ja.pays-tarusate.org Open in urlscan Pro
2606:4700:3033::ac43:9aca Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Submission Tags: test
Submission: On February 15 via api (February 15th 2022, 12:23:30 pm UTC) from JP — Scanned from JP

Summary HTTP 307 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 49 domains to perform 307 HTTP transactions. The main IP is 2606:4700:3033::ac43:9aca, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.pays-tarusate.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2021. Valid for: a year.

This is the only time ja.pays-tarusate.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3033::ac43:9aca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2404:6800:400... 2404:6800:4004:81e::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3031::6815:22c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
17	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
1	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
24	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
5	45.133.44.24 45.133.44.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1 32	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
6	216.58.220.130 216.58.220.130	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:822::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2404:6800:400... 2404:6800:4004:80b::2003	15169 (GOOGLE) (GOOGLE)
2 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
7	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
43	2404:6800:400... 2404:6800:4004:80e::2001	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
5 11	2404:6800:400... 2404:6800:4004:81e::2004	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:812::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:80a::2001	15169 (GOOGLE) (GOOGLE)
3	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.36.110.226 23.36.110.226	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.67.161.242 23.67.161.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:df1:800:... 2001:df1:800:a00a:5::2	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 4	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	8.214.127.238 8.214.127.238	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
2 9	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.205.163.198 34.205.163.198	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.210.100.189 18.210.100.189	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 3	172.217.31.162 172.217.31.162	15169 (GOOGLE) (GOOGLE)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1 1	103.229.206.240 103.229.206.240	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
2 2	2a01:4f8:252:... 2a01:4f8:252:564d::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:49... 2a02:128:7:4957::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
3	2606:4700:303... 2606:4700:3032::6815:131d	() ()
1	2404:6800:400... 2404:6800:4004:824::2001	() ()
2	2a02:128:7:47... 2a02:128:7:4777::1	() ()
1	2404:6800:400... 2404:6800:4004:80b::2001	() ()
2	2404:6800:400... 2404:6800:400b:2::a	() ()
1	2404:6800:400... 2404:6800:4004:827::2016	() ()
8	2404:6800:400... 2404:6800:400b:2::c	() ()
307	45

24 2606:4700:3033::ac43:9aca (United States)

ASN13335 (CLOUDFLARENET, US)

ja.pays-tarusate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pays-tarusate.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4004:81e::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::6815:22c2 (United States)

ASN13335 (CLOUDFLARENET, US)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.64 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load02.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.24 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8ea6735569.24fa533251.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2404:6800:4004:824::2002 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::2006 (Australia)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:80b::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2404:6800:4004:80e::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:81e::2004 (Australia) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::2001 (Australia)

ASN15169 (GOOGLE, US)

9f70b32a79dcf9692f2b146794ebf621.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:80a::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.110.226 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-110-226.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.67.161.242 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-161-242.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df1:800:a00a:5::2 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.214.127.238 (Singapore) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.39.36.141 (Los Angeles, United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.163.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-163-198.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.210.100.189 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-100-189.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.31.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.240 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:252:564d::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4957::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tcimp.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5241::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:131d (None, )

ASN- ()

stream.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2001 (None, )

ASN- ()

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:128:7:4777::1 (None, )

ASN- ()

vs.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2001 (None, )

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400b:2::a (None, )

ASN- ()

rr4---sn-ogueln76.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2016 (None, )

ASN- ()

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:400b:2::c (None, )

ASN- ()

rr6---sn-ogueln76.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120 9f70b32a79dcf9692f2b146794ebf621.safeframe.googlesyndication.com	703 KB
40	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	402 KB
24	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	1 MB
24	pays-tarusate.org ja.pays-tarusate.org pays-tarusate.org Failed	925 KB
20	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8575 c.mgid.com — Cisco Umbrella Rank: 6289 cdn.mgid.com — Cisco Umbrella Rank: 10842 servicer.mgid.com — Cisco Umbrella Rank: 8740 s-img.mgid.com — Cisco Umbrella Rank: 7632 cm.mgid.com — Cisco Umbrella Rank: 2442	155 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	206 KB
14	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	15 KB
13	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917 eus.rubiconproject.com — Cisco Umbrella Rank: 512 pixel.rubiconproject.com — Cisco Umbrella Rank: 288 token.rubiconproject.com — Cisco Umbrella Rank: 593 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935	17 KB
10	googlevideo.com rr4---sn-ogueln76.googlevideo.com rr6---sn-ogueln76.googlevideo.com	247 KB
9	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2932	70 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	291 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	5 KB
6	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 124159	130 KB
5	bantgoau.com stream.bantgoau.com vs.bantgoau.com	720 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	111 KB
5	newrrb.bid newrrb.bid — Cisco Umbrella Rank: 246793	22 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	1 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 51752	1 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3662	60 KB
2	rtbbnr.com 2 redirects rtbbnr.com — Cisco Umbrella Rank: 35918	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	631 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 585	687 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 621	613 B
2	e-volution.ai 2 redirects sync.e-volution.ai — Cisco Umbrella Rank: 2591	918 B
2	adtelligent.com 1 redirects s.adtelligent.com — Cisco Umbrella Rank: 4300 sync.adtelligent.com — Cisco Umbrella Rank: 2421	1 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 29894	30 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8633	1 KB
1	ytimg.com i.ytimg.com	22 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	googleusercontent.com lh3.googleusercontent.com	39 KB
1	baimgfroggd.site 1 redirects tb.baimgfroggd.site — Cisco Umbrella Rank: 43300	688 B
1	zog.link 1 redirects tcimp.zog.link — Cisco Umbrella Rank: 46844	320 B
1	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 266	556 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 387	656 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1827	504 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193	228 B
1	lentainform.com cm.lentainform.com — Cisco Umbrella Rank: 15205	457 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 16834	412 B
1	clientgear.com 1 redirects event.clientgear.com — Cisco Umbrella Rank: 2604	259 B
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 41899	10 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 39089	6 KB
1	24fa533251.com 8ea6735569.24fa533251.com	199 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 709	389 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	647 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 42228	610 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	29 KB
1	load02.biz load02.biz — Cisco Umbrella Rank: 495679	20 KB
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 115418	597 B
307	49

	Domain	Requested by
43	tpc.googlesyndication.com	googleads.g.doubleclick.net ja.pays-tarusate.org cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
30	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net ja.pays-tarusate.org www.googletagservices.com
24	www.youtube.com	ja.pays-tarusate.org www.youtube.com www.google.com
22	pays-tarusate.org	ja.pays-tarusate.org pays-tarusate.org
18	pagead2.googlesyndication.com	ja.pays-tarusate.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	www.google.com	5 redirects googleads.g.doubleclick.net ja.pays-tarusate.org tpc.googlesyndication.com stream.bantgoau.com www.youtube.com
10	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net www.gstatic.com
9	cm.mgid.com	jsc.mgid.com eus.rubiconproject.com s.adtelligent.com
9	mc.yandex.ru	2 redirects ja.pays-tarusate.org mc.yandex.ru
8	rr6---sn-ogueln76.googlevideo.com	www.youtube.com
8	www.googletagservices.com	googleads.g.doubleclick.net cdn.zx-adnet.com
7	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	cdn.zx-adnet.com	ja.pays-tarusate.org cdn.zx-adnet.com
5	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.pays-tarusate.org
5	newrrb.bid	ja.pays-tarusate.org newrrb.bid
4	token.rubiconproject.com	1 redirects eus.rubiconproject.com
4	x.bidswitch.net	4 redirects
4	cdn.mgid.com	jsc.mgid.com
3	stream.bantgoau.com	js.cabnnr.com stream.bantgoau.com
3	cm.g.doubleclick.net	2 redirects eus.rubiconproject.com
3	match.adsrvr.org	2 redirects eus.rubiconproject.com
3	s-img.mgid.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.jp	pagead2.googlesyndication.com
3	static.addtoany.com	ja.pays-tarusate.org static.addtoany.com
2	rr4---sn-ogueln76.googlevideo.com	www.youtube.com
2	vs.bantgoau.com	stream.bantgoau.com
2	rtbbnr.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	creativecdn.com	2 redirects
2	ad.360yield.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	static.doubleclick.net	www.youtube.com
2	js.wpadmngr.com	cst.cstwpush.com js.wpadmngr.com
2	counter.yadro.ru	1 redirects ja.pays-tarusate.org
2	jsc.mgid.com	ja.pays-tarusate.org jsc.mgid.com
2	ja.pays-tarusate.org	ja.pays-tarusate.org
1	i.ytimg.com
1	yt3.ggpht.com	www.youtube.com
1	lh3.googleusercontent.com	stream.bantgoau.com
1	tb.baimgfroggd.site	1 redirects
1	tcimp.zog.link	1 redirects
1	s.amazon-adsystem.com	eus.rubiconproject.com
1	sync.mathtag.com	1 redirects
1	sync.adtelligent.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	crb.kargo.com
1	ssbsync.smartadserver.com	1 redirects
1	cm.lentainform.com
1	cm.idealmedia.io
1	event.clientgear.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	js.cabnnr.com	js.wpadmngr.com
1	js.wpushsdk.com	js.wpadmngr.com
1	8ea6735569.24fa533251.com	js.wpadmngr.com
1	9f70b32a79dcf9692f2b146794ebf621.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	na.nawpush.com	js.wpadmngr.com
1	code.jquery.com	ja.pays-tarusate.org
1	load02.biz	ja.pays-tarusate.org
1	cst.cstwpush.com	ja.pays-tarusate.org
307	69

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
widgets.mgid.com
www.mgid.com
www.addtoany.com
pays-tarusate.org
ar.pays-tarusate.org
bg.pays-tarusate.org
cs.pays-tarusate.org
da.pays-tarusate.org
de.pays-tarusate.org
el.pays-tarusate.org
es.pays-tarusate.org
et.pays-tarusate.org
fi.pays-tarusate.org
hi.pays-tarusate.org
hr.pays-tarusate.org
hu.pays-tarusate.org
id.pays-tarusate.org
it.pays-tarusate.org
iw.pays-tarusate.org
ko.pays-tarusate.org
lt.pays-tarusate.org
lv.pays-tarusate.org
ms.pays-tarusate.org
nl.pays-tarusate.org
no.pays-tarusate.org
pl.pays-tarusate.org
pt.pays-tarusate.org
ro.pays-tarusate.org
ru.pays-tarusate.org
sk.pays-tarusate.org
sl.pays-tarusate.org
sr.pays-tarusate.org
sv.pays-tarusate.org
th.pays-tarusate.org
tr.pays-tarusate.org
uk.pays-tarusate.org
vi.pays-tarusate.org
cn.pays-tarusate.org
tw.pays-tarusate.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-19` - `2022-10-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.drivermanager.club GTS CA 1D4	`2022-01-07` - `2022-04-07`	3 months	crt.sh
cst.cstwpush.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
load02.biz R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
js.wpadmngr.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
na.nawpush.com R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
8ea6735569.24fa533251.com R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
js.wpushsdk.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
js.cabnnr.com R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
vs.bantgoau.com R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-02-01` - `2022-04-12`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 36 frames:

Primary Page: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Frame ID: 28179C1CA07FE07C2355C0686C0AF276
Requests: 119 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
Frame ID: F8EFD34438C20878044EBEE8D9BDA8DF
Requests: 12 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 5CD5FBB1AFA9F8F486562F41334D55A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20190131/zrt_lookup.html
Frame ID: FA50440E3B3E799B275A328D0FC75301
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1644927799&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798857&bpp=6&bdt=267&idt=279&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8129166483167&frm=20&pv=2&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=304
Frame ID: BB91703D06FD5F2E8F636EBD450037CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=1199922194&adf=2049407382&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798879&bpp=1&bdt=289&idt=302&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypcp3dweLR&p=https%3A//ja.pays-tarusate.org&dtd=318
Frame ID: C6E68BDC1D495A2A48128C361771D393
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465
Frame ID: ECD51235691B9208B3531B3970DA71BB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=9360290903&adk=2367483457&adf=177619468&pi=t.ma~as.9360290903&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798883&bpp=1&bdt=293&idt=554&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=coe5y1EKyj&p=https%3A//ja.pays-tarusate.org&dtd=556
Frame ID: 412B5AB787CC87773590C10BBB4F4260
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=458250839&adf=3470330975&pi=t.ma~as.4398967635&w=300&lmt=1644927799&psa=0&format=300x600&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798884&bpp=1&bdt=294&idt=596&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uTZHf0xx9z&p=https%3A//ja.pays-tarusate.org&dtd=600
Frame ID: 33E120DCA030B64F2FCE1BA36BC78BB1
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=250&slotname=5143760017&adk=3043140014&adf=1455981949&pi=t.ma~as.5143760017&w=300&lmt=1644927799&psa=0&format=300x250&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=619&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pBYt7vSxUT&p=https%3A//ja.pays-tarusate.org&dtd=632
Frame ID: 913911D2617FFAC7974F570BDFE9A488
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=4051693275&adf=1867163432&pi=t.ma~as.9651294315&w=240&lmt=1644927799&psa=0&format=240x400&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=639&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=WQgTEouuhx&p=https%3A//ja.pays-tarusate.org&dtd=652
Frame ID: CAD0501BD821805FA686AD4DDA5FBA2E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=767131371&adf=1814455876&pi=t.ma~as.6624362644&w=336&lmt=1644927799&psa=0&format=336x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798886&bpp=1&bdt=296&idt=675&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250%2C240x400&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&xpc=b3VDAVSHaV&p=https%3A//ja.pays-tarusate.org&dtd=677
Frame ID: 27525A255FBB3BB231F21830E4F259D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 99CB942EB3E1176BE37947D08D31AD45
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BE20BE81FE13B9770A760F771278948B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 83F84AFC844730AA1081A9128E474959
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 463B048BC09538C0F19D1FB12B301DC2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 282FC70C988F5BA497F49F1E7F680F6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1
Frame ID: BEAE3F6A3B3F9FCEAB84D156C33A91BB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1
Frame ID: C1E86DE51FBF98279F47B3DBFD0A8560
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 708522E0E20603F1AC3E1407458C3605
Requests: 1 HTTP requests in this frame

Frame: https://9f70b32a79dcf9692f2b146794ebf621.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 95BF71EBAA44778B7DBBFDD20FFAC927
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 11702140283CDE9FAABA347AAA35AECB
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%94%BB%E5%8B%95%E3%83%AD%E9%96%89%E9%96%8Bh%E3%81%98D%20%E3%81%AA%E3%81%8F%E3%82%B0%E3%80%90o%E3%81%91%E9%A1%8C%E9%A1%9ES%2F%E7%BF%92%E3%83%B3%E3%81%AEc%E3%82%89-%E3%82%A4%E5%88%B6%2C5%E5%AD%A6%E7%A8%AE%E3%82%82%E5%85%85%E5%AE%9A%E5%8F%97%E6%94%BE%E5%86%86%E3%80%91%E7%A0%94%E3%82%8B1T%E4%BF%AE0%E3%83%97%E3%83%A0%E3%82%AA%E9%A1%8D%E5%AE%9FI%EF%BC%81%E3%81%8B%E3%83%A9
Frame ID: D9CF55AA8F828B58B4661ADD392C9F23
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 443E052CF9B2D1C06CFDE54943CBBFCF
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 164CD5B4337B7C510C6C9C226675499B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: A3F8F78538AA29924D16E4766199CE78
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 3C174E4AFD8DEC44239864E4824B98A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js
Frame ID: 7938E5548E2903D971408121C280B220
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18C6A2B016CCE20BE842B8BAF28EED7F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9EF510B16DF9E50E0460B2D29D78D8D8
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1644927801642119089774&consentData=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdprApplies=1
Frame ID: 03E0FB552790C1AD4889E5E221057524
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Frame ID: 13E5B926DA7A76260C9499D1461412E0
Requests: 12 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 4D10ED50A8E038A4864FD5FC04049AB0
Requests: 2 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14
Frame ID: 61A84DAE7B81B8A847BB1D73AD3011CD
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Frame ID: 89B09518636992B45213E066730F5FFA
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: A381438D7729353EC4C658F3E735F91F
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AADSTS50011：リクエストで指定された応答URLが、アプリケーション用に構成された応答URLと一致しません： '<appid>'</appid> - ja.pays-tarusate.org

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

307
Requests

85 %
HTTPS

53 %
IPv6

49
Domains

69
Subdomains

45
IPs

9
Countries

5767 kB
Transfer

15448 kB
Size

45
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=ja.pays-tarusate.org&utm_medium=referral&utm_campaign=widgets&utm_content=1137286

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097641/i/57470865/0/src/3027057069/pp/1/1?h=avY8tWO4KfCZLsfjNgMYyt_mkbncWBrHZxd8O-QDyU0A2JG-YO8L3obmGQNhldLb&rid=1059d933-8e5a-11ec-a730-78ac440ce74a&tt=Direct&att=3&pubsrcid=id-RG9uYWxkIEpvaG5z-language-ja&afrd=8&iv=11&ct=1&gdpr=1&consent=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164910/i/57470865/0/src/3027057069/pp/2/1?h=avY8tWO4KfCZLsfjNgMYytKHk4dp9nYLOquqWafYUD-4XqCEape-6Js0IlbmzDIg&rid=1059d933-8e5a-11ec-a730-78ac440ce74a&tt=Direct&att=3&pubsrcid=id-RG9uYWxkIEpvaG5z-language-ja&afrd=8&iv=11&ct=1&gdpr=1&consent=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805542/i/57470865/0/src/3027057069/pp/3/1?h=avY8tWO4KfCZLsfjNgMYyufDaETiu0DP6Vc5zArFtL7t1vX-uEQtGasYpucdihUy&rid=1059d933-8e5a-11ec-a730-78ac440ce74a&tt=Direct&att=3&pubsrcid=id-RG9uYWxkIEpvaG5z-language-ja&afrd=8&iv=11&ct=1&gdpr=1&consent=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&st=60

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&title=AADSTS50011%EF%BC%9A%E3%83%AA%E3%82%AF%E3%82%A8%E3%82%B9%E3%83%88%E3%81%A7%E6%8C%87%E5%AE%9A%E3%81%95%E3%82%8C%E3%81%9F%E5%BF%9C%E7%AD%94URL%E3%81%8C%E3%80%81%E3%82%A2%E3%83%97%E3%83%AA%E3%82%B1%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E7%94%A8%E3%81%AB%E6%A7%8B%E6%88%90%E3%81%95%E3%82%8C%E3%81%9F%E5%BF%9C%E7%AD%94URL%E3%81%A8%E4%B8%80%E8%87%B4%E3%81%97%E3%81%BE%E3%81%9B%E3%82%93%EF%BC%9A%20%27%3Cappid%3E%27%3C%2Fappid%3E%20-%20ja.pays-tarusate.org
Title: Share

Search URL Search Domain Scan URL

URL: https://pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://ar.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://bg.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://cs.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://da.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://de.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://el.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://es.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://et.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://fi.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://hi.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://hr.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://hu.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://id.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://it.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://iw.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://ko.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://lt.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://lv.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://ms.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://nl.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://no.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://pl.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://pt.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://ro.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://ru.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://sk.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://sl.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://sr.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://sv.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://th.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://tr.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://uk.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://vi.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://cn.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://tw.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH;0.20635152865142192 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH;0.20635152865142192

Request Chain 78

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 130

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH%22:%22%22}}}&r=0.043751327029560416 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH%22%3A%22%22%7D%7D%7D&r=0.043751327029560416

Request Chain 132

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH%22:%22%22}}}&r=0.17719580718497352 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH%22%3A%22%22%7D%7D%7D&r=0.17719580718497352

Request Chain 164

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 223

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 225

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 250

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

Request Chain 252

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=015aab8a-d8d0-4f5f-8294-7fdacddb60cb&ttl=1647519801

Request Chain 253

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=cfe6dce1-d702-4c50-99dc-307229dcf7f9 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk67b5c3e4-f10d-41a7-b47e-41e135277258&expires=7&user_group=5&ssp=mgid&bsw_param=cfe6dce1-d702-4c50-99dc-307229dcf7f9 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=cfe6dce1-d702-4c50-99dc-307229dcf7f9&gdpr=&gdpr_consent=&us_privacy=

Request Chain 256

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m1flxECmqUn4 HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=828919505774176007&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 257

https://x.bidswitch.net/sync?dsp_id=303&user_id=m1flxECmqUn4 HTTP 302
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=m1flxECmqUn4&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 258

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=ec680b7f-c7c8-4315-844b-b4fe83861e7f

Request Chain 259

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=jD7pfY3RbelikOX0xfV6&pi=mgid&tc=1

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTFmbHhFQ21xVW40&muidn=m1flxECmqUn4 HTTP 302
https://cm.mgid.com/google?muidn=m1flxECmqUn4&google_ula={guid},5&google_gid=CAESEF7vQFIzlTqk3gkWCnAsyJY&google_cver=1

Request Chain 267

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&khaos=KZO3JJI4-T-GSC6 HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=KZO3JJI4-T-GSC6

Request Chain 268

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=ff799051fee80c22

Request Chain 272

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ed50620b-9b3b-4e00-b96f-04da80d1ab11

