ittrip.xyz Open in urlscan Pro
183.181.91.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ittrip.xyz/
Effective URL:
https://ittrip.xyz/
Submission: On January 13 via api (January 13th 2023, 7:44:54 pm UTC) from JP — Scanned from JP

Summary HTTP 178 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 178 HTTP transactions. The main IP is 183.181.91.49, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is ittrip.xyz.
TLS certificate: Issued by R3 on November 20th 2022. Valid for: 3 months.

This is the only time ittrip.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	183.181.91.49 183.181.91.49	131965 (XSERVER X...) (XSERVER Xserver Inc.)
4	2404:6800:400... 2404:6800:4004:822::2008	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:400a:80a::200a	15169 (GOOGLE) (GOOGLE)
3	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	2600:9000:221... 2600:9000:2216:5000:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
19	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:810::200e	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:825::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
1	210.140.252.92 210.140.252.92	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
3	2404:6800:400... 2404:6800:4004:827::2003	15169 (GOOGLE) (GOOGLE)
17	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
2	210.140.225.92 210.140.225.92	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 10	2404:6800:400... 2404:6800:4004:827::2004	15169 (GOOGLE) (GOOGLE)
1	210.140.225.135 210.140.225.135	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
33	2404:6800:400... 2404:6800:4004:801::2001	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 8	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
1 1	13.113.202.151 13.113.202.151	16509 (AMAZON-02) (AMAZON-02)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	2406:da18:929... 2406:da18:929:5a01:2d5c:190b:da10:29e6	16509 (AMAZON-02) (AMAZON-02)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 2	23.45.61.118 23.45.61.118	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
178	28

31 183.181.91.49 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv1048.wpx.ne.jp

ittrip.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:822::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80a::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2216:5000:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

aml.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:810::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:825::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.252.92 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:827::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.140.225.92 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-92.newton.jp-east.compute.idcfcloud.net

dalc.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:827::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.225.135 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-135.newton.jp-east.compute.idcfcloud.net

dalb.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c06::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2404:6800:4004:801::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.196.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.113.202.151 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-202-151.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Itabashi-ku, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a01:2d5c:190b:da10:29e6 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.191 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.61.118 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-61-118.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	638 KB
31	ittrip.xyz 1 redirects ittrip.xyz	166 KB
29	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1966 cse.google.com — Cisco Umbrella Rank: 2584 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 422 adservice.google.com — Cisco Umbrella Rank: 74	227 KB
26	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	200 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	227 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	290 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 296 fonts.googleapis.com — Cisco Umbrella Rank: 36	35 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
4	valuecommerce.com aml.valuecommerce.com — Cisco Umbrella Rank: 213210 dalc.valuecommerce.com — Cisco Umbrella Rank: 200577 dalb.valuecommerce.com — Cisco Umbrella Rank: 205753	37 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	253 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 53974 www.google.co.jp — Cisco Umbrella Rank: 21462	1 KB
3	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 395345	26 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1198	614 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 511	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 412	713 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 39880	663 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 19351	303 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 358	698 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 817	698 B
1	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 196050	405 B
178	21

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net ittrip.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
31	ittrip.xyz	1 redirects ittrip.xyz ajax.googleapis.com
19	pagead2.googlesyndication.com	ittrip.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ittrip.xyz
14	fundingchoicesmessages.google.com	ittrip.xyz
10	www.google.com	2 redirects cse.google.com www.google.com ittrip.xyz googleads.g.doubleclick.net tpc.googlesyndication.com
8	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	ittrip.xyz googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	ittrip.xyz www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	webfonts.xserver.jp	ittrip.xyz webfonts.xserver.jp
2	sync.teads.tv	1 redirects
2	b1sync.zemanta.com	2 redirects
2	x.bidswitch.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
2	dalc.valuecommerce.com	aml.valuecommerce.com
2	cse.google.com	ittrip.xyz www.google.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.fout.jp	1 redirects
1	v9999.adv.admeme.net	1 redirects
1	px.ads.linkedin.com	1 redirects
1	www.google.co.jp	ittrip.xyz
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	clients1.google.com	ittrip.xyz
1	dalb.valuecommerce.com	ittrip.xyz
1	a.imgvc.com	ittrip.xyz
1	aml.valuecommerce.com	ittrip.xyz
1	ajax.googleapis.com	ittrip.xyz
178	33

This site contains links to these domains. Also see Links.

