyQUdcDS6trgAVpCR4ZQ
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TqVyQUdcDS6trgAVpCR4ZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:16 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TqVyQUdcDS6trgAVpCR4ZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 5E52
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1bb353766cc24a6185e703da49aa6ec3
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1bb353766cc24a6185e703da49aa6ec3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:38:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1bb353766cc24a6185e703da49aa6ec3
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 8E30
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 12 Dec 2023 09:15:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 2604
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SuIv1Q8V1RcYRe5&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SuIv1Q8V1RcYRe5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:38:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 09:15:16 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:SuIv1Q8V1RcYRe5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-019419e25e51af8eb@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 1FE3 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:16 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame C6A3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:55 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2967119334666753022&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
1270.json
id5-sync.com/g/v2/ Frame F1C1 		625 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1270.json
Requested by
Host: img.ak.impact-ad.jp
URL: https://img.ak.impact-ad.jp/ut/a1/tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
16b4c4c27c79eef96ba7df616c599778b09cd10514a712831d471561b8134a86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://api.relaido.jp/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://api.relaido.jp
date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
360e7ae63d4c89f2f3c799e83ad6400bbb444fc5e04df69358688345752cef35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame F5AC 		907 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15307176&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3129a52ee55db8dd06b9d94b5ed1805e8c92e534def029a87e0970f1afb9043

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 09:15:16 GMT
content-length
907
content-type
text/html; charset=UTF-8
img
sync.mathtag.com/sync/ Frame 929C 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 65DE
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292188257118
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292188257118
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:27:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 12 Dec 2023 09:15:16 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292188257118
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 6A3B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EA1DE816A79C4D878295157B03978D9B&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EA1DE816A79C4D878295157B03978D9B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 09:15:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 12 Dec 2023 09:15:16 GMT
expires
Mon, 11 Dec 2023 09:15:16 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EA1DE816A79C4D878295157B03978D9B&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame F000 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDC809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6JRCH1QVZZXXE6HRTWVZ
Pug
simage2.pubmatic.com/AdServer/ Frame F5AC
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=299ef215d51621d3&is_secure=true&networkId=17100&version=1&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBFIlXbaE1AM4aJcnAAAAAAA&expiration=1702458916&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&...
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBFIlXbaE1AM4aJcnAAAAAAA&expiration=1702458916&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Server
207.65.34.80 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 04:25:29 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMBFIlXbaE1AM4aJcnAAAAAAA&expiration=1702458916&nuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
khaos.json
token.rubiconproject.com/ Frame 2654 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQ24N1B4-1M-L763
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Expires
0
/
aw.dw.impact-ad.jp/c/map/ Frame F1C1 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aw.dw.impact-ad.jp/c/map/?oid=bbea7d2597bbccd5&cid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&sp=rld&fu=bbe473cc-7a34-40bd-9cd1-675c4dfeea0f&dl=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fprebid%2Fsync.html%3Fuu%3Db7936f5d-72d5-4619-95e4-6e9e26c7dc43
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:80:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://api.relaido.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:15:16 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains;
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
747.json
id5-sync.com/g/v2/ 		625 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/747.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
120d76e6939f747dfd8f5632cddf8d86a70b72df85395fe62cb4e1624cd5659a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cksync.php
contextual.media.net/ Frame 2654
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LQ24N1B4-1M-L763
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQ24N1B4-1M-L763
53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQ24N1B4-1M-L763
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUDH8PEK&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2012%2C2055%2C172%2C3020%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C336%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 09:15:17 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 09:15:17 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQ24N1B4-1M-L763
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
187e82019178d54b7a252bfda4b0880c
Expires
0
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame C292
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=HztLDBZHQz0K2AzuQjqahty-
95 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=HztLDBZHQz0K2AzuQjqahty-
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/png
date
Tue, 12 Dec 2023 09:15:03 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=HztLDBZHQz0K2AzuQjqahty-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame C292
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=4516927009669048412&gdpr=0&gdpr_consent=
95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=4516927009669048412&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/png
date
Tue, 12 Dec 2023 09:15:03 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:17 GMT
an-x-request-uuid
91626c70-47a5-486f-bdd9-c955d183c654
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=4516927009669048412&gdpr=0&gdpr_consent=
x-proxy-origin
146.70.201.160; 146.70.201.160; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame C292
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=8160195145739520768
95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=8160195145739520768
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/png
date
Tue, 12 Dec 2023 09:15:03 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?gdpr=0&euconsent=&uid=8160195145739520768
date
Tue, 12 Dec 2023 09:15:17 GMT
content-length
0
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame C292
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&euconsent=&domain=sync.richaudience.com
95 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&euconsent=&domain=sync.richaudience.com
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2769782756&rd=1
Protocol
H2
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/png
date
Tue, 12 Dec 2023 09:15:03 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=d4b4056c-9cff-4981-a11a-66e4858998e2&gdpr=0&euconsent=&domain=sync.richaudience.com
date
Tue, 12 Dec 2023 09:15:17 GMT
server
Kestrel
content-length
333
thenovembers05_x.jpg
ogre.natalie.mu/media/pp/thenovembers05/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/thenovembers05/thenovembers05_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ccb7d8608f2ba9119b4936cdc809709625e29c84ff1b54ef97309924e511242c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Mon, 04 Dec 2023 04:00:27 GMT
Server
Akamai Image Manager
ETag
"0a181345d9f07f9ebc48ad2f31384159"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
7530
Expires
Tue, 12 Dec 2023 21:15:17 GMT
thumb.jpg
ogre.natalie.mu/media/pp/miminari/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/miminari/thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
06f3077b5c4864cb4b33f8ef8958974f2fc1462bd1cf00cfc6a70bece437eba6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Fri, 01 Dec 2023 04:50:54 GMT
Server
Akamai Image Manager
ETag
"bd8c2768d1839c94f4d5da6604d095ff"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
14841
Expires
Tue, 12 Dec 2023 21:15:17 GMT
onenonly15_thumb.jpg
ogre.natalie.mu/media/pp/onenonly15/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/onenonly15/onenonly15_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
600bb27e200c759dd102cca8a10c9b00ccc4a72dbb800a8b190575d6280aaea0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Fri, 01 Dec 2023 08:08:06 GMT
X-Serial
580
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"e96f6cdd978915c12e2ce75e24cfbb02"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
17679
Expires
Tue, 12 Dec 2023 21:15:17 GMT
bokula_x.jpg
ogre.natalie.mu/media/pp/bokula/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/bokula/bokula_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
08c7be977f5f6edafb417592bf5d1f9a53bca1aecc5fad535a11437d0de18c0f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Thu, 30 Nov 2023 06:27:54 GMT
Server
Akamai Image Manager
ETag
"56111a7d66b90ad3319cee521ee6bc5d"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
31183
Expires
Tue, 12 Dec 2023 21:15:17 GMT
ulmasoundjunction03_X.jpg
ogre.natalie.mu/media/pp/ulmasoundjunction03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/ulmasoundjunction03/ulmasoundjunction03_X.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7c1d3fddaa47713d56e932a149074f5f74ca73122420da8968f7bbdb1d3c56b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Tue, 28 Nov 2023 06:03:48 GMT
Server
Akamai Image Manager
ETag
"62c03ada44b31a81a56ba8af61cf7559"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
14022
Expires
Tue, 12 Dec 2023 21:15:17 GMT
telasa_thaidrama07_thumb.jpg
ogre.natalie.mu/media/pp/telasa_thaidrama07/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/telasa_thaidrama07/telasa_thaidrama07_thumb.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4f5a434c605845065a1c5745795b0009df7c7caf096c57622227a4a463361947

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Mon, 27 Nov 2023 01:40:28 GMT
X-Serial
1736
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"3d41a038e1134877215970088e2407bf"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
11735
Expires
Tue, 12 Dec 2023 21:15:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4A89 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44432566&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 09:15:17 GMT
content-length
47
content-type
text/html; charset=UTF-8
setuid
u.4dex.io/ Frame F7F4 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 09:15:17 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/eiga/telasa-matome/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/eiga/telasa-matome/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
90aea2f30bebdfdceb7b9994ccac1d67fae724483cdc55090f2d128a31464124

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Wed, 16 Aug 2023 02:14:59 GMT
X-Serial
258
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"7327880804931bf88ba2f3ebb34b0a57"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
3882
Expires
Tue, 12 Dec 2023 21:15:17 GMT
sengoku_sauna_x.jpg
ogre.natalie.mu/media/pp/sengoku_sauna/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/sengoku_sauna/sengoku_sauna_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8f15691717e160fc8bbb82e1fb6428bb03bfe9d65d2fe401804b8d6ac3558673

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:17 GMT
Last-Modified
Mon, 27 Nov 2023 02:02:13 GMT
X-Serial
1245
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"2fd4086cc1c9a5c1f9e8a2b8ddd8c3be"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
17459
Expires
Tue, 12 Dec 2023 21:15:17 GMT
demand
events.browsiprod.com/events/v2/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/demand?p=e500ea97-73a0-47f8-bfb9-8aa17f806995
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.21.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.98.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-98-197.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://natalie.mu
date
Tue, 12 Dec 2023 09:15:17 GMT
access-control-allow-credentials
true
setuid
u.4dex.io/ Frame 77A3 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 09:15:17 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
SPug
simage4.pubmatic.com/AdServer/ Frame 6041 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161818&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:31:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame C6A3 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:37:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame F5AC 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:25:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/natasha/natalie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://natalie.mu/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 09:15:18 GMT
content-encoding
gzip
via
1.1 google, 1.1 google
accept-encoding
gzip
server
Google Frontend
traceparent
00-6a09fbe213287a3e1c406906261fb784-f671615acead1cf6-00
vary
Origin
content-type
application/json
access-control-allow-origin
https://natalie.mu
access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
x-cloud-trace-context
6a09fbe213287a3e1c406906261fb784/17758081848340978934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
merge
ce.lijit.com/ Frame E90A 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3sfo1
merge
ce.lijit.com/ Frame C127 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3sfo1
cksync.php
contextual.media.net/ Frame A921 		53 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=pba&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Dpba%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:19 GMT
expires
Tue, 12 Dec 2023 09:15:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
log.gif
tracker.v2.relaido.jp/syncuuidlog/ Frame 24DD
Redirect Chain
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=170...