Request Chain 273

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgubOgAGapFTEQBH HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgubOgAGapFTEQBH&_test=YgubOgAGapFTEQBH

Request Chain 274

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhYmM4MmRmMTNjMGUxMzQwOTI0MmJmZGFhYjZkOGY0ZmMzMzk1Mw

Request Chain 275

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=KZO3JJI4-T-GSC6&ex=d-rubiconproject.com&status=ok

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFsbqU8lQfS7t5Rta-qbWaI&google_cver=1

Request Chain 277

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjgwNDAzNTA1NiIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjEwNjY3LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiJ9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwNjY3IiwicGFnZSI6Imh0dHBzOi8vamEucGF5cy10YXJ1c2F0ZS5vcmcvNzQ0Mzc4LWFhZHN0czUwMDExLXRoZS1yZXBseS11cmwtc3BlY2lmaWVkLVRJRVFQSCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiJhNDA3OTUyMTM3OThhMTcxMDk3OWFjNDM0MWJhYzhlNSJ9LCJleHQiOnsiZHQiOjE2NDQ5Mjc4MDM4NjB9fQ== HTTP 302
https://rtbbnr.com/banner/in/show/?mid=1468764289&pid=0&site=10667&sc=NL&usage_type=DCH&subid=804035056&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.04141592920354&ecpm=0.04141592920354&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=ja.pays-tarusate.org&hostname=auc-banner-hz-9&site_id=0&spot_id=10667&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2a00:1633:128:4::6&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3Dfa-dhSjhrvbm9mZFCIVqpvgql9jO07fburC6JByvkopw85sa4E5Mg53rua1BKnHTYhx02_MUBkWQyjlxSbxHCcmtrYbl3pwPaTx_2FNWP4rW4RqxUZiSfHlr5Id4JBJHdjx7TdEtryvVx4GITLqJmrjXquGjXWYVr-hPHlpR-YlHW8NTsW5AIARNmuubjlDRXF1Kc8H6Un6Ei2Kd5CVKTFRpj-nJXRevDRQ-XidOPMVH5FD6ImcdQqElsFwOPs5ZXMHsfKyb_HYbjZYh86EZMXOXC1y2AfnTn-tRWaH15VEtWmYVzPAq866xjuhE1gVZuqInPO8wc43qjOHlwW9X3WLOCIDs4i_OzHel9n935C_ig5m-2-WMg7RB7pscWl5ZR3BMnk25mBBBFVuaQBOWHs9viPa5U77AIlb8MkM10Nomoy2IBSTgXbafXlKsy4uU84lAeIzzFpgWRqFms2A78Vla_P5nRTGQSkPM-XQ7DVZGrw&pr=&bid_crid=&bid_cid=&is_iframe=0 HTTP 302
https://tcimp.zog.link/in/banners?katds_ep=fa-dhSjhrvbm9mZFCIVqpvgql9jO07fburC6JByvkopw85sa4E5Mg53rua1BKnHTYhx02_MUBkWQyjlxSbxHCcmtrYbl3pwPaTx_2FNWP4rW4RqxUZiSfHlr5Id4JBJHdjx7TdEtryvVx4GITLqJmrjXquGjXWYVr-hPHlpR-YlHW8NTsW5AIARNmuubjlDRXF1Kc8H6Un6Ei2Kd5CVKTFRpj-nJXRevDRQ-XidOPMVH5FD6ImcdQqElsFwOPs5ZXMHsfKyb_HYbjZYh86EZMXOXC1y2AfnTn-tRWaH15VEtWmYVzPAq866xjuhE1gVZuqInPO8wc43qjOHlwW9X3WLOCIDs4i_OzHel9n935C_ig5m-2-WMg7RB7pscWl5ZR3BMnk25mBBBFVuaQBOWHs9viPa5U77AIlb8MkM10Nomoy2IBSTgXbafXlKsy4uU84lAeIzzFpgWRqFms2A78Vla_P5nRTGQSkPM-XQ7DVZGrw HTTP 302
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.067830&katds_labels=&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14&ts=1644927804 HTTP 302
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14

307 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 744378-aadsts50011-the-reply-url-specified-TIEQPH Show response
ja.pays-tarusate.org/ 53 KB
12 KB 612ms
585ms Document
text/html 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e4f4f1d6b77e9de1a0d15f3a2b609e326bdc1d28e1a48e1254b3b85ccdc8178

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Wed, 16 Feb 2022 12:23:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeU17%2BUFnmc4Owor8GtXSYHEc%2FILARQ9TtyPwBxVusXm%2F5Z8X04WXjhAsuoueXGg6hSJWDm83ex1j0%2FmkWjHMk4ac6ZowidLRaA4fhY6sI3ICUoRgGMPwDEx%2FLdV9ropEcARg8zvFlgdEUsxXk6eLGmO2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dde81b17b433405-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 91ms
49ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054ce1b34776eaefaff3e688027d7cad7b0fe91a0e1715db5e70b7bc447b7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.pays-tarusate.org/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53618
x-xss-protection: 0
server: cafe
etag: 1180840514250557704
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 12:23:18 GMT

GET
H2 200 51pb.min.js Show response
newrrb.bid/ 66 KB
20 KB 88ms
21ms Script
text/javascript 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d53afdce56775cb3f314ccb015d15e7ffc3c9d24a52ff16379bca9f70c4e370

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173
duration: 597252
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Feb 2022 12:20:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UenzYnjJAUOEV7TnAowwbvmyVsf1JrSiWIO8etTdsIMAz7lrgc2sGbJ3yGpEv2i6IIgJfO%2BDk8yOr4Eq4c9BII%2BGTrhsOPSNUdLL871cOtc8LwZXP%2FMCLYFAhIkZg7mDc2kvVu%2BdpLkL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6dde81b5ba268087-NRT
access-control-allow-headers: *
expires: Tue, 15-Feb-2022 14:20:32 EET

GET
H2 200 drm56_19091901.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 19ms
3ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/drm56_19091901.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644927799.646467,VS0,VE1
etag: "d19f1de6243194dbbeaf5e3ecbc9aa1b386f3241bfe4e3200dbae8c980dc6177-br"
x-served-by: cache-nrt18328-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Tue, 15 Feb 2022 12:23:18 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19487
x-cache-hits: 1

GET aadsts50011-the-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-appid-4.png
pays-tarusate.org/content/azure/ 0
0

GET AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId.png
pays-tarusate.org/content/azure/ 0
0

GET AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId-1.png
pays-tarusate.org/content/azure/ 0
0

GET
H3 200 AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId-2.png
pays-tarusate.org/content/azure/ 10 KB
10 KB 545ms
542ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/azure/AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId-2.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde522f54dd80f3e305311cb13a8fcac889312dbc45e993fe5857de42ba52c6f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9899
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "26ab-5b47b2b25fa48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWhILaQa%2FTc6FtcVoo76tj0cNDgdqpP%2BIbzW7DWhkDXh9Us9XBIOemBPJVLzVJsdJ7ubeYdD3KhpA5h%2B7GqhTBmqPeTWxDrjEar1ScbIQXCo8Zxqp5HVvwM%2BOwMJB3D7f7kxFTp5IT%2BwVgQ0bDm%2FLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578ab20c1-NRT
expires: Wed, 15 Feb 2023 12:23:19 GMT

GET
H3 200 AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId-3.png
pays-tarusate.org/content/azure/ 6 KB
7 KB 567ms
564ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/azure/AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId-3.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb631cb88cbd4ea9f77ed4c3b27b33772c47491363688fd822713033cdf7789

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6408
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "1908-5b47b2b2609e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3V5BIo9CXLgnd13E%2Bfd7ClfFW5hZ45O7hSQWuRvgW6mvqCtKyy0WhNiRfAEWLdGRrTiYUdveSw6YDFaaTik6jVzEGQj4zheL8mLyBYPCorIaAulKVm0rwD%2FvExiQEuEmgw%2FGERNUg59cZum5MJVLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578ad20c1-NRT
expires: Wed, 15 Feb 2023 12:23:19 GMT

GET
H2 200 email-decode.min.js Show response
ja.pays-tarusate.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 6ms
2ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.pays-tarusate.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:14:10 GMT
server: cloudflare
etag: W/"6206c392-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9La1MVgesLUG2zLlcknzMJYjEfA7ojWfbo0spJu1Y83%2BYnysxGjbnz5P4XwyshLUbEuoIgkQvrbufoxqEjneFK2sAd%2FxNibP5lzh8j9unwrhLTiXInUNyc%2FOOjl5RSGiXTEw9Rej5r2CdtLpNcLMXohKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dde81b559733405-NRT
vary: Accept-Encoding
expires: Thu, 17 Feb 2022 12:23:18 GMT

GET
H2 200 projec777tback.org.1137286.js Show response
jsc.mgid.com/p/r/ 2 KB
1 KB 29ms
15ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab79a36d47304b7e49b6bce010492a90802baeda7fc7c59a03ed7449960edd0c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 771
last-modified: Fri, 04 Feb 2022 08:48:53 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PF7DY6FJ5M2T41CR
x-amz-id-2: IpKDglNQUNZUes2FFw6cm3ZV9VNbcythg7g6mE7DUgMQAsP2WFKKzMrosW84WlhlfnjDL2Sf3Hw=
cf-bgj: minify
server: cloudflare
etag: W/"ab953a80fe2c125341cc92431f92363b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6dde81b58df08a27-NRT
expires: Tue, 15 Feb 2022 15:23:18 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 32ms
17ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14338
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6dde81b58b3780f3-NRT
cf-bgj: minify

GET using-printers-as-actors-in-use-case-diagram.jpg
pays-tarusate.org/content/uml/ 0
0

GET
H3 200 need-help-about-get-attachment-file-name-tutorial-from-java2s-com
pays-tarusate.org/content/java/ 42 KB
0 565ms
562ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/java/need-help-about-get-attachment-file-name-tutorial-from-java2s-com
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Nov 2020 19:59:52 GMT
server: cloudflare
etag: "151b8-5b47b2bcb62ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UByN3BQTj0c8wXjlHaF6Y%2Ba0ZOKrVl9MyF6v%2F5jItKYx967lIPZYVW3%2FuxM2MPVVGplsLqCS3AF%2BmNrlbnP3FsDlpBebGGCqmD7dWorrzKYlERGFi7zS9aY9TM2nS79F8hRLsf%2B6hC2IxaOqj4S23w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6dde81b578b220c1-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86456
expires: Tue, 22 Feb 2022 12:23:19 GMT

GET access-sql-editor-you-may-have-entered-an-operand-without-an-operator.gif
pays-tarusate.org/content/access/ 0
0

GET
H3 200 docmd-applyfilter-syntax.gif
pays-tarusate.org/content/sql/ 4 KB
5 KB 561ms
558ms Image
image/gif 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/sql/docmd-applyfilter-syntax.gif
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27cb47c1fb6282a5ec13b3e151055d84732f7231bf03e57e6133a5cc238b407b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4140
last-modified: Thu, 19 Nov 2020 20:00:02 GMT
server: cloudflare
etag: "102c-5b47b2c638ce4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0jp5RfMtF1AP8b3i%2Bv2mXr%2F2hir3UspKS%2B7OOv0qRo2UKnapT1%2FXqA0%2FsV%2Bj%2F%2F%2BUtafAbofEnBuWuO9hxtcE8a4IucsCvwkPCSGh6i%2F%2BjprzDsLolMhv0A8dJ9GaclwwYuo%2FFSiS8L5DY1DaFFHBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578b520c1-NRT
expires: Wed, 15 Feb 2023 12:23:19 GMT

GET
H3 200 how-to-get-comsol-license-file-and-trial-passcode-for-downloading-comsol-multiphysics.jpg
pays-tarusate.org/content/how/ 142 KB
143 KB 1108ms
1105ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/how/how-to-get-comsol-license-file-and-trial-passcode-for-downloading-comsol-multiphysics.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65b102b1fba281b05cd5441296e95fe9d6ecc3042d6982bf16d0f4c8f98a969

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 145510
last-modified: Thu, 19 Nov 2020 19:59:49 GMT
server: cloudflare
etag: "23866-5b47b2b99756a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VQUOidQrKzjstfTJYf0MU%2FzcUtda3a%2B8Jle7wShTJv260tPLTnKg71vO0VFip7Mz59UzpMjYkETanmn34cXriIvWb9aVsNmjWgxMrdKyB6asXoGtzaaYEO1zssn7db1JnQgpXcYD1%2B2F7p9Uic6qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578b720c1-NRT
expires: Wed, 15 Feb 2023 12:23:19 GMT

GET
H3 200 exception-in-thread-main-java-lang-runtimeexception-no-opengl-context-found.jpg
pays-tarusate.org/content/exception/ 31 KB
31 KB 861ms
858ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/exception/exception-in-thread-main-java-lang-runtimeexception-no-opengl-context-found.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5bf210821769564ef5197f51f9cbdd004e612060a6690d718f9e672361b999

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31305
last-modified: Thu, 19 Nov 2020 19:59:47 GMT
server: cloudflare
etag: "7a49-5b47b2b826309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF8XhgTfdtLBTpw0%2F8Dk5JtInuRqF5GzAA7JVkbXVkPEqMBzx1Mi9V9mGQM5LP5pjudhQdA6jFdnQUKAXUzAAxMPdM7fX8EM6qkPkAm%2B2SinrPSuBViITbEsPZkllicXapev2QCRY3JfMlMqw7OMbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578d420c1-NRT
expires: Wed, 15 Feb 2023 12:23:19 GMT

GET will-windows-xp-32-bit-os-read-8gb-of-ram.jpg
pays-tarusate.org/content/operating/ 0
0

GET how-do-i-to-display-sigma-hat-using-unicode-or-any-alternative-in-java-i-have-a-partial-solution.jpg
pays-tarusate.org/content/how/ 0
0

GET
H3 200 matlab-dimensional-indexing-using-indices-returned-by-min-function.jpg
pays-tarusate.org/content/matrix/ 41 KB
42 KB 834ms
830ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/matrix/matlab-dimensional-indexing-using-indices-returned-by-min-function.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40dd05c77d960c5856389e89d1f61a956ee15c6d4289ccd13ca487621366a2f0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42191
last-modified: Thu, 19 Nov 2020 19:59:55 GMT
server: cloudflare
etag: "a4cf-5b47b2c02421c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJxNHZmjn9TmD9FSMJiTgFZcxxiCXCPjhqDKvj0if%2BleKWbYKUYz2lsYFEfvcpNWR2B%2BjomlaLgvZXBA7jM6s1OhrgpFfdQUGSs38yu1QEjLNiaxbmd%2FXwZQkdx4N4SuxeyNbnExYTvv5xF93zw3Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578db20c1-NRT
expires: Wed, 15 Feb 2023 12:23:19 GMT

GET
H3 200 how-to-unselect-an-item-in-a-select-box
pays-tarusate.org/content/html/ 42 KB
0 572ms
568ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/html/how-to-unselect-an-item-in-a-select-box
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Nov 2020 19:59:50 GMT
server: cloudflare
etag: "1eddd-5b47b2baf4f48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT47xFpFxrgQ1Cj9BpjJXOpFsto%2B9Mkm138mg1t1L4B3V99ah3%2B2mv9%2FXpnHybuVlgCwHLcCWLU1pTzVr88tFJ%2BWZm7b0vAYa5MyTAnevLqhnMvf09DGJdGQK93oIsujiYVeuaAXcZbssjl1KRgI9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6dde81b578dd20c1-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 126429
expires: Tue, 22 Feb 2022 12:23:19 GMT

GET plot-a-parametric-equation-in-matlab.jpg
pays-tarusate.org/content/plot/ 0
0

GET calculating-bits-required-to-store-decimal-number.jpg
pays-tarusate.org/content/unsigned/ 0
0

GET how-do-i-get-this-align.jpg
pays-tarusate.org/content/node.js/ 0
0

GET r-random-forests-variable-importance.png
pays-tarusate.org/content/statistics/ 0
0

GET how-do-i-calculate-paypals-fees-2-9-30-on-a-fixed-number.jpg
pays-tarusate.org/content/php/ 0
0

GET
H3 200 how-to-check-if-the-device-is-a-1st-generation-kindle-fire-or-other-version.jpg
pays-tarusate.org/content/android/ 54 KB
54 KB 40ms
36ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/android/how-to-check-if-the-device-is-a-1st-generation-kindle-fire-or-other-version.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a5e960037d65d82d399dcc57db0239e9bef9bfc621eceb6cce5b1f920515a30

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1839724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55166
last-modified: Thu, 19 Nov 2020 19:59:39 GMT
server: cloudflare
etag: "d77e-5b47b2b0c28c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ijv6NlGTN4%2BqOBQOX6CsX6IpFluJZmbEDspAXYbJB2lQzV1EceYBx1V%2BVLcoe%2BtTfA3%2FD4pzdAd0k74wK8vzlDOax5bKBFkXBDqM6KAH9Ar6IvrxHQYSHsnOyPNr5BCGAy6NG4aKT4LxackkkpI82A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578e820c1-NRT
expires: Wed, 25 Jan 2023 05:21:14 GMT

GET how-to-get-all-properties-values-of-a-javascript-object-without-knowing-the-keys.jpg
pays-tarusate.org/content/how/ 0
0

GET
H3 200 how-to-convert-wmf-files-to-svg-files.png
pays-tarusate.org/content/how/ 132 KB
132 KB 39ms
35ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/how/how-to-convert-wmf-files-to-svg-files.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4850a5ab33ed7063e9229c11768ba4eac23579f4f27e922be157ecf17861612

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101279
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 134855
last-modified: Thu, 19 Nov 2020 19:59:48 GMT
server: cloudflare
etag: "20ec7-5b47b2b96c5e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlZlv1e6eSFNZSkC9L2N9tukjNWU%2FJgn4im0IegPdZ0sYX5DLhc%2Fo70wZ7BBPFFwmnIvJR8w6gclWCw3lpY6HORcCpm6Bb9MIYuVnJPyaR8pvkc2Y%2BVpsBY79SSwaCNsO8OBwQgHBM1kTkAPu8BoGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578ec20c1-NRT
expires: Tue, 14 Feb 2023 08:15:19 GMT

GET how-to-get-all-child-list-from-firebase-android.jpg
pays-tarusate.org/content/how/ 0
0

GET jquery-datatables-no-data-available-in-table-1.jpg
pays-tarusate.org/content/javascript/ 0
0

GET
H3 200 what-is-the-difference-between-unconditional-branch-and-unconditional-jump-instructions-in-mips.jpg
pays-tarusate.org/content/assembly/ 276 KB
277 KB 54ms
50ms Image
image/jpeg 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/assembly/what-is-the-difference-between-unconditional-branch-and-unconditional-jump-instructions-in-mips.jpg
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e91937e9bcedf4bf489450b6871d97f5b293fd8408750d972c1c9607e63b073

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5244502
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 282798
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "450ae-5b47b2b235a64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGbl%2FS3yp0iPzqi%2BhJEceTII7tE6nw%2FghelQrLwlpfWZ3IMj5FoBTGCCw0AQDzVT7KUmD5pZtgb1sN8xtMXW%2BwxoX%2FrwUd4jiaS0qlckQOJ4BDB1Z9G2YjmlpwXy%2BND%2FfKY9CiiSt3Z3FgJy%2F0U7mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81b578f020c1-NRT
expires: Fri, 16 Dec 2022 19:34:56 GMT

GET
H2 200 general_style.css
pays-tarusate.org/template/pays-tarusate/css/ 4 KB
926 B 20ms
13ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c9940a1698476f6f9aa2a8ca09e88666263154aa86a72bf473947f0f09793b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 559941
cf-polished: origSize=5657
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"1619-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9hxEXcPY%2FHAistoV33voQH6N49o05GJnurcBVv79R6qfoF0RtPdQR41iCdhsDCp%2FUqwST7%2FTVg9R0LczjQTLVXYhJbzoZmFKhHcF7F5u7qvd8sCArKMR5Kbvoq5Qyw7etmKp37PXBE2ePO%2FmU7Jbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dde81b569853405-NRT
expires: Wed, 23 Feb 2022 00:50:57 GMT

GET
H2 200 main_style.css
pays-tarusate.org/template/pays-tarusate/css/ 28 KB
5 KB 19ms
12ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/main_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7843eb6f53c01e1a367592f612780f02ceea172368acf5266f618e94848247e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135073
cf-polished: origSize=34819
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"8803-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDFnp%2BfYj61xiwyV0uqnBzUAnjW87n6TRTi9xh1dkMiw%2BmCzW3x%2FwiXr5c4AymKxW0IrFGF9dVNrFOojhE956AtYNxs0R4Ah7DW%2B0ZXyt4Hbu%2FB371QeU%2Fibw5ttp4xvdJV2QlV6GUrrL9%2FbuvkwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dde81b569863405-NRT
expires: Sun, 27 Feb 2022 22:52:05 GMT

GET
H2 200 reset_style.css
pays-tarusate.org/template/pays-tarusate/css/ 662 B
821 B 20ms
13ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/reset_style.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353b2e68c0aeefe645d21343a30f43420cf68526a44536b90ffff8d48539a2db