Domain
pq.ittrip.xyz
twitter.com
www.facebook.com
b.hatena.ne.jp
getpocket.com
lineit.line.me
line.me
thk.kanzae.net

Subject Issuer	Validity	Valid
www.ittrip.xyz R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
*.valuecommerce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-24` - `2023-09-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.imgvc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-31` - `2023-10-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://ittrip.xyz/
Frame ID: D3038B8C9BFE8F9B1137D22DCA78AF0F
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: 8601FF86883E9B3672C7DA72B593AE69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&adk=1812271804&adf=3025194257&lmt=1673639088&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fittrip.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087818&bpp=2&bdt=360&idt=287&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2245055976048&frm=20&pv=2&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=309
Frame ID: 0A3FD27EC0C02B0F2D9C65D6C6411C54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087820&bpp=2&bdt=362&idt=311&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BD1eeb7q6r&p=https%3A//ittrip.xyz&dtd=317
Frame ID: 942D17E6AE6E4FF6243C3EAF6F62AF78
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087822&bpp=1&bdt=364&idt=330&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iJEx0YXVtk&p=https%3A//ittrip.xyz&dtd=333
Frame ID: F6AC5E64244A06A32C41AB142C57D3EF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AE51B590294DD1B56C254B427BB4722F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: F60B9F2C03A118D2A053BD13FD598690
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=50&adk=6813346&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&to=qs&pwprc=8069848629&format=330x50&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639088963&bpp=1&bdt=1506&idt=0&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3bcb21879ceb47d4-228bc26548d9008a%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MZ8QeDNRGM1nZPH2u4VnQUMaBRMVQ&gpic=UID%3D00000929f5c2ced6%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MaHZBgMHXvM5NC7wCauRoHF-0OPYQ&prev_fmts=0x0%2C300x600%2C330x250&nras=2&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&psts=ACgb8tsWWWGW9_ebmToTZqrcus2ZUuUsruPde2HMNRQ967mO1MHiFHd9LL0u-P77wxtXCPmUuDlHb1Hr2KdmO_E%2CACgb8tv2Fip9lI9tHl0sDKM60Vkfqo67rCDX5_dzwX4cca1gVBUrj5QEOdE2A12j4XjMN0z-QDIJeGr3p4pzt3soJ_84Uw&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QMFvRGGvu7&p=https%3A//ittrip.xyz&dtd=5
Frame ID: 194930A005462EAF9A53BFC7BF464581
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 0919AFF5CAD699EE56C53A4B5AFE421D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3AB5CD329587902F819F28F4E789A2DD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 51FE32BA347F248CFF0E6A4B551492B1
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: C8C6C995D8E14A9ED3BA231632443320
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%91%E6%A5%AD%E5%BF%85%E3%81%A8%E5%86%85%E3%81%8F%E3%81%AA%E7%AB%8B%E3%81%98%E9%96%8B%E3%82%92%E3%82%A4%E7%89%A9%E3%82%8B%E7%95%8C%E3%81%A7%E5%B7%A5%E4%BD%9C%E7%B5%84%E4%BA%BA%E3%81%AE%E3%82%89%E9%81%A3%E3%81%99%E3%81%AB%E6%9D%B1%E8%A6%81%E3%83%B3%E6%84%8F%E3%80%81%E4%BA%9C%E3%81%A0%E6%B4%BE%E5%BE%97%E9%80%A0%E3%82%84%E3%81%B8%E8%A3%BD%E7%A2%BA%E3%81%8B%E3%81%AF%E6%9D%90%E6%B5%81%E3%81%8D%E5%A0%B4%E3%81%BF%E3%81%A6%E3%83%A9%E9%96%89
Frame ID: F6F5175D6D9151F87F3570D677DE9E78
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 989A88C7E3AB148A9044FE7807150C62
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 4060866FD6B3E8B6B60D677C0A90F750
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 55CEB212353F062079BF1394DFFC5F64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 09938330BFBA8A4EA2F201E5660C1BE5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9715C9EC13B7F991381A5116A8EAA27
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 48456C31E851C1070F364EFBACE89F2F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEF75C02FF2667B853FE93E23581BEF6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77E63D73736D927F28FC25EE3281ADF3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IT trip検索