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:19 GMT
etag
"655ae855-0"
last-modified
Mon, 20 Nov 2023 05:02:13 GMT
server
nginx
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-length
23
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:19 GMT
location
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519
vary
Accept-Encoding,User-Agent
via
1.1 google
merge
ce.lijit.com/ Frame 38F2 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3sfo1
merge
ce.lijit.com/ Frame 9337 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3sfo1
cksync.php
contextual.media.net/ Frame F713 		53 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3453741131267202000V10&type=pba&refUrl=&vid=23725161643453741131267202000V10&axid_e=&ovsid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3453741131267202000V10%26type%3Dpba%26refUrl%3D%26vid%3D23725161643453741131267202000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.84.29 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-84-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
53
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:19 GMT
expires
Tue, 12 Dec 2023 09:15:19 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
log.gif
tracker.v2.relaido.jp/syncuuidlog/ Frame 5219
Redirect Chain
  • https://api.relaido.jp/tr/v1/sync/pm?dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
  • https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=170...
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=161545&s=&predirect=https%3A%2F%2Fapi.relaido.jp%2Ftr%2Fv1%2Fsync%2Fpm%3Fdsp_uuid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:19 GMT
etag
"655ae855-0"
last-modified
Mon, 20 Nov 2023 05:02:13 GMT
server
nginx
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-length
23
content-type
image/gif
date
Tue, 12 Dec 2023 09:15:19 GMT
location
https://tracker.v2.relaido.jp/syncuuidlog/log.gif?distributorid=&event=69&event_name=sync&uae_uuid=b7936f5d-72d5-4619-95e4-6e9e26c7dc43&dsp_id=7&dsp_uuid=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453&cb=1702372519
vary
Accept-Encoding,User-Agent
via
1.1 google
usersync
usersync.gumgum.com/ Frame 8A8B 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 09:15:19 GMT
Expires
0
Pragma
no-cache
equallove17_x.jpg
ogre.natalie.mu/media/pp/equallove17/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/equallove17/equallove17_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8cc1b8a14990c0301920f73c21a1646471667187a3fbb5e89c8ec5cddcb8cee5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Tue, 28 Nov 2023 02:25:00 GMT
Server
Akamai Image Manager
ETag
"cf09f94acc298072f2417947ff718108"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
22236
Expires
Tue, 12 Dec 2023 21:15:22 GMT
wod_wowow09_thumb-2.jpg
ogre.natalie.mu/media/pp/wowow_paramountplus/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/wowow_paramountplus/wod_wowow09_thumb-2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3d837f6ed7b5686a748ccbf89496fe657531fd9dbb6965b3ad4551bbc5a47260

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Mon, 27 Nov 2023 08:00:20 GMT
X-Serial
1049
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"bcf4606d7b446b95841dacefc06309c0"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
6112
Expires
Tue, 12 Dec 2023 21:15:22 GMT
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/music/wowowondemand/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/music/wowowondemand/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fc6698a8265c559b0d6ae12b4ef40f9453eadf4135db0a54fbd34037752747c4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Wed, 16 Aug 2023 01:35:24 GMT
Server
Akamai Image Manager
ETag
"1c2c6b6995edb97c6aa8fab94aa7935e"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
26675
Expires
Tue, 12 Dec 2023 21:15:22 GMT
thumb_inbox_600.jpg
ogre.natalie.mu/media/pp/static/music/westerndigital/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/static/music/westerndigital/thumb_inbox_600.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6aab65daf8ba7d34f28fe5954462f0867ef9a1ccc9219cd154bca774a8ca7aba

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Thu, 30 Nov 2023 08:43:01 GMT
X-Serial
1893
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"98144bae9c3f34c184b59d1ba0b60119"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
22748
Expires
Tue, 12 Dec 2023 21:15:22 GMT
sandisk_X_v2.jpg
ogre.natalie.mu/media/pp/sandisk/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/sandisk/sandisk_X_v2.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e2e9e49a87430b94e4fad38cdf1db21b9112793daaae8f4256266b6132a3b3e4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Wed, 22 Nov 2023 06:01:40 GMT
X-Serial
542
Server
Akamai Image Manager
X-Check-Cacheable
YES
ETag
"fdc29c5ab39574d9a26d427fbd6c4ba0"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
11996
Expires
Tue, 12 Dec 2023 21:15:22 GMT
nakajimamiyuki06_X_3.jpg
ogre.natalie.mu/media/pp/nakajimamiyuki06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/nakajimamiyuki06/nakajimamiyuki06_X_3.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3225e038fdda012e255d799c7a4115b7850cab7c835423d1c6fa1e9d719176ef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Wed, 22 Nov 2023 03:49:48 GMT
Server
Akamai Image Manager
ETag
"a60145e1fd9f80a1c7c69b222d8af73f"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
5731
Expires
Tue, 12 Dec 2023 21:15:22 GMT
tokyorose_x.jpg
ogre.natalie.mu/media/pp/tokyorose/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/tokyorose/tokyorose_x.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3e0fdcb6dd06649ae6ba0cbef5385d38a8c238ebb95bce099ef77f24b6bd56d5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Wed, 22 Nov 2023 05:42:14 GMT
Server
Akamai Image Manager
ETag
"cdcf05d27ed08b2d6da9dabfedd1975d"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
18178
Expires
Tue, 12 Dec 2023 21:15:22 GMT
lunasea05_X.jpg
ogre.natalie.mu/media/pp/lunasea05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ogre.natalie.mu/media/pp/lunasea05/lunasea05_X.jpg?imwidth=400&imdensity=1
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:1d::17d5:b8b6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d4d2a272fe18bc908e4e2d297fdb818ce64ad3fddd2fca568ad074764e425f8e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://natalie.mu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 09:15:22 GMT
Last-Modified
Mon, 27 Nov 2023 00:59:40 GMT
Server
Akamai Image Manager
ETag
"de3f42906a9070f4ec2ace1b68ac1ae6"
Content-Type
image/avif
Cache-Control
private, no-transform, max-age=43200
Connection
keep-alive
Content-Length
8072
Expires
Tue, 12 Dec 2023 21:15:22 GMT
pixel.gif
px.moatads.com/ Frame 9E5E 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=11&i=ESSENCEGOOGLE_APAC1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=0&f=1&nh=1&j=https%3A%2F%2Fnatalie.mu&lp=https%3A%2F%2Fnatalie.mu&t=1702372514587&de=593353192875&m=0&ar=cc84ca2002d-clean&iw=a231459&q=3&cb=0&ym=0&cu=1702372514587&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30831413%3A6038887%3A381652502%3A205078366&zMoatEXTID=-&zMoatENV=j&zMoatADV=4508247&zMoatVH=-&zGSRC=1&gu=https%3A%2F%2Fnatalie.mu%2F&id=0&ii=6&bo=natalie.mu&bd=natalie.mu&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=essencegoogleapac429604762687&fd=1&it=500&ti=0&ih=2&pe=0%3A878%3A878%3A1086%3A879&fs=206701&na=1166297746&cs=0
Requested by
Host: natalie.mu
URL: https://natalie.mu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 09:15:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 09:15:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| documentPictureInPicture object| dataLayer object| pbjs object| googletag object| fluxtag object| apstag object| fluxPbSlots object| fluxNonPbSlots function| __d3lUW8vwsKlB__ object| pbFlux function| prebidBidder object| ID5EspConfig object| $$PREBID_GLOBAL$$ object| _pbjsGlobals object| flux object| _bidsurge object| pbjsChunk object| ADAGIO object| mnet function| objectFitImages object| $jscomp function| SearchSuggester object| searchSuggester function| NatalieFilmScheduleWidget function| $ function| jQuery function| Swiper object| lazySizesConfig object| lazySizes object| _aps boolean| apstagLOADED object| apscustom object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ZDAzMTEwNGRjNDZkNGRmYmxvYWRlcl9qcw== string| ZDAzMTEwNGRjNDZkNGRmYmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| clarity object| _uic object| _uih object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| Criteo object| browsitag string| browsi_bootstrap_loaded object| _UI_JSON object| punycode object| _uiconv string| uiinit function| restartBivalves function| Vesicomyid object| sas object| apntag object| _ADAGIO object| _middyo object| regeneratorRuntime object| __id5_instances object| adblockDetector object| criteo_pubtag object| criteo_identitytag_145 object| Criteo_identitytag_145 object| _33across object| ox_esp object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 function| br_flx_0_18 object| signal_decrypted number| google_unique_id object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients boolean| 74030e35-993d-4c3c-b8e6-60ddd6c34016 object| criteo_syncframe_state object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

262 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQn8C86sUxCgoIkQIQn8C86sUxCgoItAIQn8C86sUxCgoI5gEQn8C86sUxCgoIhwIQn8C86sUxCgoItwIQn8C86sUxCgkIOhCfwLzqxTEKCgiMAhCfwLzqxTEKCQhfEJ_AvOrFMQoJCB8Qn8C86sUx
i.liadm.com/s Name: _li_ss
Value: ChMKBgiiARDbFgoJCP____8HEOUW
i6.liadm.com/s Name: _li_ss
Value: CgA
natalie.mu/ Name: _flux_dataharbor
Value: 1
natalie.mu/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.natalie.mu/ Name: sharedid
Value: 72fc065f-9d94-422d-ba63-87d16a0b22aa
.natalie.mu/ Name: _gid
Value: GA1.2.1142652488.1702372512
.natalie.mu/ Name: _gat_UA-45927307-1
Value: 1
.natalie.mu/ Name: _gat_UA-45927307-2
Value: 1
.natalie.mu/ Name: _gat_UA-45927307-15
Value: 1
natalie.mu/ Name: relaido_uuid
Value: b7936f5d-72d5-4619-95e4-6e9e26c7dc43
.natalie.mu/ Name: _ga_Y7LQ4S8GZR
Value: GS1.1.1702372512.1.0.1702372512.0.0.0
.natalie.mu/ Name: _ga
Value: GA1.1.460445772.1702372512
.natalie.mu/ Name: __ulfpc
Value: 202312121815121158
.gumgum.com/ Name: cs
Value: true
.ladsp.com/ Name: receive-cookie-deprecation
Value: 1
.socdm.com/ Name: SOC
Value: ZXgkoMCo5sIAAFGloKkAAAAA
www.clarity.ms/ Name: CLID
Value: 57106d8e9b6d4c908007e56d4a900148.20231212.20241211
.natalie.mu/ Name: _clck
Value: l4qker%7C2%7Cfhh%7C0%7C1441
.teads.tv/ Name: tt_viewer
Value: 2320bba4-aa79-419d-93d0-63f1bc392657
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
natalie.mu/ Name: __browsiSessionID
Value: 0a2d2894-c259-4706-9ce2-59216bed1f4b&false&false&DEFAULT&jp&desktop-4.21.4&false
natalie.mu/ Name: __browsiUID
Value: df436c8d-e671-4d24-a6c5-3d2d3d525ae3
.impact-ad.jp/ Name: c
Value: 1702372512
.impact-ad.jp/ Name: tuuid
Value: 2e04749e-02d1-4858-b05e-38700c1eb143
.adingo.jp/ Name: ID
Value: aa0b22c3a188fc3bdd51ec3ebbd698f4
.lijit.com/ Name: ljt_reader
Value: HztLDBZHQz0K2AzuQjqahty-
.openx.net/ Name: i
Value: b9c02b6f-5e97-48a1-aff6-3e09b5c686b6|1702372512
.3lift.com/ Name: tluid
Value: 3525346139899595283261
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 597382=5756235
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D36_0_0t%3B%24dma%3D0
.relaido.jp/ Name: relaido_uuid
Value: b7936f5d-72d5-4619-95e4-6e9e26c7dc43
.smartadserver.com/ Name: pid
Value: 8160195145739520768
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D36_0_0t%3B%24dma%3D0&c=1&l=-669273157&lo=1739943965&lt=638379693124132996&o=1
.rubiconproject.com/ Name: khaos
Value: LQ24N1B4-1M-L763
.adnxs.com/ Name: icu
Value: ChgI5JxXEAoYAiACKAIwoMngqwY4AkACSAIQoMngqwYYAQ..