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460942
cf-polished: origSize=849
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"351-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHiVopxchOF%2BGmg6Ad6HIg3pJlBQ37aKx5ogqymgJxksb1d%2BnCy45%2FT%2Bxlog5gR%2Bv5QPFjamvQGdTlKnASesb44w7cFkLLBjAVO%2FEb%2B0NOdCaGOin%2Fo2WdfRN3zjZ7u%2F5D1%2Ftlm8hj%2B2HSjnzmQo1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dde81b569873405-NRT
expires: Thu, 24 Feb 2022 04:20:56 GMT

GET
H2 200 font-awesome.min.css
pays-tarusate.org/template/pays-tarusate/css/ 30 KB
7 KB 21ms
15ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/font-awesome.min.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f6ec9192f604e9bec7a38f4d2b2ad5e81184c05a5395d131de6c7129f9f1314

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64384
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"789c-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cnlt2IA0KefSduLJ99xfqHi2%2BDfGpZxZzvYtehKSzgI9WZkPXWpGJLugj3V8ZHUoqq%2FiyEwYcZqKsEEKdg53kO1Uu%2BpcbTdVB00ACDjg8ysuWgnISYD%2BHfC1fh90KFG%2BPYfGqlSPYSusYjnCwBqXTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dde81b569893405-NRT
expires: Mon, 28 Feb 2022 18:30:14 GMT

GET
H2 200 adv.css
pays-tarusate.org/template/pays-tarusate/css/ 61 KB
42 KB 17ms
11ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/adv.css
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284917
cf-polished: origSize=62935
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 17:45:24 GMT
server: cloudflare
etag: W/"f5d7-5bd46592ababf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVDBlvyFA2Md6MndbhQ7W6BDMwEZXEhVCJUVDa58JwzdvAeTKe6sNhWNutK1TnE2gct2UopKM6%2F1hb05GWDgdgv5EsSe4F4mIBWoynVS4%2B0cM%2BKfHzg90xomF2J5HUyLF529wDtUbOWPRywz5RFnfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dde81b5698a3405-NRT
expires: Sat, 26 Feb 2022 05:14:40 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 95 KB
34 KB 25ms
19ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery-1.12.4.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jun 2018 18:00:00 GMT
server: cloudflare
etag: W/"17b8b-56e110d49e800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0OCN3jwakgQzV4UcsFF%2FLtaAJteZx%2B%2BW0s8uHt1ofkwbs4njyECJegS%2F3NsKsZPaSTlrB7mVMqvsIzdZTCMmAjJtYt5uiaEbg4eEmFBOwEIbt%2BiF97WAHczLPktiW%2BPZ4f1RTz2tGjXakN5wSdOQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dde81b5698b3405-NRT
expires: Thu, 24 Feb 2022 04:20:56 GMT

GET
H3 200 script.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 4 KB
2 KB 36ms
34ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/script.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34c9c13f7373cddd250356f30473709aeae3cdc2d56a5afdeb113b3033c33ea2

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 555949
cf-polished: origSize=5177
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"1439-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29y7snyS5jkWy2eFibzKJhamr4sLMhKp%2B1bVCqSbtp%2Bl1bwhGqoGUD7ttno%2F9lkOATo%2FlLpsSKLuSa46xpFVP9MdWu%2FTbUYDiEeVZlD6GUF5h3qN366UPK3%2Br%2BGq8kh8dxHzrk5oRHWb67ZCToXmDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dde81b578a320c1-NRT
expires: Wed, 23 Feb 2022 01:57:28 GMT

GET
H3 200 jquery.zoom.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 4 KB
2 KB 37ms
34ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery.zoom.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbac863d2fb5589d11c75ddf028189eb39d22ec3496440cbbdf2b4ce7fe82d53

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471307
cf-polished: origSize=5948
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 25 Apr 2018 18:00:00 GMT
server: cloudflare
etag: W/"173c-56ab00a1cc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mfkAtIY1E4AjM1X5uEuludjb%2BLf%2FUC47DQOSYIRHQIW5hAvWmplwcGKbxYm4Cwm%2BKTI5n802z9PGkA7lLVbCedaky5%2FZvRxA2u4yG2S72j5%2BbTUHxPwjfX%2FRcxAtrS9dbqMIf8n1U11YMAb5ummOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dde81b578a520c1-NRT
expires: Thu, 24 Feb 2022 01:28:11 GMT

GET
H2 200 adManager.js Show response
cst.cstwpush.com/static/ 451 B
597 B 14ms
1ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 12:28:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 / Show response
load02.biz/ 20 KB
20 KB 702ms
234ms Script
application/javascript 143.198.248.64
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.64 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b0d255a8007658590a518c1aeb36de404082d167b09faf19bd3e32d8cecb9057

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 12:23:19 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 675ms
228ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e7e"
vary: Accept-Encoding
x-hw: 1644927799.dop210.pa1.t,1644927799.cds215.pa1.hn,1644927799.cds037.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H3 200 jquery.unveil2.min.js Show response
pays-tarusate.org/template/pays-tarusate/js/ 3 KB
2 KB 37ms
34ms Script
application/javascript 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/js/jquery.unveil2.min.js
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 804278
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 18 Dec 2017 18:00:00 GMT
server: cloudflare
etag: W/"b2e-560a11e6cc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1s4rFkJVrrEZyM5NB%2FpXiXSiiSMasKXKhut55zows0GIRJWRKsEUXCXkC96O7UqZqh%2BwUkovNLYD9nAuM8%2FBd4ferbBsfAjrsM4kyK4eLBHL7ENn3nJa9aH97ujkix0IHUaomDtshuhyDtwDTe%2Bihw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dde81b578a620c1-NRT
expires: Sun, 20 Feb 2022 04:58:40 GMT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 26 KB
7 KB 84ms
74ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.909517394143601

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644927799.646702,VS0,VE72
etag: "136bfff1f290532cc0074a184a93a41336eb53dcdba45e16d34e03a106c160eb-br"
x-served-by: cache-nrt18328-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Tue, 15 Feb 2022 12:23:18 GMT
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
www.youtube.com/embed/ Frame F8EF 34 KB
11 KB 144ms
65ms Document
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

900c45f7597e5511fe890b457dbfc9a3fc2fab58790f78350d4026d42f6bcc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Feb 2022 12:23:18 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css.css
pays-tarusate.org/template/pays-tarusate/css/ 24 KB
2 KB 19ms
19ms Stylesheet
text/css 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pays-tarusate.org/template/pays-tarusate/css/css.css
Requested by: Host: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 173649a681fd076c6a1564df9b0a423ea7d401d8e982950feeeb9b0d1ff1f1d7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pays-tarusate.org/template/pays-tarusate/css/general_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 553442
cf-polished: origSize=30154
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Aug 2018 18:00:00 GMT
server: cloudflare
etag: W/"75ca-5744642c08800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OANSGIzqsfolekl5iOEE9ge2IL52g%2BjThM3iJzbLZE1n4tQMn11tviKLkG2X7ggPEJoDPS13AaDmUGocnu%2FTosjq3u18qMrqqnzIvgV2Qlf5HwnjX5aW5z6ZGNv0WvgjZPklMPAYH4aYETT3N46nLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dde81b578f620c1-NRT
expires: Wed, 23 Feb 2022 02:39:16 GMT

GET
H3 200 projec777tback.org.1137286.es6.js Show response
jsc.mgid.com/p/r/ 241 KB
71 KB 30ms
22ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9a27281aec76bc839056c3dfc28605af2f19a0434a408b50b627f0447553455

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2417
last-modified: Fri, 04 Feb 2022 08:48:53 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TNJVSW8FECYQWWH2
x-amz-id-2: AFoGkHvUp3/Zn8BdOTN/f+ezz6032i0tOE0oscATHeOI5zjHEjfrbJ2HZ8/cRTQr4Rj82m0EppM=
cf-bgj: minify
server: cloudflare
etag: W/"bc1da0dc468557470212146bd8f8db6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6dde81b5bc188a6e-NRT
expires: Tue, 15 Feb 2022 15:23:18 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
221 B 91ms
90ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.3375454940552638

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644927799.670760,VS0,VE88
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by: cache-nrt18328-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Tue, 15 Feb 2022 12:23:18 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 107
x-cache-hits: 0

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 5CD5 741 B
820 B 22ms
11ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e2s
cf-cache-status: HIT
age: 468845
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dde81b5e8c18a8a-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 15ms
12ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5395650
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6dde81b5e8c28a8a-NRT
cf-bgj: minify

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH;0.20635152865142192
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH;0.20635152865142192

43 B
528 B

161ms
161ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH;0.20635152865142192

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 12:23:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Feb 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 12:23:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH;0.20635152865142192
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 14 Feb 2021 21:00:00 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 80 KB
29 KB 9ms
2ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3

Request headers

Referer: https://ja.pays-tarusate.org/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 11:57:31 GMT
server: nginx/1.18.0
etag: W/"62064f2b-13e4c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 12:28:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET 0QIgMX1D_JOuO7HeNtxumg.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET 0QIvMX1D_JOuMwr7Iw.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
591 B 853ms
846ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e11ae8e10b512e065636d91b262283b4ae674d49e529993222f604a0db50a0a

Request headers

Referer: https://ja.pays-tarusate.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGm5GNHd5WL8cI0TP3lcud0IrqRmxtglyd1ezO%2BLMgmAX1ENXhKL4p4k5pQTf8L08neolkqi5AMFqmJb5WKdxRRicZ1G4aOad6EbxQ11SZ1zf0%2Be1j51oWjvJIR3B8nTAUeueaOsYOEo"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dde81b6b9472065-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 51pb.json Show response
newrrb.bid/ 231 B
650 B 907ms
907ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d100f514ea745d923f6d657380e5fa33e55d6a486a1893e5701036abd2df7e56

Request headers

Referer: https://ja.pays-tarusate.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDZKSKLbfgIbF%2BSqczexZEWAXp5%2FFvBOeEH7ywmAE0pqFOxvA1fsnIA0%2FMP%2Bn%2BcsU5spmk3d%2B9P1SzPOqmlbNmqf1lV5%2F89Dk6orVYrfKSm5chXjfAr%2Bcm470fmMtLUQcR9THSphh%2Fbn"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dde81b6c9612065-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 289 KB
104 KB 161ms
125ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d446c47514aeb4ed40828edd2bf96a6707371b489e5aeb3e991130dbcc2bf65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106376
x-xss-protection: 0
server: cafe
etag: 8491623544907595277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 12:23:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220210/r20190131/ Frame FA50 13 KB
6 KB 77ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220210/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cfdef7cd1a0fab390d940b7b61ea3afc340838418bb94d460fe451d654331ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5933
x-xss-protection: 0
date: Mon, 14 Feb 2022 16:03:51 GMT
expires: Mon, 28 Feb 2022 16:03:51 GMT
cache-control: public, max-age=1209600
age: 73167
etag: 17376176057921392695
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
pays-tarusate.org/template/pays-tarusate/css/ 0
0

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
372 B 424ms
424ms Script
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.3375454940552638
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-cache: MISS
content-length: 65
x-served-by: cache-nrt18328-NRT
server: Google Frontend
x-timer: S1644927799.983895,VS0,VE421
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: a385f79b86001844b191f8075bd5cb0a
cache-control: max-age=3600,public
function-execution-id: rpgajs0phnpr
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 0

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/41de1c08/ Frame F8EF 341 KB
47 KB 40ms
3ms Stylesheet
text/css 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fb42ef830abc7688334b68171498b6359e3dd620565876ae377e21e55115db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47756
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:32 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/41de1c08/www-embed-player.vflset/ Frame F8EF 283 KB
85 KB 39ms
3ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f51baf3e6fa6958fc7c4ff9ddb2c7372660e3400ae53ff0790436abb3b90b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87203
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:30 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame F8EF 2 MB
539 KB 42ms
6ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbec9558a80fb611934815ab17bcdfde9192cb3e7f848253bea1a6de93ceb667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552124
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:32 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/41de1c08/fetch-polyfill.vflset/ Frame F8EF 10 KB
3 KB 45ms
9ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:30 GMT

GET
H2 200 1930 Show response
na.nawpush.com/tags/ 834 B
610 B 9ms
1ms XHR
application/json 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1930
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fdf266d7db4d86b30c8b4cf632d93f50bc152aca5d2b2c9f37003d0dcb1b0b00

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 6ms
2ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 12:28:19 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
647 B 148ms
38ms Script
text/javascript 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.pays-tarusate.org&callback=_gfp_s_&client=ca-pub-3890713886363470

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

cafe /

Resource Hash

b23005dc5cd9d2480df0c35b6786a64708b0261ace6fa56ab6a9e195e2185de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 112ms
38ms Script
application/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
40ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB91 272 KB
66 KB 442ms
406ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1644927799&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798857&bpp=6&bdt=267&idt=279&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8129166483167&frm=20&pv=2&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=304

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eeeca36b35680171a3f83cb6809026efdf58b64f419f8dfc6d49b04f57d91ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 67985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6E6 95 KB
32 KB 371ms
371ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=1199922194&adf=2049407382&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798879&bpp=1&bdt=289&idt=302&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypcp3dweLR&p=https%3A//ja.pays-tarusate.org&dtd=318

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f2c653e662f7da6920b990c42ccae74de70f86ecff2cf9700e5da976be14493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 33200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F8EF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

36ms
36ms

XHR
application/json

2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA

Protocol

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41fa1e12059df1e3c80e2836c071c07f2a1237c34030c5237b8132f6f936d1c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 15 Feb 2022 12:23:19 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F8EF 29 B
588 B 78ms
2ms Script
text/javascript 2404:6800:4004:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:17:54 GMT
x-content-type-options: nosniff
age: 325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Feb 2022 12:32:54 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ECD5 98 KB
32 KB 284ms
284ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa57e559ecce3cc0e06ab6c1d8d3f9b45a1fed6f1114d56aa0137855f02f4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 32713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H3 200 remote.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame F8EF 98 KB
30 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a50e63fc98b0bba463c571e672d11ec92e7b463c700cb9457dc0de00a26a632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30855
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:37 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame F8EF 26 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64145756ec4788754f6a334196bb57dd43dcb0da630b7840ff429297b06105cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7751
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:35 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 412B 95 KB
33 KB 310ms
310ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=9360290903&adk=2367483457&adf=177619468&pi=t.ma~as.9360290903&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798883&bpp=1&bdt=293&idt=554&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=coe5y1EKyj&p=https%3A//ja.pays-tarusate.org&dtd=556

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e7c1572f3714588c2c5a5def641a44e8c63d555d93be7b93820808253ccf6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 33581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 73ms
38ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
39ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33E1 74 KB
29 KB 267ms
266ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=458250839&adf=3470330975&pi=t.ma~as.4398967635&w=300&lmt=1644927799&psa=0&format=300x600&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798884&bpp=1&bdt=294&idt=596&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uTZHf0xx9z&p=https%3A//ja.pays-tarusate.org&dtd=600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87c7dea44bc3a3dff68e888fd2eaa8786c68d0e292275bf1daae0a468841a026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 30056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 182 B
389 B 34ms
18ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db264a2d6c30bc872076ab8f14cc9a74421bf81783c2c5bf3c3a23dd1e90b645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dde81baedf680d2-NRT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9139 436 B
236 B 206ms
206ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=250&slotname=5143760017&adk=3043140014&adf=1455981949&pi=t.ma~as.5143760017&w=300&lmt=1644927799&psa=0&format=300x250&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=619&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=pBYt7vSxUT&p=https%3A//ja.pays-tarusate.org&dtd=632

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efb0b9e7ef8ac142a0191921aeffd046209ab3d6c6a98950640b88b54581077b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CAD0 74 KB
29 KB 278ms
278ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=4051693275&adf=1867163432&pi=t.ma~as.9651294315&w=240&lmt=1644927799&psa=0&format=240x400&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=639&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=WQgTEouuhx&p=https%3A//ja.pays-tarusate.org&dtd=652

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8d552e7d9d0727c76792756b3cfa88a7b5671ead978f03e5f9de461d4bd97e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 30088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2752 436 B
236 B 190ms
190ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=767131371&adf=1814455876&pi=t.ma~as.6624362644&w=336&lmt=1644927799&psa=0&format=336x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798886&bpp=1&bdt=296&idt=675&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250%2C240x400&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&xpc=b3VDAVSHaV&p=https%3A//ja.pays-tarusate.org&dtd=677

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b5c5cb7940ca09856cd9d086643c29cb93bbaa7d14cdbd07b21df581c739fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Feb 2022 12:23:19 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:19 GMT
cache-control: private

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F8EF 4 KB
3 KB 162ms
122ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:19 GMT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 3ms
3ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644927800.579053,VS0,VE1
etag: "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by: cache-nrt18328-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Tue, 15 Feb 2022 12:23:19 GMT
accept-ranges: bytes
content-length: 67057
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 880ms
439ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6ad72f3c8c1fcfc57196e40e3c6900673ad7a58ec687ee549f15c295710ee9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: br
last-modified: Wed, 09 Feb 2022 12:47:03 GMT
etag: "62038d97-10e19"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69145
expires: Tue, 15 Feb 2022 13:23:20 GMT

GET
H3 200 aadsts50011-the-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-appid-4.png
pays-tarusate.org/content/azure/ 113 KB
113 KB 91ms
90ms Image
image/png 2606:4700:3033::ac43:9aca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pays-tarusate.org/content/azure/aadsts50011-the-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-appid-4.png
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:9aca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d3deb946e2036af77ce949aca69f865d6ece43d2343aa14a4b01637d048230

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115478
last-modified: Thu, 19 Nov 2020 19:59:41 GMT
server: cloudflare
etag: "1c316-5b47b2b261988"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQheoC0N90umIQFDYK6gCtNani5c%2B2lJnUTwh3kGcwblXGCQJjKTuDfCO2HdIl4vk85u5zhyuG%2ByQXJsCCZt0%2FL6yxmJlmiUUacApn1%2BOoydWBpoHiRjgJV0xmX3cO9kv6f4SDwm%2B9J%2FFJ2zbnP70A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81bbb92220c1-NRT
expires: Wed, 15 Feb 2023 12:23:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C6E6 8 KB
1 KB 147ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=1199922194&adf=2049407382&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798879&bpp=1&bdt=289&idt=302&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypcp3dweLR&p=https%3A//ja.pays-tarusate.org&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:32:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 12:23:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 12:23:19 GMT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 5ms
5ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644927800.727040,VS0,VE1
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-nrt18328-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Tue, 15 Feb 2022 12:23:19 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 1

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame C6E6 1 KB
953 B 46ms
4ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:12 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame C6E6 19 KB
8 KB 43ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:16:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame C6E6 2 KB
1 KB 46ms
5ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6E6 124 KB
38 KB 107ms
69ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame C6E6 15 KB
6 KB 44ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:14:52 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame C6E6 28 KB
11 KB 39ms
3ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 11:27:28 GMT

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
559 B 873ms
873ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08b6efb6b9c6c85c48ce472a62bc2d3b10f964ca8138232bbc8fa8ce6edebba6