Page URL History Show full URLs

http://ittrip.xyz/ HTTP 301
https://ittrip.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

178
Requests

96 %
HTTPS

67 %
IPv6

21
Domains

33
Subdomains

28
IPs

5
Countries

2121 kB
Transfer

5576 kB
Size

24
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://pq.ittrip.xyz/
Title: パワークエリ

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=IT%20trip%7C&url=https://ittrip.xyz/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://ittrip.xyz/&t=IT%20trip%7C
Title: Facebook!

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/add?mode=confirm&url=https://ittrip.xyz/&title=IT%20trip%7C
Title: B!Hatena4

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://ittrip.xyz/
Title: Pocket8

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=https://ittrip.xyz/#/
Title: LINESend

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?IT%20trip%7C%0D%0Ahttps://ittrip.xyz/
Title: LINESend

Search URL Search Domain Scan URL

URL: https://thk.kanzae.net/
Title: Thought is free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ittrip.xyz/ HTTP 301
https://ittrip.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 154

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEETFjKO_feUAS7uFaqu5Us8&google_cver=1&google_push=AavPq0P3ULI6W8Dhitd5VNxO0sJPpt1bYYFyxYNBw5cnSJmvP3_O5uZksKYzg9SoNUCJBdpJHebyfAr1Zm4S7HJYxtnChdGWWDA7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0P3ULI6W8Dhitd5VNxO0sJPpt1bYYFyxYNBw5cnSJmvP3_O5uZksKYzg9SoNUCJBdpJHebyfAr1Zm4S7HJYxtnChdGWWDA7

Request Chain 155

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEOhZ1SyXl6LF-NmlmFtQEIw&google_cver=1&google_push=AavPq0Ppdvo0ZYBHd5kRhJCFL3nNqD9ggf3rgNWoyejChSttF4lPFyRQjR3OXZrCNN0zF0DGKHgE0nENLf5Q5yBMTh104yYZ2crn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Ppdvo0ZYBHd5kRhJCFL3nNqD9ggf3rgNWoyejChSttF4lPFyRQjR3OXZrCNN0zF0DGKHgE0nENLf5Q5yBMTh104yYZ2crn

Request Chain 156

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESELBvOc7hBml89XAKwMG7FJs&google_cver=1&google_push=AavPq0Naq7vBZn4WjXvJGcSaDIcHZYXwO_INO-fUSCBSlAwfaKgcqzWIWFHoCZwqyG7GRcdc8SsKSBcck5pbp-O-s7AXreJCM87EAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0Naq7vBZn4WjXvJGcSaDIcHZYXwO_INO-fUSCBSlAwfaKgcqzWIWFHoCZwqyG7GRcdc8SsKSBcck5pbp-O-s7AXreJCM87EAQ&google_hm=Y3h3dTFLUjE2ajNQMUlTWUJkcW0tZEVvV1lV&from_google=sp1

Request Chain 157

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEISbhB_zQI2Z2LqiJCCYg-8&google_cver=1&google_push=AavPq0OyXghf2cDELnGy21tFR5yV6qVUmPRyDKcncXtVYpk3XWMW454QgBbHNyg-ngKtKt-EhhtD8zi2ums38kqOiBbjIiydRuPPsg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OyXghf2cDELnGy21tFR5yV6qVUmPRyDKcncXtVYpk3XWMW454QgBbHNyg-ngKtKt-EhhtD8zi2ums38kqOiBbjIiydRuPPsg&google_hm=eS1kVHU0N0lGRTJwR3pjeU1fdmpCOWh6WnJfZGVRd2xfZX5B

Request Chain 158

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEIwV1m2Ioz7BLHz6NTK-sqk&google_cver=1&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZQQ8tmq1VJig HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEIwV1m2Ioz7BLHz6NTK-sqk&google_cver=1&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZQQ8tmq1VJig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZQQ8tmq1VJig&google_hm=E7Rt8KNHQIOuPAjGAjGpZw==