.adnxs.com/ Name: uuid2
Value: 4516927009669048412
.send.microad.jp/ Name: TR
Value: 3ec275c4af437a92cb6311d87cb220d9
ads.us.e-planning.net/ Name: CT
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: dd93b491a021a2eeb22b626d71ceeb73
.natalie.mu/ Name: _cc_id
Value: dd93b491a021a2eeb22b626d71ceeb73
.natalie.mu/ Name: panoramaId_expiry
Value: 1702977312933
.natalie.mu/ Name: panoramaId
Value: d6fe5956c18bd1633b2d957f3d0b185ca02c9adb55b230bc4540e580e8cc6cbe
.natalie.mu/ Name: panoramaIdType
Value: panoDevice
.e-planning.net/ Name: E
Value: AKabF3seavNRulad
.natalie.mu/ Name: _clsk
Value: 1mr7ymn%7C1702372513020%7C1%7C0%7Cz.clarity.ms%2Fcollect
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXgkoQAGWdaM5gBH
.adform.net/ Name: uid
Value: 6265997732731674459
.bidswitch.net/ Name: tuuid
Value: deb4a55c-e31c-48b8-9a77-a26b028432e9
.bidswitch.net/ Name: c
Value: 1702372513
.bidswitch.net/ Name: tuuid_lu
Value: 1702372513
.amazon-adsystem.com/ Name: ad-id
Value: A6Zdt_0fuULWgkvnxs2dB48
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.turn.com/ Name: uid
Value: 2967119334666753022
.gumgum.com/ Name: vst
Value: a_5e0b83fb-cf24-47f0-b533-3837161e5476
.casalemedia.com/ Name: CMID
Value: ZXgkoV53WQ1V60EtPPrXJwAA
.casalemedia.com/ Name: CMPS
Value: 5488
.casalemedia.com/ Name: CMPRO
Value: 5488
.adsrvr.org/ Name: TDID
Value: d4b4056c-9cff-4981-a11a-66e4858998e2
.doubleclick.net/ Name: IDE
Value: AHWqTUkIkk3naiTRSmK8QOmT0ADgSB_gXUroE0ZJJsTebRAiYOfBMmHiGi8Y94Kzckg
.doubleclick.net/ Name: APC
Value: AfxxVi4dYEJ3VfpsYhxa8NgDdSZyCkxtbRt5bLbi-Ee2cvgJel4cwg
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
.pubmatic.com/ Name: DPSync3
Value: 1703548800%3A201_245_226%7C1702425600%3A248
.demdex.net/ Name: demdex
Value: 31289949086982013041224607717430475672
.omnitagjs.com/ Name: ayl_visitor
Value: 8e8c13f8368575330c91c64b2805e387
.dpm.demdex.net/ Name: dpm
Value: 31289949086982013041224607717430475672
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBKEkeGUCEEDaYZUgz6JM3Jo-Wyd_ZKIFEgEBAQF2eWWCZQAAAAAA_eMAAA&S=AQAAAsYODefgqjAgInp9D0Ry2Vo
.company-target.com/ Name: tuuid
Value: 21f8a398-bcdd-48a0-ab43-b5cc656d799e
.company-target.com/ Name: tuuid_lu
Value: 1702372513|ix:0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ladsp.com/ Name: cr
Value: 1
.primecaster.net/ Name: uid
Value: 4n9jl12sGG
.ladsp.com/ Name: smn_uid
Value: _qsZ05bKAXCRWEUNhi2muRA-NbTHCaY
.tapad.com/ Name: TapAd_TS
Value: 1702372513750
.tapad.com/ Name: TapAd_DID
Value: a6b4b97d-1126-4b61-a008-7d9bbf01a817
.contextweb.com/ Name: V
Value: 0jy9Wht71a08
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 12eb1d7e933e2941
.semasio.net/ Name: SEUNCY
Value: B93477501A552BD1
.media.net/ Name: visitor-id
Value: 3453741131267202000V10
.yahoo.co.jp/ Name: XA
Value: cmnlk31ing951&sd=A&t=1702372513&u=1702372513&v=1
.yahoo.co.jp/ Name: XB
Value: cskj165ing951&b=3&s=gp
.simpli.fi/ Name: suid
Value: EA1DE816A79C4D878295157B03978D9B
.natalie.mu/ Name: __gads
Value: ID=91c6ea48a540b91b:T=1702372513:RT=1702372513:S=ALNI_MbpvRuxjBhwONGpvFl5yBQz7KZVFA
.natalie.mu/ Name: __gpi
Value: UID=00000caa9085b3d0:T=1702372513:RT=1702372513:S=ALNI_MZiunE1wlB6w4QQrJDs0qKDlkIsgw
.sharethrough.com/ Name: stx_user_id
Value: a5ffd143-ccb1-460e-ac2e-b067a391f680
.quantserve.com/ Name: mc
Value: 657824a1-d51ea-d792b-84d27
.creativecdn.com/ Name: u
Value: wyEyk4llP8ykfPN2W4EX
.creativecdn.com/ Name: g
Value: wyEyk4llP8ykfPN2W4EX_1702372514002
.creativecdn.com/ Name: ts
Value: 1702372514
.ipredictive.com/ Name: cu
Value: ca3e76fb-b51f-4bf3-a414-46e9d3cff563|1702372514037
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590.5iglR9ZMNBLIOiNkMmPj0foJZ8SGsho%2FcWy%2BSMkjw1I
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a59e9bf5-48b4-59a5-72fc-bb8f30aea590.5iglR9ZMNBLIOiNkMmPj0foJZ8SGsho%2FcWy%2BSMkjw1I
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApZ6b9Ui0WaVy_LuPMK6lkJJGyaA.SPwSozGJtgsAHTY%2FdMM2S%2Fs7IjIY4Pl9pF%2B38vs6610
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApZ6b9Ui0WaVy_LuPMK6lkJJGyaA.SPwSozGJtgsAHTY%2FdMM2S%2Fs7IjIY4Pl9pF%2B38vs6610
.liadm.com/ Name: lidid
Value: d4454db8-221c-48a0-9395-38a37af12cde
.natalie.mu/ Name: FCNEC
Value: %5B%5B%22AKsRol-QusWAerI6rfEA05R8sLT-MuFurEc-p_5lm1NzLoIvAtp44mq8w9RcGjUbK6s2EUuPVLI8gpAI_BEgnerVx-5zwARHVIanQxzOw7smuGFyJRP06oZa_2QuMynKd5FqaHzmDPG1o1TMnj9upU9KzX-Ll9GKSg%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22873%22%5D%5D%5D
.zemanta.com/ Name: zuid
Value: ZtkuDwr7_u5OKJBvO_Iw
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8313-2!8313
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJMThLWyuORjpZmXdwMkYWiZXeiv8nGF6NZNwlPEM99DEHwYBCCiyeCrBjABOgQtwj9GQgQVN9Yu.KWos6WxKcpDYB7ZvLbcf316f3AbkDmUZLLLTaWLs3sU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJMThLWyuORjpZmXdwMkYWiZXeiv8nGF6NZNwlPEM99DEHwYBCCiyeCrBjABOgQtwj9GQgQVN9Yu.KWos6WxKcpDYB7ZvLbcf316f3AbkDmUZLLLTaWLs3sU
.d2-apps.net/ Name: d2id
Value: 85b61834435b45e26fedcab3d6c0c219
.criteo.com/ Name: uid
Value: 92cf34d5-393c-4dd6-ad7e-8e530fc660d1
.linkedin.com/ Name: bcookie
Value: "v=2&fad1e678-9f66-47eb-8ed5-d6605421db84"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3146:u=1:x=1:i=1702372514:t=1702458914:v=2:sig=AQG44MSrYLt0S9VMCRk9kZwD_BIwqQE3"
img.macromill.com/ Name: c
Value: c4eea593e7.035
.blismedia.com/ Name: b
Value: 657824A2AA76662B39D3A7BBBLIS
.bidr.io/ Name: bito
Value: AAIJfk7K8EkAABSLrjEArA
.bidr.io/ Name: bitoIsSecure
Value: ok
.rezync.com/ Name: zync-uuid
Value: a89fefab-25cd-4ff9-888f-760682533d16:1702372514.6343617
pixel-apac.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.bidswitch.net/ Name: google_push
Value: AXcoOmRt_xLrLPex62OfX2ChGiTsWU0MBImKNYqJgPOMy3KOQv3Eedv9klA7QMkevNLkVXYf1cBrQxtZR0EvL_uypJc6_ZtBlD9sjw_Y
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987Fnp4fCYeL-A44GJ9T7dHQ4nQgzIEN2Qj5rCIm-1P224hzQn_crIWr2isJl75QC4TM1
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.sportradarserving.com/ Name: zuuid
Value: 4033ac60-0bd9-4992-9e10-da19b6084055
.sportradarserving.com/ Name: c
Value: 1702372514
.sportradarserving.com/ Name: zuuid_lu
Value: 1702372514
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1702372514
.imrworldwide.com/ Name: IMRID
Value: f5c298c0-98ce-11ee-883d-67f85013af22
.tribalfusion.com/ Name: ANON_ID
Value: afnteZbmge06ousnA6vvPChDox9eOUPmMsmAudOWGaHZbqZb1X8GPTW5eaRXaVjM5rHElJs9gZcZdDNaELZcITZbPf4U5TGFXVhZbICJ
.connatix.com/ Name: cnx_userId
Value: 281fd28e5d434840bd0530f91af324a1
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEmxNE4ysTRMNDAyTDRKTU0yMkoyMzJLMTdMBnLMjRmAILVCZfHf%2F%2F%2F%2F84M4YMAzZdILVca2cob%2FjIwME5HYXUjs64dbjZj%2FBIHUQFR%2BYASr%2F7lxCgs28UunHrFhE9%2B977IANvHDi%2BdgNefj%2B6fc2NS%2FW4Jd%2FdWT6tiUX%2FliiU0YAK2oaAY%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrVBZDKQggImBgWsGiMnV9BlIAgA5FwPI"
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIAQkMzI0sjQwsLI1NzQ0MLIT5DXe_I0vTidJes7JRCNwB0q-WSJQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByRGAMAwEsA_tmImv9YZuAsGFUDnSd9Ti7LfXLZbPluieQrKlMEBL9624tIZ5WWqc8HBo_WaYnlY6AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIAQkMzI0sjQwsLI1NzQ0MLIT5DXe_I0vTidJes7JRCNwB0q-WSJQAAAA