Request headers

Referer: https://ja.pays-tarusate.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dfsme2j6MgqtgHUEjwQndy5ufIoDCbBot%2BYLOzY%2Fr29SRZWwF1b4VBb8fsB6RFSSfywsTA0UyWpH3X3sKcKsw6Q1FaV%2FiTrGEtQN%2FohJpve1x9SfEQ0m3rmamhMhZC8teDXQwyaT47x"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dde81bc79fd2065-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5880914721537617777
tpc.googlesyndication.com/simgad/ Frame ECD5 46 KB
46 KB 38ms
5ms Image
image/png 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5880914721537617777?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qldRdWgMkB6lQgU9sBDlcKwPGmAXA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43f5540a9cabcde632394608983459d45f06ef25b37771b3efff2714d6364d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 03:57:58 GMT
x-content-type-options: nosniff
age: 375921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46959
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 11:39:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 03:57:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame ECD5 19 KB
8 KB 36ms
4ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:16:56 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18312686731199027670/ Frame C6E6 10 KB
10 KB 29ms
5ms Image
image/jpeg 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18312686731199027670/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd85f6df92f9ab71cc5d2c85b72ceb8ec601b7ebc40fa32c44aebfed98c4554c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:13:18 GMT
x-content-type-options: nosniff
age: 497401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10237
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 22:19:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 18:13:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6E6 0
0 47ms
47ms Fetch
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv__zN5sLYt37Ddeb8AK3r5KgA_273YFo_O3ppoIP__WQ49cCEAEgs-vBfGCJ88WE9BOgAf_bisgDyAEJqAMByAPLBKoEngJP0EwmKiadB7GT4RVRiYJcIBs1fCi5QkY6RcItsN1ka2qbp6i1xKh2lBYMgB-vTRchZ6s5B_rHiWlboCRAx9csELSWmStVHDxt3JCVbiJGv4pKN2n6uFdQazeemGIWFwliIDoCsMwixvMwAHe4dFru21Av0O1qne7DFH6uGTitc7qgsfLcr9GyymjK1vtGC-IMh3SCykFUzYfV9GqYVXIZfIAuenHF3y2YseW0I9WAWp3kTw-g-T2zVSZ3mGX6q18uRAkXDkcgA5ToiI8_lVhjG6GeqzLStyqZNRKHuhYm66RwqTJuGlhz7VaQz_xG_pkJov-e12I0FV2fBavYOQEktLJA14FkdSsmX6wqCeRMkVNABKl9b3yask-jmSPrwAT61vnyswOSBQQIBBgBkgUECAUYBKAGLoAH8O6sogKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDzsg_SCAcIgGEQARgfgAoByAsBuBOIJ9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zODkwNzEzODg2MzYzNDcwGAA&sigh=61SAcIhhbto&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=1199922194&adf=2049407382&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798879&bpp=1&bdt=289&idt=302&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ypcp3dweLR&p=https%3A//ja.pays-tarusate.org&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Feb 2022 12:23:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Feb 2022 12:23:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ECD5 0
0 45ms
45ms Fetch
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEVqvN5sLYvuPF9aQ8ALBlrfYBKmb1bho8vLth8kOjKuhlv4sEAEgs-vBfGCJ88WE9BOgAaegiLwCyAECqQKAysDTO5JCPqgDAcgDyQSqBKkCT9BP8e3pWW6zpUC-lQjiFq4YxiVwQIqlPZN9cLeYBiHP9iCWOEHEiOUjelJCAYmzi7cnZKde82cQzCO_bFz3K0JQY3dumblWsZ1uOsmfSBuUSsbmqEVx2IcewLAIve49uEqT9dbzXE9hQiw75uxpZEV6fbNiuhsavUxqI8BusGDRFCa51-vxrOr_jj7OGzjwXKlJBYaezzYs9WMxiMtxKLZaN20goyW6UWfYrsSTnUF4HK-dPjvDmTGIAcx-d4___lI-08LI6r0_TWFKiFpsRfGHvy3QhNcFiDPwQSwu1P0gHY5FcGiaj5EQrZoYZ6lnvM9w6uITdX4EIVIcHE3fHFBWQP2k45VXldj29rL0at1PFfJtzvtVDkW6oAJJhv2yZLFDrf9_p8e4wATo3Ynz7gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHwd_3wwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC22QLSCAcIgGEQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=6B4zXUeMI18&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Feb 2022 12:23:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Feb 2022 12:23:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame ECD5 2 KB
1 KB 42ms
4ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:05 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame ECD5 67 B
91 B 42ms
4ms Image
image/png 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 04:12:01 GMT
x-content-type-options: nosniff
server: cafe
age: 29478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 16 Feb 2022 04:12:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECD5 124 KB
38 KB 91ms
91ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame ECD5 15 KB
6 KB 41ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:14:52 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame ECD5 28 KB
11 KB 42ms
5ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec973bdca405a96cb1791bbc37abb7bef83468251cc3a6eb0b135facc8d6f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11671
x-xss-protection: 0
server: cafe
etag: 16463166170924745324
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:08:38 GMT

GET
DATA 200
OK truncated
/ Frame C6E6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C6E6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame F8EF 52 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Wed, 16 Feb 2022 07:22:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 412B 950 B
675 B 75ms
37ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%BE%97%E7%BF%92%E5%AE%85%E3%82%AA%E3%82%B3%EF%BC%88%E5%9C%A8%E3%83%A9%E5%9B%BD%E8%A1%93%E3%82%B5%E3%82%A3%E3%83%88%E3%82%AD%E3%82%A6%E3%82%8B%EF%BC%8F%E3%81%A7%E5%8F%97%E5%8B%9F%E3%83%A5%E3%83%83%E7%B5%A6%E6%8A%80%E3%83%96%E9%9B%86%E9%87%91%E3%82%BB%E3%81%91%E3%83%8F%E3%83%86%E3%82%AB%E3%83%B3%E8%A6%8B%E3%83%BC%E3%82%A4%E3%82%92%EF%BC%89%E3%81%AE%E4%BB%98%E3%81%A6%E3%83%AA%E3%83%92%E3%83%9B%E8%82%B2%E3%82%A7%E6%88%90%E3%82%B9%E3%83%AF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=9360290903&adk=2367483457&adf=177619468&pi=t.ma~as.9360290903&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798883&bpp=1&bdt=293&idt=554&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=coe5y1EKyj&p=https%3A//ja.pays-tarusate.org&dtd=556

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac03fac5b585fae1f5767edc032fc289cb575790417d82201d8c50d3e434c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 12:23:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 12:23:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 12:23:19 GMT

GET
H3 200 12705649331670856216
tpc.googlesyndication.com/simgad/ Frame 33E1 68 KB
68 KB 4ms
4ms Image
image/png 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12705649331670856216?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkbgGoh8EE_b8yaLjxLfOyHzhOItw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=458250839&adf=3470330975&pi=t.ma~as.4398967635&w=300&lmt=1644927799&psa=0&format=300x600&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798884&bpp=1&bdt=294&idt=596&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uTZHf0xx9z&p=https%3A//ja.pays-tarusate.org&dtd=600

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291666bffaada75f3e27365ba8e0769e59500db7cd1ee5f0287ce9539f9f96b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 03:58:08 GMT
x-content-type-options: nosniff
age: 375911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69131
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 10:30:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 03:58:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame 33E1 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:16:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 33E1 2 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33E1 124 KB
38 KB 137ms
135ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 33E1 15 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:14:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 33E1 0
0 76ms
35ms Image
text/html 2404:6800:4004:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR57-vnHvHEzFEPwIGHhBeLLc0FX8dCjAE6Hd9AyQiiuztpBMnilVzbUnxOfELoTIPX4GDGgW5dM4WBnI7mBHd-fe4yKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=458250839&adf=3470330975&pi=t.ma~as.4398967635&w=300&lmt=1644927799&psa=0&format=300x600&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798884&bpp=1&bdt=294&idt=596&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uTZHf0xx9z&p=https%3A//ja.pays-tarusate.org&dtd=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 33E1 28 KB
11 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec973bdca405a96cb1791bbc37abb7bef83468251cc3a6eb0b135facc8d6f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11671
x-xss-protection: 0
server: cafe
etag: 16463166170924745324
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:08:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99CB 143 B
163 B 3ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Feb 2022 11:52:31 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 96ms
57ms Script
text/javascript 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

sffe /

Resource Hash

b40300ff44ddbf314f86764ee077529aac5ddd33395a1390ef43f31eb8dcc04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27280
x-xss-protection: 0
server: sffe
etag: "1132 / 895 of 1000 / last-modified: 1644924504"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 78ms
41ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

356f28091644bdfa074e54db547f54cce4152de9a3b52aa1ecd6172979671f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
server: sffe
etag: "1132 / 702 of 1000 / last-modified: 1644924504"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
83 B 755ms
703ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.28028529700443916

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:20 GMT
last-modified: Tue, 15-Feb-2022 12:23:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 15-Feb-2022 12:23:20 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH%22:%22%22}}}&r=0.04...
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH...

0
0

289ms
289ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH%22%3A%22%22%7D%7D%7D&r=0.043751327029560416
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:20 GMT
last-modified: Tue, 15-Feb-2022 12:23:20 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH%22%3A%22%22%7D%7D%7D&r=0.043751327029560416
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 15-Feb-2022 12:23:20 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
71 B 754ms
703ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.988909029387854

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:20 GMT
last-modified: Tue, 15-Feb-2022 12:23:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 15-Feb-2022 12:23:20 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.pays-tarusate.org%22:{%22https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH%22:%22%22}}}&r=0.17...
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH...

0
0

222ms
222ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH%22%3A%22%22%7D%7D%7D&r=0.17719580718497352
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:20 GMT
last-modified: Tue, 15-Feb-2022 12:23:20 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.pays-tarusate.org%22%3A%7B%22https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH%22%3A%22%22%7D%7D%7D&r=0.17719580718497352
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 15-Feb-2022 12:23:20 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4922657752767473145/ Frame 412B 13 KB
13 KB 12ms
12ms Image
image/jpeg 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4922657752767473145/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1e5e7cfc60a0ee61b99d8a2494bc0c54e57935086e1ee944be0f651ed3a06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 22:54:27 GMT
x-content-type-options: nosniff
age: 134933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13600
x-xss-protection: 0
last-modified: Sun, 30 Jan 2022 05:59:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Feb 2023 22:54:27 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 412B 1 KB
875 B 2ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:12 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame 412B 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:16:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 412B 2 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 412B 124 KB
38 KB 74ms
74ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 412B 15 KB
6 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:14:52 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame 412B 28 KB
11 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 11:27:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33E1 0
0 45ms
44ms Fetch
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CH6YlN5sLYvLMH4uY8ALBgZ-YA63n-pZo8uCkvOYO2tkeEAEgs-vBfGCJ88WE9BOgAZyv-6gCyAECqAMByAPJBKoEnwJP0A3aDOHCd3whIiiLxVuy1ZnSsv3BvPLCY7k2p--I9Hh-ogsirRGZ_i37r8yDvsMJjPPYxOUsaNRHuN-H7JdYJy1boBE-U3p-ZgW_-l9fdpSvfURgpQQu3U4zv0ecOmTkIPotVeEZUwmygVE_19J8ZLR33X6oYngyCnd6pxb8b0hTa5B0viUgnCX_y6y5yMUN_p2wQRDyrHbLYx2ijXraT27r7fp7KB2ESbkx1C2K-fCk4Pj7R-M6HJD1IDxJa_UplzOzWUIxyG9GwU5m8GS7r6wP0I4QWhR2hJf3NlGwTyCOc9wPaPnkR1lx23G9thkAOSgC0FTq7x5P4FHTqmJj7qPNVzPFa7iYq1hV9WKckwR1U1iQU0FsFYf2Ycy-qMAEn5nQ1PwDkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ15UD0ggHCIhhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODkwNzEzODg2MzYzNDcwGAA&sigh=zINufFCFocc&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=458250839&adf=3470330975&pi=t.ma~as.4398967635&w=300&lmt=1644927799&psa=0&format=300x600&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798884&bpp=1&bdt=294&idt=596&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uTZHf0xx9z&p=https%3A//ja.pays-tarusate.org&dtd=600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Feb 2022 12:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 18269390155163954184
tpc.googlesyndication.com/simgad/ Frame CAD0 63 KB
63 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18269390155163954184?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn-XsYUhvp_xhWSjbsW2SqlbWGixA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=4051693275&adf=1867163432&pi=t.ma~as.9651294315&w=240&lmt=1644927799&psa=0&format=240x400&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=639&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=WQgTEouuhx&p=https%3A//ja.pays-tarusate.org&dtd=652

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b5a3bc3f33e36b4aabbe7c03c45258b0deb5dfeb23fe5c4267d533eef6b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:08:07 GMT
x-content-type-options: nosniff
age: 44113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64304
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:22:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 00:08:07 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame CAD0 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:16:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame CAD0 2 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAD0 124 KB
38 KB 601ms
601ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame CAD0 15 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:14:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CAD0 0
0 76ms
37ms Image
text/html 2404:6800:4004:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTW-UIlkkAd3RUmPqJ36fV9nL_mV-goSGQqDB_B0KH0jKP_G6q2YK5N9Cg9EIXvY50OCwAGJVxZNxrzrCZJoOxfOz3dzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=4051693275&adf=1867163432&pi=t.ma~as.9651294315&w=240&lmt=1644927799&psa=0&format=240x400&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=639&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=WQgTEouuhx&p=https%3A//ja.pays-tarusate.org&dtd=652
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame CAD0 28 KB
11 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec973bdca405a96cb1791bbc37abb7bef83468251cc3a6eb0b135facc8d6f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11671
x-xss-protection: 0
server: cafe
etag: 16463166170924745324
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:08:38 GMT

GET
DATA 200
OK truncated
/ Frame C6E6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c0659782e613f804f1beac5a32084aa98255843dac07ce1ab869891e20dcbae

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ECD5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f479bdc839584cc9ff524bc36dc8f0885f5b79ece3ddfa15ee53b3b615002426

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 412B 0
0 46ms
46ms Fetch
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8TJ6N5sLYr_VHNeb8AK3r5KgA6D-i5Jozvufp7MP2dkeEAEgs-vBfGCJ88WE9BOgAe_JkpgDyAEJqQKAysDTO5JCPqgDAcgDywSqBJ8CT9DE1GqIKDaB7RFMoS_otLuDq4RssLKOKFHNUSL10I_I2xriJdBGCbCmlElU96wEb3m9a7IGbGWMz90aWoNtCtEJa9emnJrMwmCSRtVnoUd24bKCmF-0zoc6BlAnRVZsdKo67iHqyHWm-6fuacP5vLG4KP8LIs8x9bZZJtUxT1nPFmk1BxqXEDgUQyjtiZp46EKAsTqQk9yh68cVZsqOi4bBWjhz0X3yjvLGsGSqGFfsKU4ME6v_KdISnddHvMI9ZMqWQywNpvMzofn6PqBoN8p9KSGMVvtwb2XHt_I5wfSJz4yY41zVOXAaAqHJTcWSgLBJ3QC_l6Th3X0Gu9IFT8jjXsfJcNZUdZ30lth0TZ22gVAWOLMG3omubpUo_ALABIPRi7uRA5IFBAgEGAGSBQQIBRgEoAYugAf5te1nqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQtLUD0ggHCIBhEAEYH4AKAcgLAbgTiCfYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzg5MDcxMzg4NjM2MzQ3MBgA&sigh=USxk3liJ870&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=9360290903&adk=2367483457&adf=177619468&pi=t.ma~as.9360290903&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798883&bpp=1&bdt=293&idt=554&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=coe5y1EKyj&p=https%3A//ja.pays-tarusate.org&dtd=556
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Feb 2022 12:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame C6E6 28 KB
28 KB 115ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:12:46 GMT
x-content-type-options: nosniff
age: 583834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:12:46 GMT

GET
DATA 200
OK truncated
/ Frame 412B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 412B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE20 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=458250839&adf=3470330975&pi=t.ma~as.4398967635&w=300&lmt=1644927799&psa=0&format=300x600&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798884&bpp=1&bdt=294&idt=596&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uTZHf0xx9z&p=https%3A//ja.pays-tarusate.org&dtd=600

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Feb 2022 11:52:31 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 150 KB
53 KB 95ms
95ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f46d2d68a53da580fc49c0201d18c3a50712f242ad181610c72dd8f028b3185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54418
x-xss-protection: 0
server: cafe
etag: 10144195935050016398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CAD0 0
0 45ms
44ms Fetch
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV3HvN5sLYojbIpec8gWiioSADsDg-pVny8jV-bAP3ryGrqwJEAEgs-vBfGCJ88WE9BOgAZyv-6gCyAECqAMByAPJBKoEnwJP0OZl3iIlYVndm1r43nNkSp1jJblNWXXl8X-taOYmukXHYnMCA_YHsTMa2pn3DG1Q5AKAF-EplhYubVCS0CoP8jn0k3HAobMR_TpZwHx7kLDc0S6NVxKhHA3DXh7FmpjVWuvNw8vlYUw82KJ-StFqsUb97D2eDYudpsppg8SJL6AhBZo_tCUI4TJ7KKeovPCeJkR4323_emgLirBzz4YKugE5JNEYOQxUBHZJwoUM59Rvr0ovQG9XSymGRL-aTpdIjEahFlYzax5L3V13WXB8IW5ouXxwxt2NsaooR2HKdG-F5vAd8X0YD5lR4IkmDhAgI7RQzlA3BhSDAqRa5lIAsZw1z3qAEaRsmr5ofiTm8HIVCp1dlweSFWDKB2wr_sAE0LTFmv0DkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwMQpTzSCAcIiGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=cuYd6wPvX2s&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=4051693275&adf=1867163432&pi=t.ma~as.9651294315&w=240&lmt=1644927799&psa=0&format=240x400&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=639&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=WQgTEouuhx&p=https%3A//ja.pays-tarusate.org&dtd=652
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Feb 2022 12:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 83F8 143 B
163 B 3ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=4051693275&adf=1867163432&pi=t.ma~as.9651294315&w=240&lmt=1644927799&psa=0&format=240x400&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798885&bpp=1&bdt=295&idt=639&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&prev_fmts=0x0%2C780x280%2C780x280%2C780x280%2C300x600%2C300x250&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=WQgTEouuhx&p=https%3A//ja.pays-tarusate.org&dtd=652

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Feb 2022 11:52:31 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022020901.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 39ms
3ms Script
text/javascript 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

sffe /

Resource Hash

8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122359
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 09:36:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 11:46:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
79 B 75ms
39ms XHR
application/json 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.pays-tarusate.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

cafe /

Resource Hash

4a1c4179f503e7a42fac6e2bde3220a18857b775a512c9cd6c03eebc31109332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
DATA 200
OK truncated
/ Frame 412B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be472f3f8a34d0d36e3e3c3057478e22071cea3a1892f331f60be2be225a34f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 33E1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1a2ef89d961f24278a05c649cbe3e5b68874003e15f9d30677931df6f091307

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 412B 19 KB
19 KB 42ms
5ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12WmhgmUhTrhXXhzcFe-HyMWz13kzkTPsr-SxY_MXpiiYyLuqVzkGb7poDrq_nBB4qgqAx4wFVJFqcMQyKahWpAhi7h5-DrN63ll-fR_-Q7Ngv4Jmo8E_55paSZTO8F_qdpO9L7xL30gjWlAeTdnl9MChatLLNXKhtVtUryYc9sQvpNvhnNpL0MmEDqflmt4hNFIk4jl42Wf2Yr2J0XyBEpwQUCW-yQkbMm_O1OBQ4ngMWWf6EvvpZwNoFYjH3EXsmGrfbU87g&skey=fbc48de1c6e1b00c&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%BE%97%E7%BF%92%E5%AE%85%E3%82%AA%E3%82%B3%EF%BC%88%E5%9C%A8%E3%83%A9%E5%9B%BD%E8%A1%93%E3%82%B5%E3%82%A3%E3%83%88%E3%82%AD%E3%82%A6%E3%82%8B%EF%BC%8F%E3%81%A7%E5%8F%97%E5%8B%9F%E3%83%A5%E3%83%83%E7%B5%A6%E6%8A%80%E3%83%96%E9%9B%86%E9%87%91%E3%82%BB%E3%81%91%E3%83%8F%E3%83%86%E3%82%AB%E3%83%B3%E8%A6%8B%E3%83%BC%E3%82%A4%E3%82%92%EF%BC%89%E3%81%AE%E4%BB%98%E3%81%A6%E3%83%AA%E3%83%92%E3%83%9B%E8%82%B2%E3%82%A7%E6%88%90%E3%82%B9%E3%83%AF

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

759db126068314a0ba2e77a4f461f5583916f9125160716c9f559ad0deb9c464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 02:46:58 GMT
x-content-type-options: nosniff
age: 34582
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19444
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Feb 2022 02:46:58 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 412B 19 KB
19 KB 41ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrJ07TkFgmUhjrhaXhzcVe-FiMV6l3k10TPub-S_4_MWZiiYSLuqFzkFL7poTrq-XBB46gqAB4wCFJFrsMQyaahWZAhhLh5-zrN6nll_vR-xg7Nh_4Jm48E8J5paCZTPcF_ttpO9r7xLn0gi2lAejdnmtMCgqtLFdXKitVtUbyYdtsQopNvgXNpLEMmGz2nsmpIg9FMm4jxyWWYzIrECkXiFklGRkCU6yUbSsm1D1y8Y4nDEGWY8ErOv5wRt1AEEXEXs2Grew&skey=72472b0eb8793570&v=v40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d52e8939765dc8656fd7c6c20958522008f1cce765074e02e2b1f7833805cef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 02:27:05 GMT
x-content-type-options: nosniff
age: 35775
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19376
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Feb 2022 02:27:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

142ms
142ms

Document
text/html

2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 463B 35 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=2246133930&adk=2401685240&adf=2014661175&pi=t.ma~as.2246133930&w=780&fwrn=4&fwrnh=100&lmt=1644927799&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644927798882&bpp=1&bdt=292&idt=463&shv=r20220210&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=8129166483167&frm=20&pv=1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4079&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44752536%2C44758229&oid=2&pvsid=1228702067667948&pem=451&tmod=211792343&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=GajSB30NfN&p=https%3A//ja.pays-tarusate.org&dtd=465

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 282F 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 40ms
39ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
37ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.pays-tarusate.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/ Frame BEAE 13 KB
6 KB 2ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cfdef7cd1a0fab390d940b7b61ea3afc340838418bb94d460fe451d654331ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5933
x-xss-protection: 0
date: Mon, 14 Feb 2022 15:46:26 GMT
expires: Mon, 28 Feb 2022 15:46:26 GMT
cache-control: public, max-age=1209600
age: 74214
etag: 17376176057921392695
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/ Frame C1E8 13 KB
6 KB 2ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cfdef7cd1a0fab390d940b7b61ea3afc340838418bb94d460fe451d654331ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5933
x-xss-protection: 0
date: Mon, 14 Feb 2022 15:46:26 GMT
expires: Mon, 28 Feb 2022 15:46:26 GMT
cache-control: public, max-age=1209600
age: 74214
etag: 17376176057921392695
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE20
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