Request Chain 159

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEM1Wz0ksrdHeBE31kn9snjc&google_cver=1&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtTlvoQIRGt7lZSTxLYQ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEM1Wz0ksrdHeBE31kn9snjc&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtTlvoQIRGt7lZSTxLYQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtTlvoQIRGt7lZSTxLYQ&google_hm=Z29KQTZCX3NtMWwzeXZmckxNc0g=

Request Chain 160

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED3VUIpC99a9FZMhO0JXJw4&google_cver=1&google_push=AavPq0OJEx8KkzpOhHlXjHOatYV8rl2Nzd2z3ZCE2P4C7ToaorxGNnG7XMR7qblybM1GtB7qQ_TVP8eBN0veQPBo_gp_TcijeZhN9Gk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OGYyMjkxNTctYjM5YS00MmE3LWJjMjEtNDMwNjc0NmMzYjgx&google_push=AavPq0OJEx8KkzpOhHlXjHOatYV8rl2Nzd2z3ZCE2P4C7ToaorxGNnG7XMR7qblybM1GtB7qQ_TVP8eBN0veQPBo_gp_TcijeZhN9Gk HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

178 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ittrip.xyz/
Redirect Chain

http://ittrip.xyz/
https://ittrip.xyz/

252 KB
48 KB

266ms
238ms

Document
text/html

183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

8d0d48c61f34fe97205ced48486ca47ce0467b1fd6df357331e3b3342090780a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=1
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 13 Jan 2023 19:44:47 GMT
expires: Fri, 13 Jan 2023 19:44:48 GMT
link: <https://ittrip.xyz/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=1
Connection: keep-alive
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 13 Jan 2023 19:44:47 GMT
Expires: Fri, 13 Jan 2023 19:44:48 GMT
Location: https://ittrip.xyz/
Server: nginx

GET
H2 200 style.async.min.css
ittrip.xyz/wp-content/themes/luxeritas/ 1 KB
909 B 12ms
11ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/style.async.min.css?v=1673146438

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 08 Jan 2023 02:53:58 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 icomoon.woff2
ittrip.xyz/wp-content/themes/luxeritas/fonts/icomoon/fonts/ 4 KB
4 KB 11ms
11ms Font
application/x-font-woff2 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/fonts/icomoon/fonts/icomoon.woff2

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 01:54:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff2
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3768
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 19:44:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
45 KB 92ms
50ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

898a1cef449e66a56c9945b30f3bc7ec954f3891ad486f62b84e93f7d81bfb5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 crayon.min.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
5 KB 12ms
11ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 classic.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
1023 B 12ms
12ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:10:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 monaco.css
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/fonts/ 516 B
771 B 12ms
11ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 516
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 classic-themes.min.css
ittrip.xyz/wp-includes/css/ 217 B
472 B 10ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-includes/css/classic-themes.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Nov 2022 04:24:00 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 styles.css
ittrip.xyz/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 11ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/css/styles.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Dec 2022 16:24:53 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 screen.min.css
ittrip.xyz/wp-content/plugins/table-of-contents-plus/ 1 KB
723 B 11ms
10ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/table-of-contents-plus/screen.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:14 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 default.css
ittrip.xyz/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 11ms
11ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/tablepress/css/build/default.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

6411013f7f9ef06c6c81a8090729213124f35e64a68cb2a6b35338fa3851e9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Jan 2023 16:23:23 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 tablepress-responsive.min.css
ittrip.xyz/wp-content/plugins/tablepress-responsive-tables/css/ 9 KB
2 KB 12ms
11ms Stylesheet
text/css 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 06:10:49 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 68ms
11ms Script
text/javascript 2404:6800:400a:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 13:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 13:42:49 GMT

GET
H2 200 crayon.min.js Show response
ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/js/min/ 22 KB
7 KB 15ms
15ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 07:09:00 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 luxe.min.js Show response
ittrip.xyz/wp-content/themes/luxeritas/js/ 33 KB
11 KB 13ms
12ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe.min.js?v=1673146438