.hb.yahoo.net/ Name: visitor-id
Value: 3453741151267260000V10
.hb.yahoo.net/ Name: data-mag
Value: LQ24N1B4-1M-L763~~63
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUTI0TjFCNC0xTS1MNzYzIiwiZXhwaXJlcyI6IjIwMjMtMTItMjZUMDk6MTU6MTUuMjA2Mzg4NDczWiJ9fX0=
live.rezync.com/ Name: sd-session-id
Value: .eJwNi0EOgyAQAP-yZ2nYRWDhM4bKkpBW2oheavx7yZwmmblg-cq-pSbtgHjsp0ywvuuwDvGCXn-bvCAC6QE6CoTMZD0iwz1Bl97rpy01jyZxKFLSU5Fds5pLCYqZi_JOu_EYk9FF9JqMJ4vzw5nZOPRw_wG_fyWi.ZXgkow.oGyMZ5abvUxjLucbRmOJwW99Px8
.primis.tech/ Name: csuuid
Value: 657824a33900b
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 8075293c-f927-4cac-a71d-b9158c16269b
.prebid.a-mo.net/ Name: sd_amuid2
Value: 8075293c-f927-4cac-a71d-b9158c16269b
.33across.com/ Name: 33x_ps
Value: u%3D212287433330884%3As1%3D1702372515288%3Ats%3D1702372515288
.rlcdn.com/ Name: rlas3
Value: WKIcwobJCzq1cuGe/FyCZvAvInN8t2E+XGKglyQVL4o=
.bluekai.com/ Name: bku
Value: Whz99v1AKsDQ3l/e
.bluekai.com/ Name: bkpa
Value: KJy9BQeJd02pSUHknpD81ezdqsk+SUx21Yjoje6p1tPZjMOAmVJiBp/pBEJijM9l1E98mV/8mEkCme9p1x19FgRwuy==
.undertone.com/ Name: UID_EXT_47
Value: LQ24N1B4-1M-L763
.intentiq.com/ Name: intentIQ
Value: YDAI3SVs6e
.intentiq.com/ Name: IQver
Value: 1.9
.kargo.com/ Name: ktcid
Value: 5fe5c854-1810-0a18-517e-8c63980057a1
prebid-s2s.media.net/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUTI0TjFCNC0xTS1MNzYzIiwiZXhwaXJlcyI6IjIwMjMtMTItMjZUMDk6MTU6MTUuNDc0NDk3MDEyWiJ9fSwiYmRheSI6IjIwMjMtMTItMTJUMDk6MTU6MTUuNDczNjM0MDMyWiIsImhvc3RfdWlkcyI6eyJtZWRpYW5ldCI6eyJ1aWQiOiIzNDUzNzQxMTMxMjY3MjAyMDAwVjEwIn19fQ==
.lijit.com/ Name: _ljtrtb_80
Value: LQ24N1B4-1M-L763
.rlcdn.com/ Name: pxrc
Value: CKPJ4KsGEgYIuuoBEAASDwjp3SoQ////////////ARIPCJC8KxD///////////8B
.audrte.com/ Name: arcki2
Value: 7bd-wqOtg-3Sd6Iu7rWCCsmCg!20220908!1702372515580!ip#146.70.201.160
.im-apps.net/ Name: imid_secure
Value: A7GsRgL4QRWfMGGJ4f7EYw
.im-apps.net/ Name: imid_created_secure
Value: 1702372515
.yandex.ru/ Name: yuidss
Value: 3964522231702372515
.yandex.ru/ Name: yandexuid
Value: 3964522231702372515
y.one.impact-ad.jp/ Name: cmt
Value: !105=deb4a55c-e31c-48b8-9a77-a26b028432e9=1=474207315=471615315
.natalie.mu/ Name: cto_bundle
Value: ZAkw9F81TUI2OENUa0xYc2xmZjdHbWNBZFdTMVRGWHZqVlJhbDJZdU9pOU9TRWs2bjhwUFBYbkhtdHV3UmxORk5sZmtwamJqT2lYU3pNVmZnMyUyQlM0OXlOelZXT3ZtemwlMkZQZWdLdEVqeGNqUHclMkZQZ0l0QlNqUHBPMjNsbyUyRllmc1JPclZhaGozSVF3TjI1UzVkSFFaYk9QWkRFZyUzRCUzRA
.natalie.mu/ Name: cto_bidid
Value: qyRPFF9oMWVLSzVuVHpjdnhtZWtXMXY2aU94MTczeXZVNHlrcXhZWFlGcnhUZlJWUmFobnZTSTVoSXhkSU5KJTJCJTJGc0tXSU0lMkZOU2RhcmRjeGM4azFrdzdGdWJ0ZWJWMlgwaGhnb0E1S3BOT1ZpV2Z0ZyUzRA
.impact-ad.jp/ Name: psm
Value: 0
.aniview.com/ Name: 1_C_5
Value: LQ24N1B4-1M-L763
sync.aniview.com/ Name: 1_C_5
Value: LQ24N1B4-1M-L763
.ads.stickyadstv.com/ Name: UID
Value: cb6067db9fc87a7d5083523878a8d
.adnxs.com/ Name: anj
Value: dTM7k!M4/0DunaTF']wIg2E>4id^96!]tcc8bhzs#DNAqPYwUbU`mq+Sgtc*THUL=^LIvxVFfU'T:Pc$<QHImI.FB-I2BM'+SZQ8Uq0kLB%.xxB.0D7*eWpa%:uv41YtBf!!#Kh+<0#Q
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRMjROMUI0LTFNLUw3NjMiLCJleHBpcmVzIjoiMjAyNC0wMy0xMVQwOToxNToxNFoifSwidHJpcGxlbGlmdF9uYXRpdmUiOnsidWlkIjoiMzUyNTM0NjEzOTg5OTU5NTI4MzI2MSIsImV4cGlyZXMiOiIyMDI0LTAzLTExVDA5OjE1OjE1WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEyLTEyVDA5OjE1OjE0WiJ9
.audrte.com/ Name: arcki2_ddp2
Value: 7bd-wqOtg-3Sd6Iu7rWCCsmCg!20220908!1702372515871
.uncn.jp/ Name: t
Value: v_95095d4b-e57a-4f3b-897b-ac78678f6a15
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 2454112672#1702372515945#0#1702372515945
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeUROYVN5
.intentiq.com/ Name: intentIQCDate
Value: 1702372515947
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2fk9:19e0~2fk9:19bk~2fk9:18z8~2fk9"
.lijit.com/ Name: ljtrtbexp
Value: eJxdkLsRwDAIQ3dxncJgMJDVctk95wuNVD7xk3hGxbgl5vJUkX0NRdwbWaaysFAIQTau%2Fxu1Itbhqrag5lmtJM7kpKPkyor66WYasRPTPuV5flJnMPE47ImsQRnpaQV%2B3g8H%2FEwW
.impact-ad.jp/ Name: tuuid_lu
Value: 1702372516
.openx.net/ Name: pd
Value: v2|1702372516|jElYiuvOiahI
.lijit.com/ Name: _ljtrtb_27
Value: d4b4056c-9cff-4981-a11a-66e4858998e2
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oi4|7dW.0.1|7bq.0.1
.media.net/ Name: data-ttd
Value: d4b4056c-9cff-4981-a11a-66e4858998e2~~1
.quantserve.com/ Name: d
Value: EOIBEQHSKrjvsQn0AA
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyMzcyNTE2LCJwdWJtYXRpYyI6MTcwMjM3MjUxM30
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004%22%2C%22nxtrdr%22%3Afalse%7D
.ladsp.com/ Name: lum
Value: CLLDvOrFMRIFCAMQ0AUSBQgKEJAN
.media.net/ Name: data-g
Value: CAESEEv051ZkZFk9OsSfKr94dgw~~8
.lijit.com/ Name: _ljtrtb_85
Value: AAIJfk7K8EkAABSLrjEArA
.openx.net/ Name: univ_id
Value: 537072971|d4b4056c-9cff-4981-a11a-66e4858998e2|1702372516295311
.media.net/ Name: data-c
Value: 92cf34d5-393c-4dd6-ad7e-8e530fc660d1~~1
.media.net/ Name: data-c-ts
Value: 1702372516
.lijit.com/ Name: _ljtrtb_76
Value: 0682caf6-1da4-4d5b-b29c-4047a9508a19
.audrte.com/ Name: arcki2_adform
Value: 6265997732731674459!20220908!1702372516333
.c.appier.net/ Name: _auid
Value: TqVyQUdcDS6trgAVpCR4ZQ
.linkedin.com/ Name: li_sugr
Value: 6911cb8c-5c5a-49e3-9efb-458988c342fb
.lijit.com/ Name: _ljtrtb_2
Value: EA1DE816A79C4D878295157B03978D9B
.lijit.com/ Name: _ljtrtb_92
Value: 4516927009669048412
.ctnsnet.com/ Name: cid_dccdcbbd5ce84b9fa9313346f956eced
Value: 1
.ctnsnet.com/ Name: cid_53faf7fab08840a09ea79965fbbe6e40
Value: 1
.lijit.com/ Name: _ljtrtb_49
Value: 0jy9Wht71a08
.lijit.com/ Name: _ljtrtb_43
Value: LCFDTiggFUc3cEFHf3VZEi0tRhQ3LEASKCO2kqWn
.media.net/ Name: data-rk
Value: 2020216292188257118~~8
.lijit.com/ Name: _ljtrtb_86
Value: p_fcmbZQPh7SXtjhsgb1idMwicBoIXsnPbk8b14pEE4
.go.sonobi.com/ Name: __uis
Value: 712386f5-74ea-42e4-b391-8fd67d37ec37
.lijit.com/ Name: _ljtrtb_97
Value: RX-f6e80dd6-6e04-4aa1-8622-d13d77f432d3-004
.lijit.com/ Name: _ljtrtb_94
Value: 657824A2AA76662B39D3A7BBBLIS
.media.net/ Name: data-bs
Value: deb4a55c-e31c-48b8-9a77-a26b028432e9~~1
.pubmatic.com/ Name: SyncRTB3
Value: 1703548800%3A234_179_54_96_209_71_22_217_202_214_264_5_13_21_76_7_46_8_3_233_254_56_220_107%7C1703635200%3A35%7C1703203200%3A63%7C1702944000%3A2_15_223%7C1707523200%3A69
.admanmedia.com/ Name: admtr
Value: 846ce890-6c16-4f21-ae94-73d64e00542d
.admanmedia.com/ Name: ac_r
Value: CS159
.media.net/ Name: data-ze
Value: ZtkuDwr7_u5OKJBvO_Iw~~1
.media.net/ Name: data-so
Value: 712386f5-74ea-42e4-b391-8fd67d37ec37~~8
.w55c.net/ Name: matchpubmatic
Value: 5
pool.admedo.com/ Name: tuuid
Value: 8729bdbc-3865-4ff7-bb29-c7a51347fd94
pool.admedo.com/ Name: c
Value: 1702372516
pool.admedo.com/ Name: tuuid_lu
Value: 1702372516
.audrte.com/ Name: arcki2_smart
Value: 8160195145739520768!20220908!1702372516647
.w55c.net/ Name: wfivefivec
Value: 3jJMqARC1RcYRe5
.w55c.net/ Name: matchmedianet
Value: 5
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMuw2AMAwAUTEAVeYwiu34k2wTCB6IkpIRmJAORHnFu3ua0TKxkaAa8ZGse409-gok24ASUcHdA0yzOgnzQG0vKotyYUU703eSXPX6tz0yIOLjagAAAA
.smartadserver.com/ Name: csync
Value: 32:2967119334666753022|86:4516927009669048412|117:8e8c13f8368575330c91c64b2805e387|130:846ce890-6c16-4f21-ae94-73d64e00542d|141:7bd-wqOtg-3Sd6Iu7rWCCsmCg