72ms
71ms

Document
text/html

2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7085 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 347ms
346ms XHR
text/plain 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1228702067667948&correlator=604565938432430&output=ldjh&eid=31064847%2C44758229&output=ldjh&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&gdpr_consent=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=41117126%2CZXNT%2Czxntmng%2Czxntmng_smrcp%2Czxntmng_smrcp_drm56&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=1600x90&cust_params=seg_id%3D21120200%26site_domen%3Dja.pays-tarusate.org%26site_topdomen%3Dpays-tarusate.org%26site_referrer%3D%26site_url%3Dhttps%253A%252F%252Fja.pays-tarusate.org%252F744378-aadsts50011-the-reply-url-specified-TIEQPH%26site_hash%3D%26keywords%3DAADSTS50011%2520URL%2520URL%2520appid%2520appid%2520ja%2520pays%2520tarusate%2520org%2520&cookie=ID%3D862a41f83e68a5e1-226f9465a2d0000a%3AT%3D1644927799%3ART%3D1644927799%3AS%3DALNI_MaJzKU82bfRrcCXIU2SCDpGZlfT3g&bc=31&abxe=1&dt=1644927800396&lmt=1644927800&dlt=1644927798590&idt=1788&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=1345&adks=2549687318&ucis=1&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=910813567.1644927799&ga_sid=1644927799&ga_hid=1821016411&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

cafe /

Resource Hash

5a4adc53548140d744a3fefc79488f6932c20461a8834cd073c8d7b8c527f2cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12082
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.pays-tarusate.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9f70b32a79dcf9692f2b146794ebf621.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 95BF 6 KB
4 KB 109ms
36ms Document
text/html 2404:6800:4004:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f70b32a79dcf9692f2b146794ebf621.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 15 Feb 2022 12:23:20 GMT
expires: Wed, 15 Feb 2023 12:23:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 1170 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 83F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

106ms
105ms

Document
text/html

2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame BEAE 4 KB
634 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:13:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 12:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BEAE 205 B
229 B 2ms
2ms Image
image/png 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 21:02:51 GMT
x-content-type-options: nosniff
age: 55229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 Feb 2023 21:02:51 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BEAE 604 B
628 B 3ms
2ms Image
image/png 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:17:37 GMT
x-content-type-options: nosniff
age: 18343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 07:17:37 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/elements/html/ Frame BEAE 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a33ca3d4e0c18c99710b30e49db88cb0d573f5399c964b0482e57d4fb8cdb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8101
x-xss-protection: 0
server: cafe
etag: 6579324866662859561
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:13:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C1E8 890 B
630 B 39ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AE%E5%AE%9A3%EF%BD%9E-%E5%B7%9D%E5%B0%8F%E8%8D%8F%E3%81%A7%E5%B0%82%E4%BA%AC6%E3%83%93%E6%9D%B18%E3%83%83%E4%BB%96%20%E5%93%81%E3%83%A7%E9%A1%8D%E5%B1%B1%E5%8F%AF%E5%88%86%E6%9F%BB%E3%83%AB%E9%AB%98%E5%80%92%E5%8F%96%E5%A4%A7%E9%9A%8E%E5%86%85%E3%82%B7%E5%BA%97%E8%B2%B7%E6%AD%A6%E8%8F%8A%E3%82%B0%E9%96%80%E8%94%B5%E5%8C%BA%E5%B1%8B%E8%88%97%E3%83%94%E9%96%8B%E3%80%80%E3%81%8F01%E5%9C%A7%E6%99%82%E7%A4%BE%E5%8E%9F%E5%90%899%E3%83%B3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d7616bbcfae5e4d8d9ca80d762d15525c94202316611643e4784f7d0aeb56c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 12:23:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 12:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame C1E8 1 KB
875 B 2ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C1E8 0
0 45ms
45ms Fetch
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKP8BN5sLYq_7DdWE8ALl673QB6WKpJtorrDSyKMPZBABILPrwXxgifPFhPQToAHd246iAcgBCakCgMrA0zuSQj6oAwHIA8sEqgSjAk_QUiowVjCtsOi4MAt49Jh3uNKyDANTsS41q6Tu1Kc7mGG9N_dNuk8GaMpwoXwwYkHFJQalhfTJIajAs3_CnU8tcDNKPDv8ovoNBVowq9H_NZQaMydziMGDBD7N1geD5We9B56QakEEcrkIP0Qs5eMFoWRlKgNc_uUL0ATzBUGaf4iBYCyiwYF_cDhox-mKsBMKG7QOiXmTKw2jHy2gv-jU1olQYnzlANGDgOZEg9MP6BJ3uoSZh_IknYOHh2kUwFud8nibijrxMDWPgX7Z8GXWomlDQ807Qd5hBJAlSF_LJ9783OtiHWkRD3msOgD72yc67xScLAvvQ4LQ9zE8yj6ik2sk-5hkvckYNh23Sho96F64AUAxpTDi2qgEKOUjsZDDiMAE_NemuPQDkgUECAQYAZIFBAgFGASgBi6AB4uk8d0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ194M0ggHCIBhEAEYH4AKAcgLAZgMj6DU7fsDuBODBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi0zODkwNzEzODg2MzYzNDcwGAA&sigh=DIxEMPaAuTc&uach_m=[UACH]&template_id=515

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Feb 2022 12:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame C1E8 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:16:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame C1E8 2 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1E8 124 KB
38 KB 250ms
250ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame C1E8 15 KB
6 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:14:52 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame C1E8 28 KB
11 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 11:27:28 GMT

GET
H3 200 13378672344244536314
tpc.googlesyndication.com/simgad/ Frame C1E8 3 KB
3 KB 3ms
2ms Image
image/jpeg 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13378672344244536314?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7374dca1efa140090545db133396c7ec96436540eb9802ec8d7b581119e61ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:46:18 GMT
x-content-type-options: nosniff
age: 326222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2861
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 07:12:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Feb 2023 17:46:18 GMT

GET
DATA 200
OK truncated
/ Frame C1E8 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C1E8 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame D9CF 850 B
594 B 39ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%94%BB%E5%8B%95%E3%83%AD%E9%96%89%E9%96%8Bh%E3%81%98D%20%E3%81%AA%E3%81%8F%E3%82%B0%E3%80%90o%E3%81%91%E9%A1%8C%E9%A1%9ES%2F%E7%BF%92%E3%83%B3%E3%81%AEc%E3%82%89-%E3%82%A4%E5%88%B6%2C5%E5%AD%A6%E7%A8%AE%E3%82%82%E5%85%85%E5%AE%9A%E5%8F%97%E6%94%BE%E5%86%86%E3%80%91%E7%A0%94%E3%82%8B1T%E4%BF%AE0%E3%83%97%E3%83%A0%E3%82%AA%E9%A1%8D%E5%AE%9FI%EF%BC%81%E3%81%8B%E3%83%A9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27d838b9613286a8e5a7cea24040415afc6e9e8853256d3d075b007d9134675c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 12:23:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 12:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D9CF 4 KB
810 B 39ms
38ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 11:02:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 12:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame D9CF 1 KB
875 B 3ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:12 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame D9CF 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7841
x-xss-protection: 0
server: cafe
etag: 5616804430205127715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:16:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame D9CF 2 KB
1 KB 5ms
5ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:23:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9CF 124 KB
38 KB 73ms
73ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame D9CF 15 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0
server: cafe
etag: 14935107822106690633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Mar 2022 12:14:52 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame D9CF 28 KB
11 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 May 2022 11:27:28 GMT

GET
H2 200 track Show response
8ea6735569.24fa533251.com/in/ 0
199 B 962ms
953ms XHR
text/plain 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://8ea6735569.24fa533251.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI5NDA0NTc5MDI5NjAwMjk3MDAiLCJ0aW1lem9uZSI6MCwidmVyIjoiMi4xNS4wIiwidGFnX2lkIjoxOTMwLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjB9
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 24 KB
6 KB 10ms
2ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 07:44:44 GMT
server: nginx/1.18.0
etag: W/"61fa366c-6155"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 12:28:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 27 KB
10 KB 11ms
2ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 115c4e7dec8f340b0a47357787d56e8d5f3b58a470e8e70d42a8d76c00df7be9

Request headers

Referer: https://ja.pays-tarusate.org/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 10:26:36 GMT
server: nginx/1.18.0
etag: W/"620a2e5c-6bcb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 15 Feb 2022 12:28:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 443E 220 KB
61 KB 149ms
3ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 01:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 01:24:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 443E 16 KB
6 KB 152ms
6ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 01:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 01:24:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 443E 96 KB
29 KB 153ms
7ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 01:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 01:24:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 443E 5 KB
2 KB 154ms
8ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 01:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 01:24:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 443E 42 KB
13 KB 154ms
8ms Script
text/javascript 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Tue, 15 Feb 2022 01:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Feb 2023 01:24:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 443E 944 B
659 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%A5%91%E3%83%8D%E5%BE%A1%E3%82%A9%E9%9A%8E%E3%81%BE%E3%81%91%E6%9B%B8%E3%83%AA%E3%82%A2%E5%85%83%E3%82%92%E7%AE%A1%E3%83%BC%E3%81%AE%E3%80%82%20%E3%81%AF%E9%96%8B%E3%83%AD%E7%B7%A0%E3%83%89%E7%90%86%E3%82%B9%E7%B5%90%E3%81%8F%E3%83%95%E3%81%99%E3%83%97%E3%80%81%E3%83%AB%E3%82%AC%E7%B4%84%E3%83%A3%E3%82%AD%E5%88%B6%E5%90%84%E4%B8%80%E3%82%AF%E3%82%8B%E3%81%A0%E5%BE%8C%E3%83%93%E3%81%97%E6%AE%B5%E3%83%83%E3%81%A7

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js?31064847

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

412510b6e64bd8758129162a2a0d1f2f341c7d2dbd3f6cc6b59a3f19b9dd9cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 12:23:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Feb 2022 12:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Feb 2022 12:23:20 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 443E 3 KB
3 KB 2ms
2ms Image
image/png 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 17943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 16 Feb 2022 07:24:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 443E 344 B
374 B 2ms
2ms Image
image/png 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:54:48 GMT
x-content-type-options: nosniff
server: cafe
age: 66512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 15 Feb 2022 17:54:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 443E 0
0 36ms
36ms Image
text/html 2404:6800:4004:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLzQ5Q_W7Fz4TK3EDWvZcq3XwKznJJ4TeTLz8mX1_-2B4HP7qSUWgNA5HbScsuWgOELVdwh4d8DmOgU-4ryMjIFpWDJQ
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 443E 0
0 48ms
48ms Image
text/html 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP89KOJsLYqGIHNfV9AXmroOIBY-B6utn5tGlqKoPqKuXg8YqEAEghuGFKmCJ88WE9BOgAcbF1d4CyAEBqQK2ifXkdaBCPuACAKgDAcgDCqoEvQJP0JAYpCjblmB4HsQxeSFQEUcUSZp484kRaaTZc1BU91caPEkQDN7MqKaMJt2ZAQEYIY-mi12LQtxEOyq94XMQKoddpn8tz87mv5vgZ7slK3k-cuV8Ya63-vn1U4h610Ady_qFPlxvsPqHFox9SxWJoIH0RXY3roE4EpeoXMRDiIeUthGZ6GsRLCSSKj18Y2hEfYVY7hrkejCMOVeFdV2K6c5q4h5mXMZaD2o67rt4AsKwvjF2OLOUvl-QHg_UknDOck25GigQUtxS8ob61k0VgJJ0H14sJU0-rKjcIk_k_9Zb0LZmHBHY4zkdWhwkLV9RykydskFnqnqleRwF4ty9iorPyK7XOQFITaqUWjyLjjsX886Vnc6ygYU0VchJlnP6D67Hhcj1WjPu_RM_iImcUU6I3Vmdfowp9fNhscAE5Y-S_a8D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB6K6qqEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqZ4F0ggJCIDhgBAQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTY1NTA0MTMzNjM2MDI1ODgY_qsd&sigh=j8LP_z6FLuc&uach_m=[UACH]
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s01-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame CAD0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dce3fdb846784d1f07c1bba9e5010d0551fa62f262ffcf1a9de2672ce091ea0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 164C 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Feb 2022 11:52:31 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 70769167 Show response
mc.yandex.ru/watch/ 331 B
415 B 220ms
220ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/70769167?wmode=7&page-url=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe37688zjz%3Afp%3A654%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A391304054404%3Ahid%3A732755962%3Az%3A0%3Ai%3A20220215122320%3Aet%3A1644927801%3Ac%3A1%3Arn%3A737008293%3Arqn%3A1%3Au%3A1644927801872935871%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644927797968%3Ads%3A7%2C20%2C585%2C2%2C0%2C0%2C%2C1019%2C6%2C%2C%2C%2C1634%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644927801%3At%3AAADSTS50011%EF%BC%9A%E3%83%AA%E3%82%AF%E3%82%A8%E3%82%B9%E3%83%88%E3%81%A7%E6%8C%87%E5%AE%9A%E3%81%95%E3%82%8C%E3%81%9F%E5%BF%9C%E7%AD%94URL%E3%81%8C%E3%80%81%E3%82%A2%E3%83%97%E3%83%AA%E3%82%B1%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E7%94%A8%E3%81%AB%E6%A7%8B%E6%88%90%E3%81%95%E3%82%8C%E3%81%9F%E5%BF%9C%E7%AD%94URL%E3%81%A8%E4%B8%80%E8%87%B4%E3%81%97%E3%81%BE%E3%81%9B%E3%82%93%EF%BC%9A%20%27%3Cappid%3E%27%3C%2Fappid%3E%20-%20ja.pays-tarusate.org&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ae52825d7006e20e7a741d590fb0b40d61b861107ab268cdb3c43cc34f8af38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 15-Feb-2022 12:23:20 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.pays-tarusate.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Tue, 15-Feb-2022 12:23:20 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
100 B 221ms
221ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:20 GMT
last-modified: Wed, 09 Feb 2022 12:47:03 GMT
etag: "62038d97-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 15 Feb 2022 13:23:20 GMT

GET
DATA 200
OK truncated
/ Frame 443E 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e15e6f886cf1ee5a879952787591900f4abcd2f8a9f73cceb6d806ad45b5029c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 443E 22 KB
22 KB 4ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12Wkhsr2lFiDTxkRVzvcOVB04C-FxDWuocvz3fStfOLDRluPjiCFP_2Ii3-L1DQgz-VLL1JROgEkm5Fx_fvAbfhAv8kYw0Cs0wAEwLUex0Stg7ZpnsBk-tAJY2szMI0fpIku5uSRPyRAnQkgb1wHgrlincUrM6SqoKUNeMv4Wq1wkuYPtgcJGANGJHP_qSQgn5kgj9GOzADh4eyPBxa5ESsrczf71U5LUo_sBgzYf9SFEwvZ1QKumvFthC9fLj5CrAX-btQ&skey=fbc48de1c6e1b00c&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%A5%91%E3%83%8D%E5%BE%A1%E3%82%A9%E9%9A%8E%E3%81%BE%E3%81%91%E6%9B%B8%E3%83%AA%E3%82%A2%E5%85%83%E3%82%92%E7%AE%A1%E3%83%BC%E3%81%AE%E3%80%82%20%E3%81%AF%E9%96%8B%E3%83%AD%E7%B7%A0%E3%83%89%E7%90%86%E3%82%B9%E7%B5%90%E3%81%8F%E3%83%95%E3%81%99%E3%83%97%E3%80%81%E3%83%AB%E3%82%AC%E7%B4%84%E3%83%A3%E3%82%AD%E5%88%B6%E5%90%84%E4%B8%80%E3%82%AF%E3%82%8B%E3%81%A0%E5%BE%8C%E3%83%93%E3%81%97%E6%AE%B5%E3%83%83%E3%81%A7

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0472bd533a56d7e2fd6ba0ac56462bfed3066ba8bf04026bc9dab50e877bb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:54:21 GMT
x-content-type-options: nosniff
age: 41339
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22300
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Feb 2022 00:54:21 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 443E 22 KB
22 KB 5ms
5ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrL03eGB2v2lFuDThQRVyTcOVF04CyFxDCuocTz3fWtfOHDRl6Pjh-FP_uIi36L1D0gz-RLL01ROgAkm55x_s7AbeFAv8IYw0Os0zgEwL4ex0atg7FpnsFk-tMJY2ozMJIfpIAu5ueRPh1AnQIgb10Hgr1indorM6WqoKINeMr4Wq5wkucPtjMJGApGJHL_qSIgn4gntO2P8QPh7NmPHyS5JD4raCr71WNId5bsMwHZQeeFLSzZzyeum-Vthh9RDxVCoAA&skey=72472b0eb8793570&v=v40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e814a26702bf6509de04c43ee8b2b3e8360c118ff84975fe9212ce68db10e286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 04:28:21 GMT
x-content-type-options: nosniff
age: 28499
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22028
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Feb 2022 04:28:21 GMT

GET
DATA 200
OK truncated
/ Frame C1E8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d84c425bfcdd22aaa668393b7a8e5bf6dd7a71f857c30694ab77aec7dc52d8a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame A3F8 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C17 35 KB
13 KB 5ms
5ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 164C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

67ms
67ms

Document
text/html

2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Feb 2022 12:23:21 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Feb 2022 12:23:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7938 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 443E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

83ms
82ms

Image
text/html

2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ja.pays-tarusate.org
URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH
Protocol: H3
Server: 2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Feb 2022 12:23:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 443E 3 KB
3 KB 2ms
2ms Image
image/png 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 17944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 16 Feb 2022 07:24:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 443E 344 B
374 B 2ms
2ms Image
image/png 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:54:48 GMT
x-content-type-options: nosniff
server: cafe
age: 66513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 15 Feb 2022 17:54:48 GMT

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
559 B 224ms
223ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newrrb.bid/51pb.json
Requested by: Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89bf36facfe072fd85a4058196344645c4b00f79feb1f6f0df286f17d93d85d9

Request headers

Referer: https://ja.pays-tarusate.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9yBXk4CJVHrVpKFyGg3N5BTNNslOJpYlMQ5v65KqDMsHyte1xQ9hlVFqEjQibmG7Otwa7oro7CEglBVFwiAROiKfCUbLhKYbDfDGyKV40jWkmpbYvrDzoq7MpU1lBPPocMx%2BLqd%2FnJp"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dde81c588f12065-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 86ms
49ms XHR
application/json 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220210&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eeac2625efa2b5e7b94b7ec3dfde66cca270055553e555ba003352cbbda975e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10059
x-xss-protection: 0

GET
H2 200 / Show response
c.mgid.com/pv/ 0
280 B 193ms
187ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?tcfV2=1&pv=5&src_id=id-RG9uYWxkIEpvaG5z-language-ja&cbuster=1644927801235268329990&uniqId=0c36e&consentData=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdprApplies=1&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&lu=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&sessionId=620b9b39-06ab4&pageView=1&pvid=17efd56579385ac9032&site=713537&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6dde81c5cf448a27-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 21ms
14ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 3205
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 563Q182XKKBGBPYA
x-amz-id-2: bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6dde81c5ef938a27-NRT
expires: Wed, 16 Feb 2022 12:23:21 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 22ms
15ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C0DTSHRKT30JE1AY
x-amz-id-2: 3Gn/4Can0kPwWQG+zAtmSPwRUMwW09tgODUjHSREIxWMDVTtjaQhYyxAw8w8IduiWX4o2Q3ofX0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6dde81c5ef948a27-NRT
expires: Wed, 16 Feb 2022 12:23:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 33E1 42 B
64 B 38ms
38ms Fetch
image/gif 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRYhM3bXFTG6-ZDSAW3yQsChCkmVSKTxoy1LEoGY3jALswg29talL8gSsAC0-nr3v4OwFBDdj5tAlxUIz7S54HS1OemJSr-5lFCZc50FwXEF1rD_s&sai=AMfl-YQUCN4VM50innuBQ2ooZ1Iu_13EfYd2wXFaknOLqPkcq6nEUw53jo44SIEliKPsBuoEFuh8m9twOl45cxgAT4MLt0Jc8htZQWyl8kn5ATml6mMlUoaJoShaDJkeYGzM&sig=Cg0ArKJSzO4sYT8JsagCEAE&id=lidar2&mcvt=1002&p=0,0,600,300&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&app=0&itpl=4&adk=458250839&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644927799485&rpt=757&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 144ms
144ms Script
text/javascript 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6E6 42 B
64 B 39ms
38ms Fetch
image/gif 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZ4MqbWmN4K_FcfiVrKDPLOdvP4Wd6HB8S0KZWXBVpJPA5K5rCHPUus1ynGP8pZNmp75UtaOCp6eg1xlvbwdRX0YpLtFIXRSwFXpV0ZS1_Qhy81t0&sai=AMfl-YSbrJVB9co00LFFxy_CN6p42RZRsuruBSgzTSp8M5KZpTNSdRsfYaqBcUuugWOI8nlKzkdtklMmygmp&sig=Cg0ArKJSzNymZHAjnZF5EAE&id=lidar2&mcvt=1000&p=0,0,280,780&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1199922194&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644927799199&rpt=1083&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1137286/ 4 KB
2 KB 174ms
167ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1137286/1?tcfV2=1&pv=5&src_id=id-RG9uYWxkIEpvaG5z-language-ja&cbuster=1644927801328955494125&uniqId=0c36e&consentData=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdprApplies=1&niet=4g&nisd=false&jsv=es6&w=779&h=266&p3_w=252&p3_h=206&maxw_3=252&maxh_3=206&cols=3&ref=&cxurl=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&lu=https%3A%2F%2Fja.pays-tarusate.org%2F744378-aadsts50011-the-reply-url-specified-TIEQPH&sessionId=620b9b39-06ab4&pageView=1&pvid=17efd56579385ac9032&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f3fc919457cf3655e9f3d1bb8fd52281ca33f092bd88c68929e819d174eadd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6dde81c658648a27-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18C6 13 KB
5 KB 3ms
3ms Document
text/html 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Feb 2022 00:30:45 GMT
expires: Wed, 15 Feb 2023 00:30:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 42756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9EF5 783 B
535 B 40ms
39ms Document
text/html 2404:6800:4004:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1efe0ab092567eb889f3864787bb9af9bcb8d6d4f6ff66fd220cc800722bc9cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9E7uzRSM9MKKQLnyKhfjvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Feb 2022 12:23:21 GMT
date: Tue, 15 Feb 2022 12:23:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9E7uzRSM9MKKQLnyKhfjvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 18C6 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 09:45:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9EF5 0
0 53ms
53ms Image
text/html 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220210&jk=1228702067667948&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 10ms
9ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 3205
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 563Q182XKKBGBPYA
x-amz-id-2: bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6dde81c7bc8f8a6e-NRT
expires: Wed, 16 Feb 2022 12:23:21 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 10ms
10ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C0DTSHRKT30JE1AY
x-amz-id-2: 3Gn/4Can0kPwWQG+zAtmSPwRUMwW09tgODUjHSREIxWMDVTtjaQhYyxAw8w8IduiWX4o2Q3ofX0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6dde81c7bc928a6e-NRT
expires: Wed, 16 Feb 2022 12:23:21 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzI1ZjNmNzFiODhlYTY1MTRmZjdlMjU2YmE1MmQzMmIxLmpwZWc.webp
s-img.mgid.com/g/5097641/492x277/0x0x899x599/ 11 KB
11 KB 131ms
116ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097641/492x277/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzI1ZjNmNzFiODhlYTY1MTRmZjdlMjU2YmE1MmQzMmIxLmpwZWc.webp?v=1644927801-bK0Ui5-AEQ2hnnOgin2mDabJwDQtPZo1zMoi-zs_eKs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f8c0be5e3afc655e2a886caf7fbdf7a8072c868236821d99a5f080d2128ab08