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

41da9a84173671859c0cc5f00f34df7d5d433a43a34e77fdc58fbd7d64ed83a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 08 Jan 2023 02:53:58 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 46ms
13ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserver.js
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 19:44:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 event-tracking.js Show response
ittrip.xyz/wp-content/plugins/yyi-rinker/js/ 598 B
863 B 15ms
14ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/yyi-rinker/js/event-tracking.js?v=1.1.10

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 08:44:25 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 598
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
66 KB 94ms
53ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71cc8c3d7606e12c69cb96c5ad232b6733c2a108c0a37181b64bc4d780937c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 vcdal.js Show response
aml.valuecommerce.com/ 34 KB
35 KB 38ms
9ms Script
application/javascript 2600:9000:2216:5000:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aml.valuecommerce.com/vcdal.js
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2216:5000:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:42:57 GMT
via: 1.1 1300ae0b007c83ac3b976d5ac8990b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT51-P1
age: 110
x-guploader-uploadid: ADPycdu6Z-3z80f9EhJh56Fk3WZcU89wPCxGt5XfTsa_gQPZrBbBA92DrDXflwq0RxDipONztJl1hVVNgNJ_6UIOodylUw
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35074
last-modified: Mon, 17 Jan 2022 07:06:41 GMT
server: UploadServer
etag: "681c1b1ecd9c2e0dd35da7c074214531"
vary: Accept-Encoding
x-goog-hash: crc32c=2VymBw==, md5=aBwbHs2cLg3TXafAdCFFMQ==
x-goog-generation: 1642403201413885
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 35074
accept-ranges: bytes
x-amz-cf-id: h03qnHANuNqBFPjh_2fH8zvC83YkoGD-ViHSsV6lwdYBaCUiJ_Mj-g==
expires: Fri, 13 Jan 2023 19:47:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 101ms
59ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150&host=ca-host-pub-2644536267352236

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5da2a3235e9deee4be8919a35960361c8661f97a2a7c6298af09201713cdcd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49356
x-xss-protection: 0
server: cafe
etag: 7677529927934944247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 pub-6390132166409150 Show response
fundingchoicesmessages.google.com/i/ 119 KB
40 KB 390ms
292ms Script
application/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-6390132166409150?ers=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9886301943f118751176cdaa9ec90eef72687145ea9d06cf775bccada3aa2373

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Lr56hVH4sxpLp3KfzNQVhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Lr56hVH4sxpLp3KfzNQVhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cropped-master-4-e1632209943782.png
ittrip.xyz/wp-content/uploads/2016/03/ 5 KB
5 KB 12ms
11ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2016/03/cropped-master-4-e1632209943782.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

98674d82c94b04376866d454420ebc18094cffaf46218407e71f3ae95cfd7e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 07:39:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5017
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 96ms
54ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

985b57cc71b89d94d3d35a485edc453a2341737248901475cd578878da57de47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49558
x-xss-protection: 0
server: cafe
etag: 9270022774240407061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 luxe-serviceworker-regist.js Show response
ittrip.xyz/wp-content/themes/luxeritas/js/ 549 B
814 B 13ms
12ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe-serviceworker-regist.js?v=1673639087

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

32543dfff18ea53ee0b633f65be112e6b2829d80ba07a3e65125571a4a9e6338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Jan 2023 02:53:58 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 549
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 index.js Show response
ittrip.xyz/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 15ms
12ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/swv/js/index.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Dec 2022 16:24:53 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 index.js Show response
ittrip.xyz/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 12ms
11ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/contact-form-7/includes/js/index.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Dec 2022 16:24:53 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 front.min.js Show response
ittrip.xyz/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 11ms
11ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-content/plugins/table-of-contents-plus/front.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2022 16:23:14 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 31ms
9ms XHR
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserver.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Fri, 13 Jan 2023 19:44:47 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 wp-emoji-release.min.js Show response
ittrip.xyz/wp-includes/js/ 18 KB
5 KB 13ms
12ms Script
application/javascript 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 25 May 2022 04:23:27 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 pub-6390132166409150 Show response
fundingchoicesmessages.google.com/b/ 9 KB
5 KB 159ms
62ms Script
application/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-6390132166409150