.acuityplatform.com/ Name: auid
Value: 863785065819
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFGFylyGbyYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRhcpchm8j3RoaXJkUGFydHlVc2VySWRXSHp0TERCWkhRejBLMkF6dVFqcWFodHkt+/uGdmVyc2lvbsL7
.relaido.jp/ Name: _a1_f_____
Value: bbe473cc-7a34-40bd-9cd1-675c4dfeea0f
.relaido.jp/ Name: _a1_f
Value: bbe473cc-7a34-40bd-9cd1-675c4dfeea0f
.relaido.jp/ Name: _a1_sync_____
Value: !rld|1704964516801
.relaido.jp/ Name: _a1_sync
Value: !rld|1704964516801
.lijit.com/ Name: _ljtrtb_84
Value: c:357fa7cead1bff79439d1d0134b2770e
.richaudience.com/ Name: pdid
Value: 93c39895-a6f4-4c95-9298-1zz1702372502
.lijit.com/ Name: _ljtrtb_26
Value: deb4a55c-e31c-48b8-9a77-a26b028432e9
.lijit.com/ Name: _ljtrtb_66
Value: 863785065819
.dotomi.com/ Name: DotomiTest
Value: 299ef215d51621d3
.krushmedia.com/ Name: krm_usr
Value: 0def3fbc-dc87-5405-9d26-d5cf4be08731
.krushmedia.com/ Name: krm_r
Value: 572
.media.net/ Name: data-xu
Value: 3jJMqARC1RcYRe5~~8
.richaudience.com/ Name: raibs
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI0JWhlpy_vTwQBRIUCgV0YXBhZBILCPzLoZqcv708EAUSFgoHcnViaWNvbhILCOCP4p6cv708EAUSFQoGZ29vZ2xlEgsIyKLNopy_vTwQBRIWCgdzdng5dDUwEgsI0rz3rZy_vTwQBRIXCghwdWJtYXRpYxILCJTos66cv708EAUYASABKAIyCwis_bHmsr-9PBAFOAFaB2lkMGxoODRgAg..
.id5-sync.com/ Name: id5
Value: bd124dd1-1af0-7483-8d4c-c6b030f19543#1702372514835#4
.csync.loopme.me/ Name: viewer_token
Value: dbf1cadb-5edc-4318-a629-a28e8c45b808
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJhXiAzup12U1qbBgMWySGKid6DeFnocd/Rq8Y1uSh4CnrT1jYGusS+WcLjJ05gWCmgt0NmsjSazVXrXltAgeHdgyvzdnhaH2I=
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1702394117238
.lijit.com/ Name: _ljtrtb_83
Value: LQ24N1B4-1M-L763
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJhcHBuZXh1cyI6IjIwMjMtMTItMTJUMDk6MTU6MTIuNTM4MTU5MzUzWiIsImVwbGFubmluZyI6IjIwMjMtMTItMTJUMDk6MTU6MTIuNTM4MTQ5MDc2WiIsImZyZWV3aGVlbCI6IjIwMjMtMTItMTJUMDk6MTU6MTIuMTIzNTA2MzUzWiIsImluZGV4ZXhjaGFuZ2UiOiIyMDIzLTEyLTEyVDA5OjE1OjEyLjU1NzQzNjc3M1oiLCJvbmV0YWciOiIyMDIzLTEyLTEyVDA5OjE1OjEyLjUzODE0NTk0MloiLCJvcGVueCI6IjIwMjMtMTItMTJUMDk6MTU6MTIuMTIzNTAyNTA1WiIsInB1Ym1hdGljIjoiMjAyMy0xMi0xMlQwOToxNToxMi4xMjM1MDU3OTNaIiwicnViaWNvbiI6IjIwMjMtMTItMTJUMDk6MTU6MTIuMTIzNTAzNDk0WiIsInNtYXJ0IjoiMjAyMy0xMi0xMlQwOToxNToxMi41MzgxNDQyODhaIiwic292cm4iOiIyMDIzLTEyLTEyVDA5OjE1OjEyLjU1NzQzNTgzNFoiLCJ0cmlwbGVsaWZ0IjoiMjAyMy0xMi0xMlQwOToxNToxMi41NTc0Mzk5OTVaIiwidW5ydWx5IjoiMjAyMy0xMi0xMlQwOToxNToxMi41NTc0MzA0NzNaIn0sInVpZHMiOnsiYWRhZ2lvIjp7InVpZCI6ImU3NGRlODU4LWQyNzEtNDFhZi05M2IxLWMzNzJjZmU5NmQ3MyIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDA5OjE1OjEyLjEyMzI2MTI3M1oifSwiYXBwbmV4dXMiOnsidWlkIjoiNDUxNjkyNzAwOTY2OTA0ODQxMiIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDA5OjE1OjE1LjYzMTI0NjQ3OFoifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFLYWJGM3NlYXZOUnVsYWQiLCJleHBpcmVzIjoiMjAyNC0wMi0xMFQwOToxNToxNC43OTI3NDMxODdaIn0sImZyZWV3aGVlbCI6eyJ1aWQiOiJjYjYwNjdkYjlmYzg3YTdkNTA4MzUyMzg3OGE4ZCIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDA5OjE1OjE1Ljk1NjgyODM0OVoifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJaWGdrb1Y1M1dRMVY2MEV0UFByWEp3QUFGWEFBQUFBQiIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDA5OjE1OjE0LjY1NTcyMTE1M1oifSwicHVibWF0aWMiOnsidWlkIjoiQzgwOUEzNTktNEZDMi00QzMxLUIyQzYtQkM4QjlGQ0IyNDUzIiwiZXhwaXJlcyI6IjIwMjQtMDItMTBUMDk6MTU6MTcuMzM3MjUzNTc5WiJ9LCJydWJpY29uIjp7InVpZCI6IkxRMjROMUI0LTFNLUw3NjMiLCJleHBpcmVzIjoiMjAyNC0wMi0xMFQwOToxNToxNC43MjUxOTE5MjdaIn0sInNtYXJ0Ijp7InVpZCI6IjgxNjAxOTUxNDU3Mzk1MjA3NjgiLCJleHBpcmVzIjoiMjAyNC0wMi0xMFQwOToxNToxNC42Njg2ODY2NzZaIn0sInNvdnJuIjp7InVpZCI6Ikh6dExEQlpIUXowSzJBenVRanFhaHR5LSIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDA5OjE1OjEzLjc5Mjk3Nzc4WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjM1MjUzNDYxMzk4OTk1OTUyODMyNjEiLCJleHBpcmVzIjoiMjAyNC0wMi0xMFQwOToxNToxNS45MTI1MzYxMTRaIn0sInVucnVseSI6eyJ1aWQiOiJSWC1mNmU4MGRkNi02ZTA0LTRhYTEtODYyMi1kMTNkNzdmNDMyZDMtMDA0IiwiZXhwaXJlcyI6IjIwMjQtMDItMTBUMDk6MTU6MTMuNTk4MzMyMDA5WiJ9fSwiYmRheSI6IjIwMjMtMTItMTJUMDk6MTU6MTIuMTIzMjA0NDgxWiJ9
.richaudience.com/ Name: avcid-ttd-uid
Value: d4b4056c-9cff-4981-a11a-66e4858998e2
.adx.opera.com/ Name: UID
Value: OPU1bb353766cc24a6185e703da49aa6ec3
.richaudience.com/ Name: avcid-apn-uid
Value: 4516927009669048412
.media.net/ Name: data-r
Value: LQ24N1B4-1M-L763~~1
.lijit.com/ Name: _ljtrtb_103
Value: OPU346eec17d8e847ccafb8af1e8ebaad0a
.richaudience.com/ Name: avcid-sma-uid
Value: 8160195145739520768
.richaudience.com/ Name: avcid-sov-uid
Value: HztLDBZHQz0K2AzuQjqahty-
.eyeota.net/ Name: mako_uid
Value: 18c5d4f27b7-1c170000010e42e7
.eyeota.net/ Name: SERVERID
Value: 17127~DM
.id5-sync.com/ Name: 3pi
Value: 2#1702372516004#-402206503#4516927009669048412|19#1702372517173#1214302498#dd93b491a021a2eeb22b626d71ceeb73|821#1702372517671#185615176|822#1702372516792#1430932967|264#1702372516289#-331770175#d4b4056c-9cff-4981-a11a-66e4858998e2|441#1702372515673#-1608437620#a_5e0b83fb-cf24-47f0-b533-3837161e5476|123#1702372517958#2144773620|108#1702372515405#-1914627439
.mfadsrvr.com/ Name: c
Value: 1702372518
.mfadsrvr.com/ Name: tuuid_lu
Value: 1702372518
.mfadsrvr.com/ Name: tuuid
Value: 6437d8c5-14bd-44aa-ab6d-d4f1662ac0d2
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1702372518
.media.net/ Name: data-mf
Value: d54a22ef-c1be-4dae-b378-0542b482a31c~~1
.lijit.com/ Name: _ljtrtb_87
Value: 6437d8c5-14bd-44aa-ab6d-d4f1662ac0d2
.lijit.com/ Name: ljtrtb
Value: eJx1kl1PmzEMhf9LrxcpThzb4S5v%2B6Ixyih0jIqbKZ%2B0VGMMKk3TtP%2B%2BhPvdWs%2Bxj4%2F9Z0G0OFsIWRanyQn4xYeFGbVSE0bnsqoWskJJonxkVtFQ0kbQmjpY9J3VT7%2F9%2Ff7EELUMPQ89JtSOsvK5NYVeQEWAqIgqihPvpZrBdnQOsJoFKLBf4kpYjHfgeNLWs6z81DHQtoPXmzuLVGsGLlIFOefYksQGVWqKsejYWdEdXd8Y%2FAwTKrhSaybb637MQgfkDWvtibxGQRguxP5Hgr1OrjvCYEJgIjKT9SsbeJqm9cV2aAeTz6zjFjnXWCC1xh6tL1A0WEyGWddBuk6GcPGpHflS5mMI03b9%2BjSH1zBmjdRud6pRFV0KKaoaFcYISsgYVcAW5taDL1ZpjaPhONTLt5a%2Fp4ebzZ63u9PT%2Fu0xwaFc%2FTrk6cfF7u15k46SAF%2FmeUjwfdPl%2BerL4fHx%2FC7bPJ9%2FbPbrw3zQp9v9jV3PYXu5vDbHn%2FfPnecxQpOYnjQpKLFbKi6pZHz%2FCo0cvdMS3%2F9GxgaEth8nOwWYisLuX8VERRVs0NOLWRez%2BPsPqlye0Q%3D%3D
.lijit.com/ Name: _ljtrtb_71
Value: C809A359-4FC2-4C31-B2C6-BC8B9FCB2453
.media.net/ Name: data-pba
Value: C809A359-4FC2-4C31-B2C6-BC8B9FCB2453~~8
.lijit.com/ Name: _ljtrtb_58
Value: C809A359-4FC2-4C31-B2C6-BC8B9FCB2453

2 Console Messages

Source Level URL
Text
network error URL: https://cksync.yahoo.co.jp/dispatch?ptr=10901&time=1702372512
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

762d3215c502ab27c193865e3b53d751.safeframe.googlesyndication.com
a.audrte.com
a.flux.jp
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.as.amanad.adtdp.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
an.yandex.ru
aorta.clickagy.com
ap.lijit.com
api.primecaster.net
api.relaido.jp
audiencedata.im-apps.net
aw.dw.impact-ad.jp
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.walmart.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bs.nakanohito.jp
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
capi.connatix.com
cdn-ima.33across.com
cdn.adnxs.com