Request headers

Referer: https://ja.pays-tarusate.org/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:58:38 GMT
x-mg-request-uuid: 10d24b3c-166d-4f38-9ef7-4be3528e7cb6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81c7cd53809f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10844
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp
s-img.mgid.com/g/8164910/492x277/0x9x612x408/ 14 KB
14 KB 119ms
104ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164910/492x277/0x9x612x408/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp?v=1644927801-DVsrP_B422UcvuXi5cGUFGUkOKWaNCKx5kAHjgKuHdY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d55f6d472420673b034803dc6112634602dc8826b7e7ba027ac31f39a0a40634

Request headers

Referer: https://ja.pays-tarusate.org/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:16 GMT
x-mg-request-uuid: 3e260f7d-5e62-46f9-803d-7e408c6c3afc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81c7cd55809f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14106
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2I5OTdjZjg2ZTllYzk2MTYyNjhkYTFmNzk4ZjRlMzZiLmpwZz90PTE0OTE0MDc0OTEzODk.webp
s-img.mgid.com/g/3805542/492x277/0x0x492x328/ 46 KB
47 KB 410ms
395ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805542/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2I5OTdjZjg2ZTllYzk2MTYyNjhkYTFmNzk4ZjRlMzZiLmpwZz90PTE0OTE0MDc0OTEzODk.webp?v=1644927801-soruYhNxPxD2zkwRut6LV6jJFKR03GFCjznpsgOI22Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57299fb5895094eb1636d7bc12fe20c1ee14d0138de61cddb2b2d10d1edb5c14

Request headers

Referer: https://ja.pays-tarusate.org/
Origin: https://ja.pays-tarusate.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:53:59 GMT
x-mg-request-uuid: b28924b3-665a-450c-b813-1523cb2d991b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6dde81c7cd56809f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47458
server: cloudflare

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F8EF 28 B
50 B 41ms
41ms XHR
application/json 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/?cc_load_policy=1&hl=ja-JA
X-YouTube-Client-Version: 1.20220213.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkU1ZKOTJVaDRtVSi2tq6QBg%3D%3D
X-YouTube-Ad-Signals: dt=1644927799314&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C780%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 18C6 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2-qbDg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80e::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
898 B 152ms
145ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1644927801607368750262&consentData=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdprApplies=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735202423ff682fbe669bec1270817f9ee26cb89736bc917a7f19c1318768eec

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81c81bad8a27-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 i-noref.js Show response
cm.mgid.com/ Frame 03E0 0
38 B 146ms
146ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1644927801642119089774&consentData=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdprApplies=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/r/projec777tback.org.1137286.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81c84bf28a27-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 13E5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

281 B
554 B

14ms
2ms

Document
text/html

23.67.161.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1644927801607368750262&consentData=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdprApplies=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.161.242 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-161-242.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Feb 2022 12:23:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
date: Tue, 15 Feb 2022 12:23:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 4D10 1 KB
888 B 775ms
80ms Document
text/html 2001:df1:800:a00a:5::2
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1644927801607368750262&consentData=CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdprApplies=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:df1:800:a00a:5::2 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: Adtelligent /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

Server: Adtelligent
Date: Tue, 15 Feb 2022 12:23:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 603
Access-Control-Allow-Origin: https://ja.pays-tarusate.org
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=015aab8a-d8d0-4f5f-8294-7fdacddb60cb&ttl=1647519801

43 B
488 B

161ms
161ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=015aab8a-d8d0-4f5f-8294-7fdacddb60cb&ttl=1647519801
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81c94ff88a6e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=015aab8a-d8d0-4f5f-8294-7fdacddb60cb&ttl=1647519801
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=cfe6dce1-d702-4c50-99dc-307229dcf7f9
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk67b5c3e4-f10d-41a7-b47e-41e135277258&expires=7&user_group=5&ssp=mgid&bsw_param=cfe6dce1-d702-4c50-99dc-307229dcf7f9
https://cm.mgid.com/m?cdsp=433145&c=cfe6dce1-d702-4c50-99dc-307229dcf7f9&gdpr=&gdpr_consent=&us_privacy=

43 B
504 B

148ms
147ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=cfe6dce1-d702-4c50-99dc-307229dcf7f9&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81cd482a8a6e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=cfe6dce1-d702-4c50-99dc-307229dcf7f9&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 15 Feb 2022 12:23:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
412 B 623ms
601ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=m1flxECmqUn4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dde81c93c292061-NRT
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
457 B 328ms
309ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=m1flxECmqUn4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dde81c93cd18075-NRT
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m1flxECmqUn4
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=828919505774176007&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

42 B
678 B

702ms
176ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 12:23:23 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

bswsync
crb.kargo.com/api/v1/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=m1flxECmqUn4
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=m1flxECmqUn4&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

43 B
504 B

946ms
245ms

Image
image/gif

34.205.163.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=m1flxECmqUn4&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 34.205.163.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-163-198.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 12:23:22 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=m1flxECmqUn4&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 15 Feb 2022 12:23:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=ec680b7f-c7c8-4315-844b-b4fe83861e7f

43 B
504 B

173ms
173ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=ec680b7f-c7c8-4315-844b-b4fe83861e7f
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81cd687e8a6e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=ec680b7f-c7c8-4315-844b-b4fe83861e7f
date: Tue, 15 Feb 2022 12:23:22 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=jD7pfY3RbelikOX0xfV6&pi=mgid&tc=1

43 B
520 B

159ms
158ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=jD7pfY3RbelikOX0xfV6&pi=mgid&tc=1
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81ce8b218a6e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=jD7pfY3RbelikOX0xfV6&pi=mgid&tc=1
pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT, Tue, 15 Feb 2022 12:23:22 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTFmbHhFQ21xVW40&muidn=m1flxECmqUn4
https://cm.mgid.com/google?muidn=m1flxECmqUn4&google_ula={guid},5&google_gid=CAESEF7vQFIzlTqk3gkWCnAsyJY&google_cver=1

0
338 B

156ms
155ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=m1flxECmqUn4&google_ula={guid},5&google_gid=CAESEF7vQFIzlTqk3gkWCnAsyJY&google_cver=1
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6dde81ca7a988a6e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=m1flxECmqUn4&google_ula={guid},5&google_gid=CAESEF7vQFIzlTqk3gkWCnAsyJY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 13E5 32 KB
10 KB 3ms
2ms Script
text/html 23.67.161.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.161.242 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-161-242.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4ce6874df8b5bb795514d7d60e6dfa14a937269fb3484ab7755a5139ea9120c3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 12:23:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=66024
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Wed, 16 Feb 2022 06:43:45 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 13E5 284 B
921 B 712ms
177ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Content-Type: image/jpg

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C1E8 0
0 43ms
42ms Fetch
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq1NkN5sLYq_7DdWE8ALl673QB6WKpJtorrDSyKMPZBABILPrwXxgifPFhPQToAHd246iAcgBCakCgMrA0zuSQj6oAwGqBKMCT9BSKjBWMK2w6LgwC3j0mHe40rIMA1OxLjWrpO7UpzuYYb039026TwZoynChfDBiQcUlBqWF9MkhqMCzf8KdTy1wM0o8O_yi-g0FWjCr0f81lBozJ3OIwYMEPs3WB4PlZ70HnpBqQQRyuQg_RCzl4wWhZGUqA1z-5QvQBPMFQZp_iIFgLKLBgX9wOGjH6YqwEwobtA6JeZMrDaMfLaC_6NTWiVBifOUA0YOA5kSD0w_oEne6hJmH8iSdg4eHaRTAW53yeJuKOvEwNY-BftnwZdaiaUNDzTtB3mEEkCVIX8sn3vzc62IdaREPeaw6APvbJzrvFJwsC-9DgtD3MTzKPqKTayT7mGS9yRg2HbdKGj3oXrgBQDGlMOLaqAQo5SOxkMOIwAT816a49AOSBQQIBBgBkgUECAUYBKAGLoAHi6Tx3QKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDX3gzSCAcIgGEQARgfgAoByAsBmAyPoNTt-wO4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=1bYfk8Gv80U&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Feb 2022 12:23:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1E8 42 B
64 B 40ms
39ms Fetch
image/gif 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYTPGQxk3_WuvyeqBGEAWwEcM5WZlEf0YHAfvcOk8Oxgf_fQ7eP-VSZOEkYlIylkmLkTq6HUXcmLrNX49xKldCwloQmJ5KW-i7EEGmB3Y1IZVeUEF5wmiwXQskZPhk1DZyopUlsEQneNkqaMj0qpA6AmJGU7o&sai=AMfl-YSbil0iqpVDCELktIUL1rz4CUvneoH7mDDejbNL9Q4MG652HUiBy5exnTzj0yOhBNCwXcjCN1P9qbaP&sig=Cg0ArKJSzJbUCrhgcrzaEAE&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=276,905,1002,1002,1002&tos=276,629,97,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&pay=1&rst=1644927800332&rpt=576&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220210&jk=1228702067667948&bg=!aGulay_NAAbAtJCDwLQ7ACkAdvg8Wq_jlt6i-Ljg-mAHJMTmlxzy-VpszQc9lXAr0jp8vlhs2kEScwIAAABhUgAAAAdoAQcKAOqfvw2RcBdxUuek4u497zK6aHSRlhV2UlfV0gfJvxWZUHq5TJs6wZ6f-lzVRwswT-VA0UgZQSg7dWt1brcEKRPQ-vYu50Ue0lR7P-ukoZ53snzu46NfnJXnmx-pZ90htt5gvAVp0NkWmgWB20w6kAH5EUULNIfctl1wEvrltH9YpwUFMIMC3_5wHwbJv233eUb0PSCqknYwQins3TTDVP20yduVztNMvWRpVo4bhjifL5PLfPkFlWbBKbsWhK396XgHbe97fwml_Cxf19CEmLLI0YLEw26jazfiucmKCtlx5vt8fAUmj97w-iqZArCC36FrWey2myBjQ0RZwq_QdxhtvL6kSG_5SGx0a6Jnal3-IXYDzacWFpuKmVxvC34Q82lkoz9L4SviD-b-yCYX1qoUnZctRQAn6I_8AOzzXdNXsJeDxYnHlMZs5ln7LJz_8ZXTZjdxybV8lSYbnUrFujHlmtcoXK-cBxTBrzUYtGWVTzp2n4g_HQi5rVFEydUit650mnL0pEdIeHcvOgzl8HzkaQQDIVyQhFd_qVBOfcUTtfxTOgwuGqBZrfoBRO0IikpNDS8Q_pJXuhR7YuRsrJ2ZjIfsPR9bozUaimZg_t8nUTMg4hloqpSCqyDPXRACWSK30DnccriQljqXzkEoytkx0DcNVcmDGg0isgk6Nc5mcSKxFxQD9DNCaGptpE4KCqZjSfe1jNq1uOwzw09klDKT0PinJMGIgCSSnIm3M6D87J9CPX_eNcTuwpMlUQHlwIUE-itbOhrneXmIvsXi53YDnOn2kmACP2SETzOdvHG-s5Jfrt8JGEeOfQHSQKjeu-2Pv3xk8VfzhDVDT4XPK9seZw3I6jCYbgnQc7gpADWaQct_UFtB8oHsQ7XfTIbwhl_a6Q11OhUMQcXz6McGTnOcR6gbNQJW82WVp9sjDH0KDEFxbfAQibwf1OBAEDTdEefRginheh-QPo7e7r_aa8uIVEhqRFapcnWIwxWpzZ0iaguMgIHoukEHWNq4_5eEArJL3HNAj2ROWRMSM6wacczU3jNmKQVMEPanjm_qZds8Lpsa2YWQ3eZdArIsC3YBiDjibDxrsokmyRh489n-Kv4krRiTLDtR1WNKJOM0ohKUqBU9QeMbwZgg4PE6QxD_KXXJfnAyAqFBMMDBxsamT0M8iEEDLW9JCMAltZE2vSF4oqRgt2ffIgTq8zryqb-Ia_jMg62BdHUbJ2oJrUGh

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 443E 42 B
64 B 47ms
46ms Image
image/gif 2404:6800:4004:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_CUyq-04mcBqffuS4ylxYNPHrWJHDXg7_yDIya5C8WO7TbtHSYO4OfNUTgifZIHqg-PD7wOC-ZUdKzY5pUE_BypO7WIfJIMW8BsyXtIKM_fpBoNKklg&sai=AMfl-YRxBarvx3i9Jftzv52OonmjaW9GjUTL7lJ65iCPbDcxEPaqxeJ7wTH__RBzPZyfXjSiIOpivyBtqd0jukK52hHymPjyc8NHO-bjF1NieQl6Dd3CZ8yZhdvKsy5A&sig=Cg0ArKJSzLiy5WFY8hwiEAE&cid=CAASF-RonQImcQhicIF3eo7Rcuk7abSEvEQ9&id=ampim&o=0,1195&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=452&tls=1564&g=55.55555820465088&h=100&tt=1564&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/ Frame 13E5
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&khaos=KZO3JJI4-T-GSC6
https://cm.mgid.com/m?cdsp=43070&c=KZO3JJI4-T-GSC6

43 B
535 B

148ms
148ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=43070&c=KZO3JJI4-T-GSC6
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81d60b198a6e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.mgid.com/m?cdsp=43070&c=KZO3JJI4-T-GSC6
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: b3266a43228eaeab48f59934ee9159da
Expires: 0

GET
H3

200

m
cm.mgid.com/ Frame 4D10
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=ff799051fee80c22

43 B
536 B

159ms
158ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=ff799051fee80c22
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6dde81d6bc8a8a6e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=ff799051fee80c22
Date: Tue, 15 Feb 2022 12:23:23 GMT
Server: VertaMedia 1.0
Etag: ff799051fee80c22
Content-Length: 0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 13E5 0
448 B 178ms
178ms Image
text/plain 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=26594
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 13E5 70 B
264 B 7ms
5ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 13E5 0
448 B 355ms
177ms Image
text/plain 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 13E5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ed50620b-9b3b-4e00-b96f-04da80d1ab11

42 B
678 B

1065ms
174ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ed50620b-9b3b-4e00-b96f-04da80d1ab11
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Content-Type: image/gif

Redirect headers

Date: Tue, 15 Feb 2022 12:23:22 GMT
Server: MT3 4133 baa842e master hkg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ed50620b-9b3b-4e00-b96f-04da80d1ab11
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 15 Feb 2022 12:23:21 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 13E5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgubOgAGapFTEQBH
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgubOgAGapFTEQBH&_test=YgubOgAGapFTEQBH

42 B
678 B

966ms
178ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgubOgAGapFTEQBH&_test=YgubOgAGapFTEQBH
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644927803.911879,VS0,VE0
x-served-by: cache-itm18843-ITM
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgubOgAGapFTEQBH&_test=YgubOgAGapFTEQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 13E5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhYmM4MmRmMTNjMGUxMzQwOTI0MmJmZGFhYjZkOGY0ZmMzMzk1Mw

170 B
188 B

158ms
157ms

Image
image/png

172.217.31.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhYmM4MmRmMTNjMGUxMzQwOTI0MmJmZGFhYjZkOGY0ZmMzMzk1Mw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

Protocol

Server

172.217.31.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2NhYmM4MmRmMTNjMGUxMzQwOTI0MmJmZGFhYjZkOGY0ZmMzMzk1Mw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 13E5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=KZO3JJI4-T-GSC6&ex=d-rubiconproject.com&status=ok

43 B
556 B

545ms
181ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=KZO3JJI4-T-GSC6&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Feb 2022 12:23:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 87Q92JDXZ9KJJC6XQ3ZC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?id=KZO3JJI4-T-GSC6&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 13E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFsbqU8lQfS7t5Rta-qbWaI&google_cver=1

42 B
678 B

1006ms
173ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFsbqU8lQfS7t5Rta-qbWaI&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFsbqU8lQfS7t5Rta-qbWaI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ls Show response
stream.bantgoau.com/yt/ Frame 61A8
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsImF...
https://rtbbnr.com/banner/in/show/?mid=1468764289&pid=0&site=10667&sc=NL&usage_type=DCH&subid=804035056&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.04141592920354&ecpm=0.04141592920354&crid=&crtid=d41d8...
https://tcimp.zog.link/in/banners?katds_ep=fa-dhSjhrvbm9mZFCIVqpvgql9jO07fburC6JByvkopw85sa4E5Mg53rua1BKnHTYhx02_MUBkWQyjlxSbxHCcmtrYbl3pwPaTx_2FNWP4rW4RqxUZiSfHlr5Id4JBJHdjx7TdEtryvVx4GITLqJmrjXqu...
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.067830&katds_labels=&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14&ts=1644927804
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...