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ca3f2357b08549750c338da5ee136ca1200b9969af641ac17a415337efb09e5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VKfPz9Dy8O3INhwIDq0Hzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VKfPz9Dy8O3INhwIDq0Hzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Filmora-vertical-white-320x180.png
ittrip.xyz/wp-content/uploads/2023/01/ 13 KB
13 KB 11ms
11ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2023/01/Filmora-vertical-white-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

fc1f31407fd6e5cc03dcb3481df3dbf1f3996590799360e590fb71d765888309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Jan 2023 09:06:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 12889
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
948 B 87ms
44ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/wp-content/themes/luxeritas/js/luxe.min.js?v=1673146438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 19:44:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 easeus-recexperts2-320x180.png
ittrip.xyz/wp-content/uploads/2022/12/ 15 KB
15 KB 12ms
11ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/12/easeus-recexperts2-320x180.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f50d531fcdb5bdb432e4f63c9b6af1ec8f7e17151825f66ee4c0913ccb775555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 06:09:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 14874
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 ed9a5f49469ca58c9b57d12266734465-320x180.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 4 KB
4 KB 12ms
12ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/ed9a5f49469ca58c9b57d12266734465-320x180.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

0dc4f2b15af34083968988be17dde74dbebf040cf402fbd1fe8015fc0c88f0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:01:05 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4276
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 112ms
66ms Script
text/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

9bcfc5a2cc5e9edc87e0f8933fbfa3ca2a866d60f843dfcd92c14e2eabd8c473

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3448
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"

GET
H/1.1 200
OK bf.png
a.imgvc.com/i/ 107 B
405 B 68ms
6ms Image
image/png 210.140.252.92
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.140.252.92 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 07fa6389444df2aabb38b8de4e8b2711f4414eab1076f72c0e3c55543854b878

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Sun, 12 Jan 2025 19:44:47 GMT

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 18ms
18ms Font
font/woff 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/ab.woff
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Referer: https://ittrip.xyz/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 19:44:47 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 43ms
3ms Font
font/woff2 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ittrip.xyz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:44:02 GMT
x-content-type-options: nosniff
age: 82845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 20:44:02 GMT

GET
H2 200 4videosoft1-1-320x180.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 5 KB
5 KB 12ms
10ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/4videosoft1-1-320x180.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

ff6a93a5a3089063109be2adef61c23dbd0671983ccb642d0946d8078d82e2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:00:42 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4914
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 Filmora-vertical-white-100x100.png
ittrip.xyz/wp-content/uploads/2023/01/ 5 KB
5 KB 13ms
11ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2023/01/Filmora-vertical-white-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

72a95352a0c759630fe31efd38d36030dfde626d1bf612afb53b346753d7c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Jan 2023 09:06:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5285
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 easeus-recexperts2-100x100.png
ittrip.xyz/wp-content/uploads/2022/12/ 3 KB
3 KB 13ms
11ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/12/easeus-recexperts2-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

c08dd4b712785938beb9dcbfd614428bc393cb228a00f3b7057cba087cc14853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 06:09:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3305
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 ed9a5f49469ca58c9b57d12266734465-100x100.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 1 KB
1 KB 14ms
12ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/ed9a5f49469ca58c9b57d12266734465-100x100.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

f9bbd92a65460f843a7097aff5ee50e97dcdff6ffdae99fca5cb90d14182a1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:01:04 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1128
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 4videosoft1-1-100x100.jpg
ittrip.xyz/wp-content/uploads/2022/08/ 1 KB
1 KB 14ms
12ms Image
image/webp 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/08/4videosoft1-1-100x100.jpg

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

3ea81da5568da2bb3437caa8d7e3b2b91a50fe1a8820e959ec138a381f5a7d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Aug 2022 08:00:41 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1226
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 excel-paste1-100x100.png
ittrip.xyz/wp-content/uploads/2022/07/ 9 KB
9 KB 14ms
12ms Image
image/png 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ittrip.xyz/wp-content/uploads/2022/07/excel-paste1-100x100.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

cc9adc7bd2c6f2de18dd390b16d3c8cda68bc05e4a7116206d37335b40b922dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Jul 2022 07:49:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9301
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 19:44:47 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
118 KB 180ms
140ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89c1cb3a15c7bee2e47ca4afed4797221077366fa6c4685efc44d46f681fafc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119969
x-xss-protection: 0
server: cafe
etag: 13655676637127987911
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame 8601 10 KB
5 KB 44ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6390132166409150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:48:50 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 10:48:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 51ms
50ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5FR5GCF53M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a33bba9df75a02508dc14a454d6bdcb96efa03dd45109f174028608c28f5cdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
2ms Script
text/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 18:03:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6056
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 13 Jan 2023 20:03:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
66 KB 53ms
52ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84676516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