cdn.ampproject.org
cdn.browsiprod.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
ce.lijit.com
cksync.yahoo.co.jp
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
contextual.media.net
cr-p10.ladsp.com
cr-p3.ladsp.com
cr-p31.ladsp.com
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.nakanohito.jp
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
d.socdm.com
d.turn.com
data.adsrvr.org
demand-engine.browsiprod.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dmp.truoptik.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
events-ssc.33across.com
events.browsiprod.com
exchange.mediavine.com
fastlane.rubiconproject.com
flux-cdn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
gcdn.2mdn.net
gigaplus.makeshop.jp
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.adingo.jp
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
im.c.yimg.jp
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.ak.impact-ad.jp
img.macromill.com
inmobi-match.dotomi.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
natalie.mu
natasha-d.openx.net
oa.openxcdn.net
oajs.openx.net
ogre.natalie.mu
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pb.ladsp.com
penta.a.one.impact-ad.jp
pixel-apac.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pp.d2-apps.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-s2s.media.net
prebid.a-mo.net
prebid.media.net
prg-apac.smartadserver.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
r3---sn-oguelnzl.c.2mdn.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rubicon-match.dotomi.com
s-cs.send.microad.jp
s-rtb-pb.send.microad.jp
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.seedtag.com
s.tribalfusion.com
s.yimg.jp
s0.2mdn.net
s2s.t13.io
script.4dex.io
secure-assets.rubiconproject.com
secure-gg.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
sin3-ib.adnxs.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.im-apps.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.relaido.jp
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
sync6.im-apps.net
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tracker.v2.relaido.jp
u-sin01.e-planning.net
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
usersync.gumgum.com
usr.undertone.com
video.seenthis.se
visitor.omnitagjs.com
www.clarity.ms
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
y.one.impact-ad.jp
yield-manager.browsiprod.com
z.clarity.ms
z.moatads.com
cm-supply-web.gammaplatform.com
sync.mathtag.com
103.132.192.30
103.253.24.65
103.43.90.19
104.17.215.204
107.178.248.96
119.9.108.191
122.220.195.253
124.146.153.162
13.112.217.108
13.112.54.241
13.114.175.238
13.115.153.230
13.227.62.39
13.249.160.37
13.249.160.61
13.250.150.236
13.251.160.207
13.251.173.5
13.32.50.70
13.35.49.117
131.153.206.100
138.201.8.249
139.99.123.150
142.250.157.154
142.250.196.130
142.250.196.98
15.197.193.217
151.101.1.108
151.101.130.49
151.101.193.19
151.101.2.133
154.59.122.79
162.19.138.117
169.197.150.8
172.105.235.90
172.64.146.152
172.64.149.180
172.64.151.101
172.64.152.89
18.136.139.8
18.143.106.89
18.172.31.69
18.172.51.32
18.172.52.109
18.176.247.126
18.178.8.168
18.179.188.160
18.65.185.129
18.65.221.214
182.161.74.11
182.161.74.16
182.22.31.252
185.184.8.90
185.84.60.20
195.244.31.11
198.206.157.241
198.8.71.130
20.10.16.51
20.242.10.199
2001:4860:4802:32::3
2001:df2:a300:bbbb::135
2001:df2:a300:bbbb::136
202.233.84.2
202.233.84.8
203.114.55.135
207.65.34.74
207.65.34.76
207.65.34.80
207.65.34.81
209.191.163.209
211.120.53.201
213.19.162.90
220.150.223.50
23.106.127.170
23.106.127.49
23.106.127.53
23.106.127.56
23.192.45.97
23.193.119.42
23.195.84.29
23.208.233.60
23.219.68.21
23.32.225.214
23.36.17.70
23.40.149.101
23.40.149.60
23.40.192.176
23.45.56.240
2404:6800:4004:2a::8
2404:6800:4004:80f::2002
2404:6800:4004:80f::2003
2404:6800:4004:813::200a
2404:6800:4004:820::2002
2404:6800:4004:821::2006
2404:6800:4004:821::200a
2404:6800:4004:822::2001
2404:6800:4004:822::2002
2404:6800:4004:822::2008
2404:6800:4004:823::2004
2404:6800:4004:824::2003
2404:6800:4004:825::2001
2404:6800:4004:825::200e
2404:6800:4004:826::2001
2404:6800:4004:826::2002
2404:6800:4004:827::200e
2404:6800:4008:c07::9a
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2406:da18:929:5a01:db97:beed:e1eb:844d
2600:140b:1a00:16::6007:2786
2600:140b:1c00:1d::17d5:b8b6
2600:1901:0:6ede::
2600:1901:0:80::
2600:1901:0:e207::
2600:1f18:ed:550f:19cd:1b39:81f3:b82c
2600:9000:21ee:c00:a:e047:753:a221
2600:9000:221b:4000:1a:5235:f980:93a1
2600:9000:26a6:7400:10:dd8:5e40:93a1
2602:803:c006:158::65
2606:4700:10::6816:3556
2606:4700:20::681a:8a9
2606:4700:4400::ac40:994e
2606:4700::6812:18ad
2620:116:800e:21:46d:7e81:55ff:4c12
2620:1ec:21::14
2620:1ec:46::46
2a02:6b8::90
2a02:fa8:c411:11::730
2a04:4e42:600::485
3.121.129.13
3.163.125.14
34.102.146.192
34.102.149.137
34.107.140.113
34.107.148.139
34.111.113.62
34.117.239.71
34.120.135.53
34.120.63.153
34.120.63.33
34.126.167.117
34.149.101.235
34.149.40.38
34.149.50.64
34.160.89.38
34.215.54.7
34.96.105.8
34.96.70.87
34.96.71.22
35.166.98.197
35.169.223.36
35.186.193.173
35.190.39.111
35.213.109.249
35.213.12.39
35.213.93.179
35.214.250.125
35.227.252.103
35.244.154.8
35.244.159.8
35.79.210.119
38.133.127.31
46.137.237.145
51.79.154.29
52.197.36.57
52.198.126.9
52.198.81.56
52.223.2.229
52.38.45.160
52.46.130.91
52.74.118.249
54.157.109.0
54.162.155.223
54.168.163.54
54.168.29.35
54.179.210.192
54.183.183.27
54.183.254.196
54.199.91.241
54.239.33.159
54.246.67.235
64.120.110.136
64.120.110.138
64.202.112.191
64.38.119.44
65.9.42.6
67.202.105.21
69.173.151.100
69.173.158.64
72.34.250.75
74.118.186.106
74.118.186.107
74.214.196.131
8.2.110.134
8.39.36.141
8.39.36.142
80.77.87.163
82.145.213.8
96.46.186.182
98.98.134.242
99.84.133.64
99.84.133.72
01c9ca897b40f739de756720a10f0d3af3059cfe9bd5f3a671c5c829983c29d7
02bf5b462eae979ef60c44897dfb7cab9b05a8a1946e52499a6c1f35d3ede7c3
02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05970823af7be0c00f3e1e55b9d1e585e0fe37f768a489541e8f0970743868fc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f3077b5c4864cb4b33f8ef8958974f2fc1462bd1cf00cfc6a70bece437eba6
07fa4c276943b5d87faf65f53aad6b1b93e9c8caebde9514e0a92451f49417ea
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08c7be977f5f6edafb417592bf5d1f9a53bca1aecc5fad535a11437d0de18c0f
08d1d63ea6c2863ab1470846acad68964cd766b70d124102c400330e736e4ab8
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a0c4ac33ec939332c3b5f9d140b022e12b6560f69c2aa5cb9895a73abed9ea1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c19b142ffa1ff2967e598b724045f1f8ef45122f8e51928b18823859d880793
0df65069bfe9b408ce6ef9cde8e9f1ce992ba78597c8e759794582c66d144756
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11b97f0d2bf0d06578ca65b07d0cc1044e8ebba5ee341db2dbd30dee3287508e
120d76e6939f747dfd8f5632cddf8d86a70b72df85395fe62cb4e1624cd5659a
122ab4c35f77496004124ffef2a86971276920136dba4e7e12302b3a9c66c640
13e225b98630b9ea6c23c7cdac4e8e07b31aa3a69460176bad8c6ffcc340f7f3
14315698ffedf4372a716c3d6e5d68a7da0695362fde2650b12f78b464d93636
144bf616a365ec876645cfdb1b0dc10b7eee4a4f629dbf232bf60c7f23fc839e