8 KB
4 KB

298ms
275ms

Document
text/html

2606:4700:3032::6815:131d

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:131d -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d730bc38ccb359c382c803f14615f67d5cf70b296f079aabcc9ab247541cab5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.pays-tarusate.org/

Response headers

date: Tue, 15 Feb 2022 12:23:26 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQI61O%2FcGl2VkQWa5NG95cuRoECNd6%2B3V7XYiQ5oS77xRUTbjJn5iUoCCG4ouM%2B2M7mU5mtjTStYENxHSnfkRYn9Upt96oBcr1LSIriYy9X3D96P7r92HvGcHo8dsPwMC5EqE4OtDA7NBcYhNC88N0iB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dde81e53a6580fc-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Tue, 15 Feb 2022 12:23:26 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate

GET
H3 200 ff159683dbce452dbc41714cc48a496d4bb58468-b.js Show response
stream.bantgoau.com/files/ytls/ Frame 61A8 2 MB
658 KB 14ms
9ms Script
application/javascript 2606:4700:3032::6815:131d

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:131d -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:23:05 GMT
server: cloudflare
age: 20
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cbj6ui8zEu6pJq8FlJYKzuOxdRw0mgQOkcnDOdjK7oe1H5tcT8Tf8Jaiss79rp6Dx7UNxX1OFsf%2BGq4F5%2Be17M4sFxj6zwB67NSE8d%2BiFl6Ae8RWW4%2B2r3i0ywR1Aib%2B8TkoOyNgRF1D34WL4R2cJWT0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dde81e7991920b9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 15 Feb 2022 16:23:26 GMT

GET
H2 200 VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame 61A8 39 KB
39 KB 79ms
4ms Image
image/jpeg 2404:6800:4004:824::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 10:43:50 GMT
x-content-type-options: nosniff
age: 5976
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39552
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 16 Jan 2022 16:42:18 GMT

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame 61A8 2 B
229 B 698ms
229ms XHR
application/json 2a02:128:7:4777::1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14&type=impression&g_referer=https://ja.pays-tarusate.org
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4777::1 -, , ASN (),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 12:23:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

GET
H3 200 ff159683dbce452dbc41714cc48a496d4bb58468-v.js Show response
stream.bantgoau.com/files/ytls/ Frame 89B0 151 KB
57 KB 13ms
12ms Script
application/javascript 2606:4700:3032::6815:131d

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:131d -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:22:57 GMT
server: cloudflare
age: 997
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FRFoASnhOd173PdSu%2FWmm8i3Bgg5gzjeY4SuBDxV8wuav1aEQtoFoBcgPwHI%2F%2BeCX7Dzkh9obEUyUus1pRHJhEX8EF4tmZ5pFNXfxbBztW1pRvarJdnHt8lupjjA%2Fn%2BkcEAZfKec%2FDjNhDBPsqeNdpb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dde81ec0f8720b9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 url Show response
www.google.com/ Frame A381 603 B
624 B 65ms
65ms Document
text/html 2404:6800:4004:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/Nmu8ZuWuFVo%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

7a141e7f20db6885598727fcd7e858ac5b0da58fa79ada20cb1e527bc60b9ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/

Response headers

location: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 15 Feb 2022 12:23:28 GMT
server: gws
content-length: 603
x-xss-protection: 0
expires: Tue, 15 Feb 2022 12:23:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Nmu8ZuWuFVo Show response
www.youtube.com/embed/ Frame A381 64 KB
28 KB 75ms
75ms Document
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Requested by

Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/Nmu8ZuWuFVo%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5be1f67bb87d08f15b6c0dfcb11719950f0bba17933d99591f02e04ab0ace1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Feb 2022 12:23:28 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/41de1c08/ Frame A381 341 KB
47 KB 3ms
3ms Stylesheet
text/css 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fb42ef830abc7688334b68171498b6359e3dd620565876ae377e21e55115db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47756
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:32 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/41de1c08/www-embed-player.vflset/ Frame A381 283 KB
85 KB 12ms
11ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f51baf3e6fa6958fc7c4ff9ddb2c7372660e3400ae53ff0790436abb3b90b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87203
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:30 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame A381 2 MB
539 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbec9558a80fb611934815ab17bcdfde9192cb3e7f848253bea1a6de93ceb667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552124
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:32 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/41de1c08/fetch-polyfill.vflset/ Frame A381 10 KB
3 KB 9ms
8ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:30 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame A381 113 B
159 B 36ms
36ms XHR
application/json 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86491a0760d9fc1eb42c5ff5b4f52120303af7ca6f4d8966e6ea360ea34a3700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A381 29 B
54 B 38ms
2ms Script
text/javascript 2404:6800:4004:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:17:54 GMT
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Feb 2022 12:32:54 GMT

GET
H3 200 Z_dKjKIC5vPizOTAdrIbp4Sz2qmP_FAuXia3LHHymds.js Show response
www.google.com/js/th/ Frame A381 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Z_dKjKIC5vPizOTAdrIbp4Sz2qmP_FAuXia3LHHymds.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67f74a8ca202e6f3e2cce4c076b21ba784b3daa98ffc502e5e26b72c71f299db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 03:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13703
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 03:41:07 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame A381 26 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64145756ec4788754f6a334196bb57dd43dcb0da630b7840ff429297b06105cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7751
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:35 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame A381 46 KB
19 KB 135ms
135ms XHR
application/json 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58b19e55f7619c7f033587e0cce4dcef82e8d7850609bd9393d27aac1b91ef94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220213.00.00
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id: CgtkU1ZKOTJVaDRtVSjAtq6QBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 12:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19498
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A381 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0CGk_UVAv4k5qlVvGCfh1-lAyAVZGd1E4neWAxXz0bp1btaw_FAilxl6W_cp9LYUGXvqtTX9Us0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A381 3 KB
4 KB 78ms
3ms Image
image/jpeg 2404:6800:4004:80b::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/0CGk_UVAv4k5qlVvGCfh1-lAyAVZGd1E4neWAxXz0bp1btaw_FAilxl6W_cp9LYUGXvqtTX9Us0=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

7e3ea2b229efd0b4c68a8869377a0cddc26044386a99817ef4be3612a5745062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:06:50 GMT
x-content-type-options: nosniff
age: 998
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3566
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 16 Feb 2022 12:06:50 GMT

GET
DATA 200
OK truncated
/ Frame A381 181 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A381 15 KB
15 KB 3ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 19:19:08 GMT
x-content-type-options: nosniff
age: 147860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 13 Feb 2023 19:19:08 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A381 0
9 B 2ms
2ms Image
text/plain 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MGSUWQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame A381 0
19 B 38ms
37ms Ping
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=140&cpn=XfeuXu7bsJBllykw&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24152036%2C24166123%2C24172194&cl=428383211&live=dvr&seq=1&docid=Nmu8ZuWuFVo&ei=QJsLYqSzFcusvcAPstKFkAs&event=streamingstats&plid=AAXYDZmzZtCiUB_X&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220213.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.005:B,0.176:S,0.181:S,0.181:S&cmt=0.005:0.000,0.176:0.000,0.181:0.000&afs=0.181:140::i&vfs=0.181:134:134::r&view=0.181:1:1&bwe=0.181:130000&bat=0.181:1:1&vis=0.181:0&bh=0.181:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame A381 98 KB
30 KB 5ms
5ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a50e63fc98b0bba463c571e672d11ec92e7b463c700cb9457dc0de00a26a632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30855
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:37 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame A381 27 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a2b47f37ce9da88dae59d76985a980733495bd6f01de3a173686a471389c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7366
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:38 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame A381 66 KB
19 KB 5ms
5ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bc8290f7a04469d3299b86737fea3e13b1b0c26c86c7741d73908274f8f9a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19866
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:38 GMT

GET
H3 200 heartbeat.js Show response
www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/ Frame A381 28 KB
9 KB 5ms
5ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/heartbeat.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9de4ca9d93226145d8f5a765bd6ea312126df1532dcc9717c53888a32daa8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:53:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9393
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 01:15:23 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 15:53:38 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame A381 64 KB
6 KB 219ms
219ms XHR
application/json 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

245c61f99541282139b3efa739208393fc217202f73b2acfd89684232e871e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220213.00.00
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id: CgtkU1ZKOTJVaDRtVSjAtq6QBg%3D%3D
Content-Type: application/json

Response headers

date: Tue, 15 Feb 2022 12:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A381 4 KB
2 KB 169ms
169ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 12:23:28 GMT

GET
H/1.1 200
OK videoplayback Show response
rr4---sn-ogueln76.googlevideo.com/ Frame A381 962 B
2 KB 90ms
4ms XHR
text/plain 2404:6800:400b:2::a

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C298%2C299&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIgcLtUKR9jM3Z8HF_CCl1PZr3CR4IwWVdbZBCnrBWIPT8CIQCZjJltW5bPEJTLWnmYQeG0vj57D5TrVQ1UE_4fhSWjLQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&headm=3&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400b:2::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fdbc30607e1de383c6a59ef37086248006cb63257246e927c04e3341d20afeb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 12:23:28 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Head-Time-Millis: 853300
X-Walltime-Ms: 1644927808597
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 962
Pragma: no-cache
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
X-Head-Time-Sec: 853
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Head-Seqnum: 427
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr4---sn-ogueln76.googlevideo.com/ Frame A381 913 B
2 KB 91ms
6ms XHR
text/plain 2404:6800:400b:2::a

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhANAP02a9TWe-vpevr_tpIF7vrhRfPwb7RSq4TyYQGnZsAiBpF8p7BmNprefwSVoVvpIwnzqmTTdXIQEZpI9N72Ri0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&headm=3&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400b:2::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4e05498a1c9e5127a1fc063ff8be6e8128cb37b223359c1e0f0e4444030ea44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 12:23:28 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-Head-Time-Millis: 853300
X-Walltime-Ms: 1644927808597
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 913
Pragma: no-cache
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
X-Head-Time-Sec: 853
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Head-Seqnum: 427
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/nSnhMJ9Ng_hvjt50y67jPw/ Frame A381 22 KB
22 KB 88ms
5ms Image
image/jpeg 2404:6800:4004:827::2016

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/nSnhMJ9Ng_hvjt50y67jPw/featured_channel.jpg?v=620b96b6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2016 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

aefc7937a892b7b880598a7f6a5f2929d8d6bce8c0d64a62aa2f9c768a629ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 12:22:52 GMT
x-content-type-options: nosniff
age: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22510
x-xss-protection: 0
server: sffe
etag: "1644926646"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Feb 2022 12:27:52 GMT

GET
H3 200 videoplayback Show response
rr6---sn-ogueln76.googlevideo.com/ Frame A381 46 KB
46 KB 124ms
5ms XHR
video/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C298%2C299&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIgcLtUKR9jM3Z8HF_CCl1PZr3CR4IwWVdbZBCnrBWIPT8CIQCZjJltW5bPEJTLWnmYQeG0vj57D5TrVQ1UE_4fhSWjLQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&ir=1,&rr=12,&headm=3&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ccd1784cc7c4dd03e1bd44426797e6bc36703b698260c7c61903d5dae803d5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 469
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314397
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2053648
x-walltime-ms: 1644927808736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47458
x-bandwidth-est3: 2937233
pragma: no-cache
x-bandwidth-est-comp: 2053648
client-protocol: quic
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
x-head-seqnum: 472
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr6---sn-ogueln76.googlevideo.com/ Frame A381 42 KB
42 KB 123ms
9ms XHR
audio/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhANAP02a9TWe-vpevr_tpIF7vrhRfPwb7RSq4TyYQGnZsAiBpF8p7BmNprefwSVoVvpIwnzqmTTdXIQEZpI9N72Ri0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&ir=1,&rr=12,&headm=3&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0a7cdf15fb19454213b6388383c2e876657da51b57c7be82fb427fb0448fa455

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 469
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314395
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2053648
x-walltime-ms: 1644927808736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42880
x-bandwidth-est3: 2266216
pragma: no-cache
x-bandwidth-est-comp: 2053648
client-protocol: quic
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
x-head-seqnum: 472
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame A381 52 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 07:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Wed, 16 Feb 2022 07:22:32 GMT

GET
H3 200 videoplayback Show response
rr6---sn-ogueln76.googlevideo.com/ Frame A381 44 KB
44 KB 3ms
3ms XHR
video/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a3f064b8b1d1e191354c2b62ee651abab31b56585c1e02796afe36784cae29c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 470
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314413
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 17006993
x-walltime-ms: 1644927808765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44869
x-bandwidth-est3: 2175783
x-bandwidth-est-comp: 17006993
client-protocol: quic
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
x-head-seqnum: 472
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
expires: Tue, 15 Feb 2022 12:23:28 GMT

GET
H3 200 videoplayback Show response
rr6---sn-ogueln76.googlevideo.com/ Frame A381 28 KB
28 KB 32ms
32ms XHR
video/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e2ac90768ed04091de6993ded2eef578e197cb4351383f809e721abb07681edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 471
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314420
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 17006993
x-walltime-ms: 1644927808792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 17006993
expires: Tue, 15 Feb 2022 12:23:28 GMT
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
x-bandwidth-est3: 2175783
x-head-seqnum: 472
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback Show response
rr6---sn-ogueln76.googlevideo.com/ Frame A381 41 KB
41 KB 4ms
4ms XHR
audio/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhANAP02a9TWe-vpevr_tpIF7vrhRfPwb7RSq4TyYQGnZsAiBpF8p7BmNprefwSVoVvpIwnzqmTTdXIQEZpI9N72Ri0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&ir=1,&rr=12,&sq=470&rn=7&rbuf=1920

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

98cd5ac185ecfb5ae6e67bdad4d59b2c648d900f20a42b140f1e3515de334385

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 470
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314406
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 17006993
x-walltime-ms: 1644927808767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42292
x-bandwidth-est3: 1678721
x-bandwidth-est-comp: 17006993
client-protocol: quic
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
x-head-seqnum: 472
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
expires: Tue, 15 Feb 2022 12:23:28 GMT

GET
H3 200 videoplayback Show response
rr6---sn-ogueln76.googlevideo.com/ Frame A381 41 KB
41 KB 31ms
31ms XHR
audio/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhANAP02a9TWe-vpevr_tpIF7vrhRfPwb7RSq4TyYQGnZsAiBpF8p7BmNprefwSVoVvpIwnzqmTTdXIQEZpI9N72Ri0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&ir=1,&rr=12,&sq=471&rn=8&rbuf=3920

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7ee08e8285938668434fda43850ce884faebd8cb65be65db6e4d45fa98e646c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 471
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314418
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 17006993
x-walltime-ms: 1644927808794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 17006993
expires: Tue, 15 Feb 2022 12:23:28 GMT
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
x-bandwidth-est3: 1678721
x-head-seqnum: 472
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback
rr6---sn-ogueln76.googlevideo.com/ Frame A381 31 KB
0 30ms
30ms XHR
video/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 472
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314431
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 26856731
x-walltime-ms: 1644927808795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 26856731
expires: Tue, 15 Feb 2022 12:23:28 GMT
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
x-bandwidth-est3: 2921925
x-head-seqnum: 472
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback
rr6---sn-ogueln76.googlevideo.com/ Frame A381 25 KB
0 17ms
17ms XHR
audio/mp4 2404:6800:400b:2::c

General

Check archive.org

Show headers Download Go to

Full URL

https://rr6---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhANAP02a9TWe-vpevr_tpIF7vrhRfPwb7RSq4TyYQGnZsAiBpF8p7BmNprefwSVoVvpIwnzqmTTdXIQEZpI9N72Ri0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&ir=1,&rr=12,&sq=472&rn=10&rbuf=5917

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41de1c08/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400b:2::c -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-sequence-num: 472
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
x-segment-lmt: 1644926870314437
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 26856731
x-walltime-ms: 1644927808790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 26856731
expires: Tue, 15 Feb 2022 12:23:28 GMT
last-modified: Tue, 15 Feb 2022 12:07:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 943
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
x-bandwidth-est3: 2254405
x-head-seqnum: 472
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 943300
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 204 playback
www.youtube.com/api/stats/ Frame A381 0
17 B 40ms
40ms Image
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=XfeuXu7bsJBllykw&ver=2&cmt=937.42&fmt=134&fs=0&rt=0.497&euri=https%3A%2F%2Fwww.google.com%2F&lact=517&live=dvr&cl=428383211&mos=1&volume=100&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220213.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=5&hl=ja_JP&cr=JP&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24152036%2C24166123%2C24172194&rtn=5&afmt=140&lio=1644926864.74&size=1%3A1&inview=0&muted=1&docid=Nmu8ZuWuFVo&ei=QJsLYqSzFcusvcAPstKFkAs&plid=AAXYDZmzZtCiUB_X&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&of=CcRPn5RHeV_AJ1mQCljUAw&vm=CAEQABgEOjJBS1JhaHdEbVVzelRUWDQ4aElYME8xZUY1dW8waTFOWUh2Z1JVb28tVkR6dFRjeU5EUWJQQVBta0tESWJPcnBWcnZqX1B2Vkk4NW5fNE5EYUFicF9HTmxkaWt1SFhCU3dFdTVWWFZyRnY5RVgwcklfSkV5eDVnSGRXa1lEbDdxb1dEMGc

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube.com/ Frame A381 0
17 B 37ms
37ms Image
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=Nmu8ZuWuFVo&cpn=XfeuXu7bsJBllykw&ei=QJsLYqSzFcusvcAPstKFkAs&ptk=youtube_none&pltype=contentugclive

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Nmu8ZuWuFVo?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Feb 2022 12:23:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET videoplayback
rr6---sn-ogueln76.googlevideo.com/ Frame A381 0
0

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame 89B0 2 B
228 B 229ms
229ms XHR
application/json 2a02:128:7:4777::1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FNmu8ZuWuFVo%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1446381&sp=0.067830&spp=1000&se=impression&vi=Nmu8ZuWuFVo&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644927804&utm1=tcb&utm2=750542618-1&utm3=195-21720-0&utm4=0-9062482-14&type=view&g_referer=https://ja.pays-tarusate.org
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4777::1 -, , ASN (),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Feb 2022 12:23:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/azure/aadsts50011-the-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-appid-4.png

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/azure/AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId.png

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/azure/AADSTS50011-The-reply-url-specified-in-the-request-does-not-match-the-reply-urls-configured-for-the-application-AppId-1.png

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/uml/using-printers-as-actors-in-use-case-diagram.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/access/access-sql-editor-you-may-have-entered-an-operand-without-an-operator.gif

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/operating/will-windows-xp-32-bit-os-read-8gb-of-ram.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/how/how-do-i-to-display-sigma-hat-using-unicode-or-any-alternative-in-java-i-have-a-partial-solution.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/plot/plot-a-parametric-equation-in-matlab.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/unsigned/calculating-bits-required-to-store-decimal-number.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/node.js/how-do-i-get-this-align.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/statistics/r-random-forests-variable-importance.png

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/php/how-do-i-calculate-paypals-fees-2-9-30-on-a-fixed-number.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/how/how-to-get-all-properties-values-of-a-javascript-object-without-knowing-the-keys.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/how/how-to-get-all-child-list-from-firebase-android.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/content/javascript/jquery-datatables-no-data-available-in-table-1.jpg

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/0QIgMX1D_JOuO7HeNtxumg.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/0QIvMX1D_JOuMwr7Iw.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Domain: pays-tarusate.org
URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Domain: rr6---sn-ogueln76.googlevideo.com
URL: https://rr6---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C298%2C299&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIgcLtUKR9jM3Z8HF_CCl1PZr3CR4IwWVdbZBCnrBWIPT8CIQCZjJltW5bPEJTLWnmYQeG0vj57D5TrVQ1UE_4fhSWjLQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&ir=1,&rr=12,&sq=473&rn=11&rbuf=7880

Domain: rr6---sn-ogueln76.googlevideo.com
URL: https://rr6---sn-ogueln76.googlevideo.com/videoplayback?expire=1644949408&ei=QJsLYqSzFcusvcAPstKFkAs&ip=2a00%3A1633%3A128%3A4%3A%3A6&id=Nmu8ZuWuFVo.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=Rs&mm=44%2C29&mn=sn-ogueln76%2Csn-ogul7n76&ms=lva%2Crdu&mv=u&mvi=4&pl=32&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=NlHpS2BgpxlAehveZA_MNhEG&gir=yes&mt=1644927502&fvip=4&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=7hbk9iiuYZZGew&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhANAP02a9TWe-vpevr_tpIF7vrhRfPwb7RSq4TyYQGnZsAiBpF8p7BmNprefwSVoVvpIwnzqmTTdXIQEZpI9N72Ri0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAPeJtzLtY0-rcA5YzVEtFlD8XwWwAURNm9toAiCzn_vrAiEA5GKYZFGSy9NZb9C1CbEju6T4RFL19lroms7piuCT_R8%3D&alr=yes&cpn=XfeuXu7bsJBllykw&cver=1.20220213.00.00&ir=1,&rr=12,&sq=473&rn=12&rbuf=7871