14a9a8ab064c8e5206a70575f54410435c029868c65dd1a08f9a8f9fc6a255cf
15a7e1f444d86993334bf66579cd581d92fe7ab3448a343b0456ae5df1af76cb
16b4c4c27c79eef96ba7df616c599778b09cd10514a712831d471561b8134a86
181a30de2bb4863c9992ee98505c1c41dd940d2008f7575b8f0a0895ca7a94f2
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a4323e91286ffc9dd1ccb7af3171e11673dd4cdabe16a4d7775c17c101db5f4
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1cf0036fa9823c7e4693370d69ccac23947aa5915d326aec10d748f9686d8773
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e4976bfe4dc43b6c6254d9acaa871262ed5ec95e4a0033080c21c3e758f1108
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
22368ade73fd8b8868f30e1a200e51e9c5c6de3117f5ed52dea94dc61dcd57c8
23177446c584fc9873e9ed321e9936cc6baa4199bdd1ae67978b84d40f261a2c
24fe9e0f2eaa5caaca07ff3509ec72b8a4c958e80e2902f1aba39e3733cf1a04
252291b67c643c0c847e52b81a296dbb93c31096073b4c5ce43dc69e664443e9
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
28b6b9f758238df0c55cd333987cbd7eee2f3c2bbfe488b0c2e20775e46d4f6e
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
28cf9b6d89019dbea0bde05bd44ce26cda0650c0d1d3d07011168479b2cb83c3
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
29ff920b4ebf7aa8620b45add1e02d7169136cd2dba8fd4b441b2c859c4f2844
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af16ca16652e29578cc192ecbaa5063290fdc830185fd76682752d50ebb64ff
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f866ee63cfae613128f652f897fb09b3ba8c36f6e6d74557f30afcd3ccc8b97
315e30de3d6c5382367fb5dd29da6533868c12a5d391cf25dd5da6902657367a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3207990d16debf1ae6aa000f66c088e422c53d1b38369b0ecf769eff0e2f41d4
3225e038fdda012e255d799c7a4115b7850cab7c835423d1c6fa1e9d719176ef
33162c7518751a15ae6af0de3ac0314d9c785e1fcde09bcf9528881343a2a754
3457db4f7acd890c1f8d5c5b356d605a090270e8cef09fb6702a85125604a142
360e7ae63d4c89f2f3c799e83ad6400bbb444fc5e04df69358688345752cef35
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39cf9db0529ac86c087d148330d7f4ae2e08655a7df99c9e2331a07fc3da91cc
3bbf90cc0bb83c5d8407e588a3fc8fb2fe93fe23715d1977da92771bc23cb02b
3d364ad62b4e8acd724499aa1ff05d28fff657f5f7afb210ccdcd3c5b22f06fc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d837f6ed7b5686a748ccbf89496fe657531fd9dbb6965b3ad4551bbc5a47260
3e0fdcb6dd06649ae6ba0cbef5385d38a8c238ebb95bce099ef77f24b6bd56d5
3e45d56039c878a6f6ef00d39498e684b51d822df18dd7530a0b1bd592af6bcc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ecdca80c09f6348bcc1c1199630dd33cdad2e8ae24ae213521d57a87c5fb85e
3ed102f108bf43aed4c91e92deab9af336b79aaab14a455de5a418bb9594a2ec
3ed69183ab5245ea31f4e2e6a670db833c3f7649179d3d00f638508e63a55e5f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
424a87e790df4787b169947ce05931319dc8662f08878b530d22cf9795b4b917
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
434a27a755df624ef8e96d3cda43be29b48ae812d2c389610acea954251dafd2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4662833a34e8c61914e075960e94213f643d85f821d49bb03064eddf152e5465
4669d5a09b42cc50c009cac5d36169e9a576a879a64088d9a0c25f94b6054482
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49daf7bddb14b814b7423b31c4ff574e2c73fc909fe098a18acf44c42069e5b5
4aff2dbc290ef946ca944eab2175274b3a803b16be762da0a29e9861ea0280da
4b06ba793e69ef11e207e963ee51df9a2e302b986d4dae7a799ecabdc0a1c317
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ceccebc9a84ac6bd5dd8db1b6ae99496c939343d6236e77d698467ba411c157
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e53e61e1f45332774aeaefcf657a45c219dbf353f7d38439e90fd3ff22ec562
4f5a434c605845065a1c5745795b0009df7c7caf096c57622227a4a463361947
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
50a9e638fae4ea13bf2ef31f21be3a68078bceea5742c34ecb0879fecf417de0
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
524913564edf0c9478d5753cc879a62b84212882620b4359ea7adaf69e367ce1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548aac3bf4df86088db606059800c4f9a031b6057b6c689d6b5f5c855d2c6419
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570cfc7c7a4d40636f8e016e1dd9771b906d843323f8181aca1c516c6a80ae56
5904906c741444b9c0abd8d0c0c7d60777303d26acb15634526df785a01c98ce
59c232bfe97c26ec02ad0b8365b3a4336a1926052fa237dd8eb5a09b8d0dede9
5b99ab7834c232ed86e63cdd6a4adc11722b1901a656353539e1e1e14dc2dc82
5cb844d95060e2ec3606cd6b4b8837f774e34b66789a653aa71777e8a4c3d37f
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f93c9a29577679c81093b0231938d9447bb19eab9ddd87b70982a27ebad0294
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
600bb27e200c759dd102cca8a10c9b00ccc4a72dbb800a8b190575d6280aaea0
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621dfc59a9a0fe232f505a81cfffe4ca458cc2adf327b1921f0dd3c08927cb9b
635fab3de832bb96f4fa01924f8d24e520ff25007fd12ed2c9348ff9a81012ac
6482844c6760677bc7ca230ccb237ec7b31293b27411a4ff51de7c39284b87eb
649e11b52d50a771f04cda5605548ea7d3b7bc92c656e2807a282ff1ca1c30bb
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
6699098eda673294554a566db12af587cbf587d9da43a52e3589b00366680c6a
671bf97817ffbfa377d13363e433de6cbcdf24c7e37ded61d8f4824e6e122f3e
68dbb5a085036cb737af1f0703ecbd6ced9e1c57548b1cbe493a322d5e5c51a2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aab65daf8ba7d34f28fe5954462f0867ef9a1ccc9219cd154bca774a8ca7aba
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c223fd9906253a79f4e8f45da18313f220a64c394c06475734c17fe601436c9
6d99b2f0f98279a5132a90d93be77fdcc22df7b7b4d1e19d5dfb7d3d94d0cfc2
6ec7a097a7192b83469b512ada325583555ce152f380de11e46d42dc4ed1e6e9
6f426cfa915f36a202d5ef1ba0163d13e7732c4f3606bc2c008f7dc7a34bd30c
70556604fba5aaed7d25512aaef499ac159c83f649fc37278902721530e703c2
70d36663b946a5388af90383965c828c6d2eecbd5b86a8d13125a9f650a1995e
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
72faaf41c178e3849db8e45aec8c03b68451c6581dd85b6e2323a69636cda4e8
73171b7241862b9c6c101f1377b65034ce73dd7a338b852bb5a86491e56c9d0a
75d303f1d95b291ff03b32fd43c7a26234590cace6277a1e4283c3c3a1ee8ccc
7898f719b509f17f1855831725ea5c69f53ea3d651e04497b9dbb1ccb1452f5a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b0c0d4ca2632e4d16d957161075dec5db5f07e6dfe55282d08271dd129ca1e6
7c0932b9b780efd436550e9f7b6ee16c3686283bcd15f7237f06c62ce062a981
7c1d3fddaa47713d56e932a149074f5f74ca73122420da8968f7bbdb1d3c56b6
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7d13e9d20d69b624a713457bb9f9fb74d7176f0f75191ef5145a7291315beb6a
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
802dcdd50c71f2f2fc1f72b0af6fb13be6f999fc72ce1abe1707dc7a0ec4032c
81b25549b89a0560f27fb0fed93326ff9e06cf06e7d86796e0d05d1842c083fb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
841de43316a3de4228310425ca43bd49df9cc8311512db2487916bbdf1e6c1cd
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84c8a0084caa6f333311fffdf06db3ce6c67256facb27db8c81bf4133a2730a4
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
87bee1336610084d5810e81b2800eeaf500a267763e931771354672ab95b8ebc
89dea54e9f5622abca99a3046c4658237d041dd74d22c6c3a0bb0981a05fee56
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a09d7c0a9427f00ff8107d5c9c7177990e8dccb432944115455ddb901ac8eb7