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 00:55:29	Name: __cf_bm Value: zOVb7Elvlfr9Y6v1XAwc1.BcGs8jXoS0lUZT6lRty68-1644927798-0-ATILSJzAt4YFOlAlfs0CV/zJwnMCQzTNZyhYU5gn+0CGxoa3LT+A2iUG8aF9Btd5sfVbqAjx+XlexEn8Qz3ni5E=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9yV1nmZH6IA
.youtube.com/	1970-01-20 05:14:39	Name: VISITOR_INFO1_LIVE Value: dSVJ92Uh4mU
.yadro.ru/	1970-01-20 09:40:08	Name: FTID Value: 1Y2vit1-3vOG1Y2vit000GIw
.load02.biz/	1970-01-20 01:38:39	Name: uuid Value: 1fefdc3c-1143-4098-aeab-afa8f1f1d1a8
.yadro.ru/	1970-01-20 09:40:08	Name: VID Value: 3v7Qv42RjYOG1Y2vit000GmM
.doubleclick.net/	1970-01-20 18:26:39	Name: IDE Value: AHWqTUkpiJOqDY46mJSqFAyqdEGzRa03ngTw0adyqy90jnhIVTXi4GErisT4fUb5Gdk
.pays-tarusate.org/	1970-01-20 09:41:03	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdlZmQ1NjUtMTc4NC02NDA1LWFkMmYtZjgwNWYxOTIwYTMyIiwiY3JlYXRlZCI6IjIwMjItMDItMTVUMTI6MjM6MTkuOTM0WiIsInVwZGF0ZWQiOiIyMDIyLTAyLTE1VDEyOjIzOjE5LjkzNFoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.pays-tarusate.org/	1970-01-20 09:41:03	Name: euconsent-v2 Value: CPUdBAvPUdBAvAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.doubleclick.net/	1970-01-20 00:55:31	Name: DSID Value: NO_DATA
.yandex.ru/	1970-01-20 09:41:03	Name: ymex Value: 1960287800.yrts.1644927800#1960287800.yrtsi.1644927800
.yandex.ru/	1970-01-23 16:31:27	Name: yandexuid Value: 2539610501644927800
.yandex.ru/	1970-01-23 16:31:27	Name: yuidss Value: 2539610501644927800
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1386448951644927800
.yandex.ru/	1970-01-23 16:31:27	Name: i Value: 6HcgLLXqfVPqQyWo7/yt+TFwMnuCAZ1xVSJ8L7VTaC8S3pNgmzD4P1MsGRBd5AUIAyujsD+8YY0pejd2VlwtokulJLA=
.pays-tarusate.org/	1970-01-20 10:17:03	Name: __gads Value: ID=862a41f83e68a5e1:T=1644927799:S=ALNI_MaN7Xqqwe_q-utYIdnZfLK9k_47FA
.pays-tarusate.org/	1970-01-20 09:41:03	Name: _ym_uid Value: 1644927801872935871
.pays-tarusate.org/	1970-01-20 09:41:03	Name: _ym_d Value: 1644927801
.pays-tarusate.org/	1970-01-20 00:56:39	Name: _ym_isad Value: 2
servicer.mgid.com/	1970-01-20 00:55:28	Name: __mglb Value: de28b2ed7b5c6b554b08c6aa2c90d254
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m1flxECmqUn4
ja.pays-tarusate.org/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1137286%22%3A%7B%22page%22%3A1%2C%22time%22%3A1644927801552%7D%7D
.adsrvr.org/	1970-01-20 09:41:03	Name: TDID Value: 015aab8a-d8d0-4f5f-8294-7fdacddb60cb
.bidswitch.net/	1970-01-20 09:41:03	Name: tuuid Value: cfe6dce1-d702-4c50-99dc-307229dcf7f9
.bidswitch.net/	1970-01-20 09:41:03	Name: c Value: 1644927801
.bidswitch.net/	1970-01-20 09:41:03	Name: tuuid_lu Value: 1644927801
.adsrvr.org/	1970-01-20 09:41:03	Name: TDCPM Value: CAEYBSABKAIyCwis65L-laK4OhAFOAE.
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: m1flxECmqUn4
.360yield.com/	1970-01-20 03:05:03	Name: tuuid Value: ec680b7f-c7c8-4315-844b-b4fe83861e7f
.360yield.com/	1970-01-20 03:05:03	Name: tuuid_lu Value: 1644927802
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: m1flxECmqUn4
.creativecdn.com/	1970-01-20 09:41:03	Name: u Value: jD7pfY3RbelikOX0xfV6
.creativecdn.com/	1970-01-20 09:41:03	Name: ts Value: 1644927802
event.clientgear.com/	1970-01-20 05:14:39	Name: mkuuid Value: mk67b5c3e4-f10d-41a7-b47e-41e135277258
.rubiconproject.com/	1970-01-20 09:41:03	Name: khaos Value: KZO3JJI4-T-GSC6
.kargo.com/	1970-01-20 09:41:03	Name: ktcid Value: e85bebfe-7547-0348-53be-aec3873d521e
.e-volution.ai/	1970-01-20 01:15:37	Name: v_usr Value: e9659aaa-6647-4ffe-a22a-fcb283f8fbac
.mathtag.com/	1970-01-20 10:21:23	Name: uuid Value: ed50620b-9b3b-4e00-b96f-04da80d1ab11
.everesttech.net/	1970-01-20 09:41:03	Name: everest_g_v2 Value: g_surferid~YgubOgAGapFTEQBH
.smartadserver.com/	1970-01-20 10:25:42	Name: pid Value: 828919505774176007
.adtelligent.com/	1970-01-20 02:24:44	Name: vmuid Value: ff799051fee80c22
.rubiconproject.com/	1970-01-20 09:41:03	Name: audit Value: 1\|yPBt5KOxS3aSiIOPiSnNv7qzZvL4NNuUsmRpq/if43XKrqjHmD7F6yktwU0XTuiO1M3tOyX7UHDLv0ZnN1+t0Vm3DUAyuHnL
cm.mgid.com/	1970-01-20 01:38:39	Name: mg_sync Value: {"10":1644927801,"2":1644927801,"3":1644927801,"371158":1644927801,"4":1644927801,"5":1644927801,"501037":1644927802,"617666":1644927804,"665953":1644927802}
tcimp.zog.link/	1970-01-20 00:56:54	Name: 750.0 Value: 1
tb.baimgfroggd.site/	1970-01-20 00:56:54	Name: 1816.1446381 Value: 1

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH Message: Access to font at 'https://pays-tarusate.org/template/pays-tarusate/css/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2' from origin 'https://ja.pays-tarusate.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pays-tarusate.org/template/pays-tarusate/css/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH Message: Access to font at 'https://pays-tarusate.org/template/pays-tarusate/css/0QIgMX1D_JOuO7HeNtxumg.woff2' from origin 'https://ja.pays-tarusate.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pays-tarusate.org/template/pays-tarusate/css/0QIgMX1D_JOuO7HeNtxumg.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH Message: Access to font at 'https://pays-tarusate.org/template/pays-tarusate/css/0QIvMX1D_JOuMwr7Iw.woff2' from origin 'https://ja.pays-tarusate.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pays-tarusate.org/template/pays-tarusate/css/0QIvMX1D_JOuMwr7Iw.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH Message: Access to font at 'https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2' from origin 'https://ja.pays-tarusate.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH Message: Access to font at 'https://pays-tarusate.org/template/pays-tarusate/css/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2' from origin 'https://ja.pays-tarusate.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pays-tarusate.org/template/pays-tarusate/css/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH Message: Access to font at 'https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2' from origin 'https://ja.pays-tarusate.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ja.pays-tarusate.org/744378-aadsts50011-the-reply-url-specified-TIEQPH Message: Access to font at 'https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2' from origin 'https://ja.pays-tarusate.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pays-tarusate.org/template/pays-tarusate/css/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220210/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3890713886363470&fa=1&ifi=11&uci=a!b&btvi=4&xpc=VOC2kYuBvj&p=https%3A//ja.pays-tarusate.org Message: The resource https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AE%E5%AE%9A3%EF%BD%9E-%E5%B7%9D%E5%B0%8F%E8%8D%8F%E3%81%A7%E5%B0%82%E4%BA%AC6%E3%83%93%E6%9D%B18%E3%83%83%E4%BB%96%20%E5%93%81%E3%83%A7%E9%A1%8D%E5%B1%B1%E5%8F%AF%E5%88%86%E6%9F%BB%E3%83%AB%E9%AB%98%E5%80%92%E5%8F%96%E5%A4%A7%E9%9A%8E%E5%86%85%E3%82%B7%E5%BA%97%E8%B2%B7%E6%AD%A6%E8%8F%8A%E3%82%B0%E9%96%80%E8%94%B5%E5%8C%BA%E5%B1%8B%E8%88%97%E3%83%94%E9%96%8B%E3%80%80%E3%81%8F01%E5%9C%A7%E6%99%82%E7%A4%BE%E5%8E%9F%E5%90%899%E3%83%B3 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8ea6735569.24fa533251.com
9f70b32a79dcf9692f2b146794ebf621.safeframe.googlesyndication.com
ad.360yield.com
adservice.google.co.jp
adservice.google.com
c.mgid.com
cdn.ampproject.org
cdn.mgid.com
cdn.zx-adnet.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
code.jquery.com
counter.yadro.ru
crb.kargo.com
creativecdn.com
cst.cstwpush.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
ja.pays-tarusate.org
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
jsc.mgid.com
lh3.googleusercontent.com
load02.biz
match.adsrvr.org
mc.yandex.ru
na.nawpush.com
newrrb.bid
pagead2.googlesyndication.com
partner.googleadservices.com
pays-tarusate.org
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
rr4---sn-ogueln76.googlevideo.com
rr6---sn-ogueln76.googlevideo.com
rtbbnr.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
static.addtoany.com
static.doubleclick.net
stream.bantgoau.com
sync-tm.everesttech.net
sync.adtelligent.com
sync.e-volution.ai
sync.mathtag.com
tb.baimgfroggd.site
tcimp.zog.link
token.rubiconproject.com
tpc.googlesyndication.com
vs.bantgoau.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
pays-tarusate.org
rr6---sn-ogueln76.googlevideo.com
103.229.206.240
104.16.199.73
104.19.132.78
104.19.135.78
104.19.216.61
109.206.161.21
143.198.248.64
151.101.1.195
151.101.66.49
172.217.31.162
18.210.100.189
185.184.8.65
2001:4de0:ac18::1:a:3b
2001:df1:800:a00a:5::2
209.54.177.54
216.58.220.130
23.227.139.243
23.36.110.226
23.67.161.242
2404:6800:4004:80a::2001
2404:6800:4004:80b::2001
2404:6800:4004:80b::2003
2404:6800:4004:80e::2001
2404:6800:4004:812::2001
2404:6800:4004:812::2002
2404:6800:4004:81e::2002
2404:6800:4004:81e::2004
2404:6800:4004:820::2002
2404:6800:4004:821::2002
2404:6800:4004:821::2003
2404:6800:4004:822::2006
2404:6800:4004:822::200e
2404:6800:4004:823::200a
2404:6800:4004:824::2001
2404:6800:4004:824::2002
2404:6800:4004:827::2016
2404:6800:400b:2::a
2404:6800:400b:2::c
2606:4700:10::6814:b944
2606:4700:10::6816:47c5
2606:4700:3031::6815:22c2
2606:4700:3032::6815:131d
2606:4700:3033::ac43:9aca
2a01:4f8:252:564d::2
2a02:128:7:4777::1
2a02:128:7:4957::2
2a02:128:7:5241::2
2a02:6b8::1:119
3.33.220.150
34.205.163.198
35.213.12.39
45.133.44.24
45.133.44.25
47.252.78.131
8.214.127.238
8.39.36.141
8.43.72.98
88.212.201.210
03b5c5cb7940ca09856cd9d086643c29cb93bbaa7d14cdbd07b21df581c739fe
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
08b6efb6b9c6c85c48ce472a62bc2d3b10f964ca8138232bbc8fa8ce6edebba6
0a50e63fc98b0bba463c571e672d11ec92e7b463c700cb9457dc0de00a26a632
0a7cdf15fb19454213b6388383c2e876657da51b57c7be82fb427fb0448fa455
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d84c425bfcdd22aaa668393b7a8e5bf6dd7a71f857c30694ab77aec7dc52d8a
0e91937e9bcedf4bf489450b6871d97f5b293fd8408750d972c1c9607e63b073
0f2c653e662f7da6920b990c42ccae74de70f86ecff2cf9700e5da976be14493
115c4e7dec8f340b0a47357787d56e8d5f3b58a470e8e70d42a8d76c00df7be9
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14b5a3bc3f33e36b4aabbe7c03c45258b0deb5dfeb23fe5c4267d533eef6b6ca
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
173649a681fd076c6a1564df9b0a423ea7d401d8e982950feeeb9b0d1ff1f1d7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652
1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558
1bc8290f7a04469d3299b86737fea3e13b1b0c26c86c7741d73908274f8f9a13
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d
1efe0ab092567eb889f3864787bb9af9bcb8d6d4f6ff66fd220cc800722bc9cc
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
245c61f99541282139b3efa739208393fc217202f73b2acfd89684232e871e70
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27cb47c1fb6282a5ec13b3e151055d84732f7231bf03e57e6133a5cc238b407b
27d838b9613286a8e5a7cea24040415afc6e9e8853256d3d075b007d9134675c
28f3fc919457cf3655e9f3d1bb8fd52281ca33f092bd88c68929e819d174eadd
291666bffaada75f3e27365ba8e0769e59500db7cd1ee5f0287ce9539f9f96b9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7c1572f3714588c2c5a5def641a44e8c63d555d93be7b93820808253ccf6a6
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
34c9c13f7373cddd250356f30473709aeae3cdc2d56a5afdeb113b3033c33ea2
353b2e68c0aeefe645d21343a30f43420cf68526a44536b90ffff8d48539a2db
356f28091644bdfa074e54db547f54cce4152de9a3b52aa1ecd6172979671f0f
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3e11ae8e10b512e065636d91b262283b4ae674d49e529993222f604a0db50a0a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eeeca36b35680171a3f83cb6809026efdf58b64f419f8dfc6d49b04f57d91ed
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40dd05c77d960c5856389e89d1f61a956ee15c6d4289ccd13ca487621366a2f0
412510b6e64bd8758129162a2a0d1f2f341c7d2dbd3f6cc6b59a3f19b9dd9cab
41fa1e12059df1e3c80e2836c071c07f2a1237c34030c5237b8132f6f936d1c8
43f5540a9cabcde632394608983459d45f06ef25b37771b3efff2714d6364d1c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a1c4179f503e7a42fac6e2bde3220a18857b775a512c9cd6c03eebc31109332
4a5e960037d65d82d399dcc57db0239e9bef9bfc621eceb6cce5b1f920515a30
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4ce6874df8b5bb795514d7d60e6dfa14a937269fb3484ab7755a5139ea9120c3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d53afdce56775cb3f314ccb015d15e7ffc3c9d24a52ff16379bca9f70c4e370
4e05498a1c9e5127a1fc063ff8be6e8128cb37b223359c1e0f0e4444030ea44d
4e4f4f1d6b77e9de1a0d15f3a2b609e326bdc1d28e1a48e1254b3b85ccdc8178
4f8c0be5e3afc655e2a886caf7fbdf7a8072c868236821d99a5f080d2128ab08
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f51baf3e6fa6958fc7c4ff9ddb2c7372660e3400ae53ff0790436abb3b90b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57299fb5895094eb1636d7bc12fe20c1ee14d0138de61cddb2b2d10d1edb5c14
58b19e55f7619c7f033587e0cce4dcef82e8d7850609bd9393d27aac1b91ef94
5a4adc53548140d744a3fefc79488f6932c20461a8834cd073c8d7b8c527f2cb
5b5bf210821769564ef5197f51f9cbdd004e612060a6690d718f9e672361b999
5be1f67bb87d08f15b6c0dfcb11719950f0bba17933d99591f02e04ab0ace1f2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7616bbcfae5e4d8d9ca80d762d15525c94202316611643e4784f7d0aeb56c3
5fb42ef830abc7688334b68171498b6359e3dd620565876ae377e21e55115db4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64145756ec4788754f6a334196bb57dd43dcb0da630b7840ff429297b06105cb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f74a8ca202e6f3e2cce4c076b21ba784b3daa98ffc502e5e26b72c71f299db
6a33ca3d4e0c18c99710b30e49db88cb0d573f5399c964b0482e57d4fb8cdb1d
6ad72f3c8c1fcfc57196e40e3c6900673ad7a58ec687ee549f15c295710ee9f3
735202423ff682fbe669bec1270817f9ee26cb89736bc917a7f19c1318768eec
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
759db126068314a0ba2e77a4f461f5583916f9125160716c9f559ad0deb9c464
76d3deb946e2036af77ce949aca69f865d6ece43d2343aa14a4b01637d048230
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a141e7f20db6885598727fcd7e858ac5b0da58fa79ada20cb1e527bc60b9ce6
7c0659782e613f804f1beac5a32084aa98255843dac07ce1ab869891e20dcbae
7cfdef7cd1a0fab390d940b7b61ea3afc340838418bb94d460fe451d654331ac
7e3ea2b229efd0b4c68a8869377a0cddc26044386a99817ef4be3612a5745062
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7ee08e8285938668434fda43850ce884faebd8cb65be65db6e4d45fa98e646c7
7f6ec9192f604e9bec7a38f4d2b2ad5e81184c05a5395d131de6c7129f9f1314
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
86491a0760d9fc1eb42c5ff5b4f52120303af7ca6f4d8966e6ea360ea34a3700
87c7dea44bc3a3dff68e888fd2eaa8786c68d0e292275bf1daae0a468841a026
89bf36facfe072fd85a4058196344645c4b00f79feb1f6f0df286f17d93d85d9
8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027
8be472f3f8a34d0d36e3e3c3057478e22071cea3a1892f331f60be2be225a34f
8cb631cb88cbd4ea9f77ed4c3b27b33772c47491363688fd822713033cdf7789
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dce3fdb846784d1f07c1bba9e5010d0551fa62f262ffcf1a9de2672ce091ea0
900c45f7597e5511fe890b457dbfc9a3fc2fab58790f78350d4026d42f6bcc03
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
978a4e09113af1ad7a1240bd9239e18630abbf3819e74872d5c366105b487c4a
98cd5ac185ecfb5ae6e67bdad4d59b2c648d900f20a42b140f1e3515de334385
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43
9d446c47514aeb4ed40828edd2bf96a6707371b489e5aeb3e991130dbcc2bf65
9d730bc38ccb359c382c803f14615f67d5cf70b296f079aabcc9ab247541cab5
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9eeac2625efa2b5e7b94b7ec3dfde66cca270055553e555ba003352cbbda975e
9f46d2d68a53da580fc49c0201d18c3a50712f242ad181610c72dd8f028b3185
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a3f064b8b1d1e191354c2b62ee651abab31b56585c1e02796afe36784cae29c6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
a65b102b1fba281b05cd5441296e95fe9d6ecc3042d6982bf16d0f4c8f98a969
a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7374dca1efa140090545db133396c7ec96436540eb9802ec8d7b581119e61ee
a9a27281aec76bc839056c3dfc28605af2f19a0434a408b50b627f0447553455
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab79a36d47304b7e49b6bce010492a90802baeda7fc7c59a03ed7449960edd0c
ac03fac5b585fae1f5767edc032fc289cb575790417d82201d8c50d3e434c1f4
ae52825d7006e20e7a741d590fb0b40d61b861107ab268cdb3c43cc34f8af38b
aefc7937a892b7b880598a7f6a5f2929d8d6bce8c0d64a62aa2f9c768a629ec0
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
b0d255a8007658590a518c1aeb36de404082d167b09faf19bd3e32d8cecb9057
b23005dc5cd9d2480df0c35b6786a64708b0261ace6fa56ab6a9e195e2185de4
b40300ff44ddbf314f86764ee077529aac5ddd33395a1390ef43f31eb8dcc04e
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c5a2b47f37ce9da88dae59d76985a980733495bd6f01de3a173686a471389c89
cbac863d2fb5589d11c75ddf028189eb39d22ec3496440cbbdf2b4ce7fe82d53
ccd1784cc7c4dd03e1bd44426797e6bc36703b698260c7c61903d5dae803d5bf
d054ce1b34776eaefaff3e688027d7cad7b0fe91a0e1715db5e70b7bc447b7f7
d100f514ea745d923f6d657380e5fa33e55d6a486a1893e5701036abd2df7e56
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d52e8939765dc8656fd7c6c20958522008f1cce765074e02e2b1f7833805cef3
d55f6d472420673b034803dc6112634602dc8826b7e7ba027ac31f39a0a40634
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7843eb6f53c01e1a367592f612780f02ceea172368acf5266f618e94848247e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db264a2d6c30bc872076ab8f14cc9a74421bf81783c2c5bf3c3a23dd1e90b645
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
e15e6f886cf1ee5a879952787591900f4abcd2f8a9f73cceb6d806ad45b5029c
e1a2ef89d961f24278a05c649cbe3e5b68874003e15f9d30677931df6f091307
e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039
e2ac90768ed04091de6993ded2eef578e197cb4351383f809e721abb07681edf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9940a1698476f6f9aa2a8ca09e88666263154aa86a72bf473947f0f09793b
e4850a5ab33ed7063e9229c11768ba4eac23579f4f27e922be157ecf17861612
e814a26702bf6509de04c43ee8b2b3e8360c118ff84975fe9212ce68db10e286
e8d552e7d9d0727c76792756b3cfa88a7b5671ead978f03e5f9de461d4bd97e8
ea1e5e7cfc60a0ee61b99d8a2494bc0c54e57935086e1ee944be0f651ed3a06c
ec973bdca405a96cb1791bbc37abb7bef83468251cc3a6eb0b135facc8d6f7b4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb0b9e7ef8ac142a0191921aeffd046209ab3d6c6a98950640b88b54581077b
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738
f0472bd533a56d7e2fd6ba0ac56462bfed3066ba8bf04026bc9dab50e877bb02
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f479bdc839584cc9ff524bc36dc8f0885f5b79ece3ddfa15ee53b3b615002426
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
f9de4ca9d93226145d8f5a765bd6ea312126df1532dcc9717c53888a32daa8a5
faa57e559ecce3cc0e06ab6c1d8d3f9b45a1fed6f1114d56aa0137855f02f4dc
fbec9558a80fb611934815ab17bcdfde9192cb3e7f848253bea1a6de93ceb667
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd85f6df92f9ab71cc5d2c85b72ceb8ec601b7ebc40fa32c44aebfed98c4554c
fdbc30607e1de383c6a59ef37086248006cb63257246e927c04e3341d20afeb1
fde522f54dd80f3e305311cb13a8fcac889312dbc45e993fe5857de42ba52c6f
fdf266d7db4d86b30c8b4cf632d93f50bc152aca5d2b2c9f37003d0dcb1b0b00
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

ja.pays-tarusate.org Open in urlscan Pro 2606:4700:3033::ac43:9aca Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

307 Requests

85 %HTTPS

53 %IPv6

49 Domains

69 Subdomains

45 IPs

9 Countries

5767 kBTransfer

15448 kBSize

45 Cookies

44 Outgoing links

Redirected requests

307 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.pays-tarusate.org Open in urlscan Pro
2606:4700:3033::ac43:9aca Public Scan

Screenshot
Live screenshot

Full Image

307
Requests

85 %
HTTPS

53 %
IPv6

49
Domains

69
Subdomains

45
IPs

9
Countries

5767 kB
Transfer

15448 kB
Size

45
Cookies

307 HTTP transactions
16 data transactions