8cc1b8a14990c0301920f73c21a1646471667187a3fbb5e89c8ec5cddcb8cee5
8cf335945fe47ad3deb2b81e851f842093439b785e19a035cea8d0014b0beeb3
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f15691717e160fc8bbb82e1fb6428bb03bfe9d65d2fe401804b8d6ac3558673
90aea2f30bebdfdceb7b9994ccac1d67fae724483cdc55090f2d128a31464124
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
928e8002ce449d8c16b32bfd20f0a9d71c95f3e8e5a9b316d23a445bb855bd87
95f490ff459cbab53a6b40cf2c8e030c3541e8e88315bf8131257f0a4a087682
97ce2163d16034b914986061d0d9d78c3d8ac6c83a589aefa1f90bc0f9f6889b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99ab13ce0b9cb21179630175272772f1fe7c92f605e81549d467d9f8b6135f53
99bc3c39ee74dbb17de93134f6f8746455c9e77d7f0cac50e9fec8dfc5c9c460
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d328f0c600851a44ab661eade2bec8ae832f86f982d8791ddbfac6df95c2fb0
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9efc6c4aab7e628119f8546d2e40d3eaa493ebc5e5d3400ab6b5369af3204c25
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16c157e5c302fd401aaa628e4dc152616b6da8a23e66a448ac331b12b0def85
a1d2e27d0e548e0b205eb1b32fb2f07f834ea5833f2bafe014fb4e0a066b2bf2
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a38abfa305ffadc6906662b8c99423293bf1b510c16a818d2a3c2186062af378
a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d
a3f5fc0947a81f10b11ae80b6f5e7281a773c8908da83e184d44d709af341276
a43544169c4b4a17e54db329bcc42a2f331dd5d20000baaaee5b00fa6ea2cfbd
a48c0ffc09a8d7a37b3510d6fe1d980b86ee7ab74431424141fa3cd52b7b6b9a
a4ff1a40b43ba34c62af7cf45052ceb1c13245f71b78d2f95e608cdf40f0cdb9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a77bc860ac98528e1181e8157fe9558e614c96fb4d4c88e4ae6e6b9998498d44
a862a2bbb0aee7107ed08a23ed4da296628519505e48ced9a9c3729a7369c79b
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a9c07b050df273114f3e17c2dc6924c20662ff89667c59d65c5d73b484f366c8
aa208aed83e650e742d48599b2ac8f9a1ad92afc7a456df4d1d2c382fd79e6f7
aa8683ee5396b1708847b8b1d75229976822afa279c40de023f5dd934b108d5a
aab3fc6eced27959ad03c871a651ad91cfe02027f98a373bed59ad8682b5971a
ac2152b40898c64012af3792701b4c3fe524149ddf72519558e9a687ed1843ba
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad51a10441f8064543712718730d11101a849e481cfc7807cd5b3ab2c68c03ae
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af180de20554c4d1bb18ff381979ca63a039eb4100f0eff63531367ff591df4e
b03280d109fc654be1bfe06118dc2a356fcb7096df47bc690d7eb4a659d69569
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0517be2e55df99767c225ddbe836fc534d8255e172046cd92da0e79cbc6ead5
b0a99d6413ea693e9e088adeb2a2d3caec70ca8403ae6afe4fca80cc4e72705b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27917c2e31f2ed1b8abf6914462182d079017cbb8fe6e49877359dad7258cf8
b2ae6224f0ba101130c6dc10f077a29410440979850d8c1ca9897a469525a298
b3700588dfae9c8ffb70522eb10b1875c4c1dd68dd759d114ffc7aef1bc7afba
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5f7bc9856dfd143e1636429455337c0ca6b21adfac8123cde754dc62d997779
b63ff642c0e211c556cd8f01e89a2041a159db3d28f9ddaf739f562b1c9bc2a6
b6513af13fb33610c5347b48ff297b9f0a0c00681f18ea051b6a73341c339225
b8c91a8180c03c16e1554367b4f71f7396d6de86dc191cd06be078fc96290515
b9cc6500a2b3a9fe778f6d57bfaa2d31567f7d85ce99ce9787d368981a4eed42
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bae61a16aa555ef5ed0516ba79868c746b078d7e726348abe7239e5bb14f9f6b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfd11be8ef21e1c20fcbb1a97d6e90e07784a8b824d4ff3e76b2600527388f9
bd2dc5ff73a31b79f87af80cf00e31726f87c8a618d246432e9d047751f600ea
bf4996210079bb5133ad4ce79665dd9c3ac032746933b0d953ef4447bdb6a003
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c52e9c790b1f5915ae02dd317258dc8e084e58cd8b44bc8730d056af2de5e081
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c87fa1223238a2c6490541e860ef5942f84904f553c8c4cdc2b8d661fc0902a8
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c90c573886a47560b9dd06d6c0cfad152ecf1e7790a6f84fd76dc64ce0964814
c94499c964dd9a10f0b783e624b4ff4317f5681d1120c7d6d8caba39494f3ae5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caecc862a6f9263548e38276fda868885788b258263c3ab1f19f43a5394c51fc
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ccb7d8608f2ba9119b4936cdc809709625e29c84ff1b54ef97309924e511242c
cd54b1f844f2b5e636482c0ea239a277873e77e7424f1cc9544cf16161e92282
cd87306632f80257eb0e8b54df6d7ad4413297098a8364adb2df4c9172338455
ced9b47f237b5c58583e285c6229dfb989f0a350e6102d8ae751d3a7ae302ed8
cf0cdefb1bbc7eb31eb18ab2263a71dc8c66a209b55b38443f4295992ee2c45d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1e2098d1f9bdbc45c2fc6110c484d673440b7bb1950da5cbb320b3cbc53da33
d4d2a272fe18bc908e4e2d297fdb818ce64ad3fddd2fca568ad074764e425f8e
d6a5de5e6270ea3dc69c25898a50edce1c83f58e55bb725a7a254f3908e0279a
dab554bf5d4abe9408a3d6d8101c69a62e720da269e8fcf7b039bb72e25c71ad
daf9cb6c0348c974c087fd18ced4a6b67c5b43cfa7156ce72593670f0749c0cf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6
dd2564dd71f536a0d947b6d3b84e829776dd0cf7befc2e4f0cb74cf1f863e288
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de417041880b008d377d0c6e124b5ed6b201fd572ef265504eb87ae66741b64a
df54eb1c5857cd7f7c722d348a25501432a72efdfaad1a25381d86507be66bb7
e06bd254afa119f22385141b07f3dd99268860da34b66ac95ce25758b4959eb0
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece
e1ab13ebcd248d6428f56396352cd47366821adb58d0f811d3e5d8e13b0c4d08
e28f2d73036a667e1851751c7f34a95c83a4d60786c2c4e574fe2a93e89cb26b
e2e9e49a87430b94e4fad38cdf1db21b9112793daaae8f4256266b6132a3b3e4
e3129a52ee55db8dd06b9d94b5ed1805e8c92e534def029a87e0970f1afb9043
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7fd761323bf82208b6142a8a0634bf9f659cc7a1db9585241478d8d4b91c049
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8bf87dd7b1f90a1604cd94a6958d82af26456e2c6330c93a707c85ab6228f12
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9918fd5d45b0a2da38d234ac4abaf55f87e69fc22a1a009026a7b824a8bf72a
ea4d57f8228d2e1640f39f747b49691d9aeeded3c5f439a187e7d5abd6434756
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
ec2c6dea4df893211b0dfe8cc06d87d562a0c92207da48b683469391a0dd9fc5
ecc60032d018f0cf5077d5fd056fcfbcd9cd0d17911c25ae0c1fd0629e9d3340
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
eec8bda98b441a8ad73de47cc3faae7031e1cb9fdf9b08da027494d0f16ca441
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10a983f7aa9131bf54814657b896c9fd5b0b56e2ad8fae1e5f6e68d3b9533a8
f3e22a3b92fa72f3f7556368084f33f495506c9d4fe7ce57b13cf01cf7d76de4
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
f4db6dd6208be3dcb20d2ddbb890cd1d21a0e18550621e21785eb90f3a382cf8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f9d0e2e0a6f15a4cfe999b42e49a03fdb94398f8f3a734e4fba4db9e10c4c673
fb33baf9069ba7ee938ce89a85de3a6488bb11f2400d989fc1e28d75f6f34601
fb5872cd33d6e477aac9a28f118abe689fbfdfd114a735671e7bd0e3900cc282
fc6698a8265c559b0d6ae12b4ef40f9453eadf4135db0a54fbd34037752747c4
fe3f3b033e004de389d431e281090fdcca18954ecd1f5889d69bc13cbbebe90b
fffa5be6cde7a868d981bc7f448832bd64722891b230d2ec66b911b4343988de