097d952945d61b6204b975c63ad94825cf3d90a6ccc9d887dd6329937ecff9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67424
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H/1.1 200
OK app3 Show response
dalc.valuecommerce.com/ 644 B
1 KB 33ms
6ms Script
application/javascript 210.140.225.92
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887798439&_s=https%3A%2F%2Fittrip.xyz%2F&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ%2B0eguDj30EA6Ofg%2Fz%2FusAehi%2FihxkYZxxY8f%2BakASDrJ4DAwAAgg0d3iR0hgAAAABJRU5ErkJggg%3D%3D

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.92 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-92.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

de5f1c9bd98e9fdcc1e5b8257d94977bb9200cce0ea8aa27a82afea01bdbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 644

GET
H3 204 AGSKWxWMarn06TKLnRjY3Hoskguu-Bl922g70Gh69OhpkFQq2op50GG-mAiZ2jMqOsgXrXEt_kHpQfFPioSjQIYzaJ44bw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 258ms
218ms XHR
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMarn06TKLnRjY3Hoskguu-Bl922g70Gh69OhpkFQq2op50GG-mAiZ2jMqOsgXrXEt_kHpQfFPioSjQIYzaJ44bw==

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GAsIBAo3FdUN3IsyZztWWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GAsIBAo3FdUN3IsyZztWWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 52ms
40ms Ping
text/plain 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2QK7EHKEJP&gtm=2oe1a1&_p=1473088764&gdid=dZTNiMT&cid=975192238.1673639088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673639087&sct=1&seg=0&dl=https%3A%2F%2Fittrip.xyz%2F&dt=IT%20trip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QK7EHKEJP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__ja.js Show response
www.google.com/cse/static/element/c20e9fb0a344f1f9/ 304 KB
102 KB 40ms
2ms Script
text/javascript 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__ja.js?usqp=CAM%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83ae28a881baed21b21860e3477ff5976b9c67877fc25ed75ee4a5cdba4e7c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103949
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 16:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 12 Jan 2024 21:39:42 GMT

GET
H2 200 default+ja.css
www.google.com/cse/static/element/c20e9fb0a344f1f9/ 41 KB
9 KB 44ms
6ms Stylesheet
text/css 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+ja.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 16:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 12 Jan 2024 21:39:41 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 44ms
7ms Stylesheet
text/css 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6390132166409150:3975277648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 13 Jan 2023 20:09:41 GMT

GET
H/1.1 200
OK b3
dalb.valuecommerce.com/ 43 B
326 B 30ms
6ms Image
image/gif 210.140.225.135
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dalb.valuecommerce.com/b3?pq.ittrip.xyz=3&twitter.com%2Fshare=1&www.facebook.com%2Fsharer=1&b.hatena.ne.jp%2Fadd=1&getpocket.com%2Fedit=1&lineit.line.me%2Fshare=1&line.me%2FR=1&thk.kanzae.net=1&_p=887798439&_r=Y8G0rwANq_EfzJGrwKhvT8Cob112ig&_t=63c1b4af&_du=https%3A%2F%2Fittrip.xyz%2F

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.135 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-135.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, max-age=0, no-cache
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 40ms
39ms XHR
text/plain 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1473088764&t=pageview&_s=1&dl=https%3A%2F%2Fittrip.xyz%2F&ul=en-us&de=UTF-8&dt=IT%20trip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2001520560&gjid=452459307&cid=975192238.1673639088&tid=UA-84676516-1&_gid=2081343490.1673639088&_r=1&gtm=2ou1a1&z=1453598280

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 77ms
76ms Script
text/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__ja.js?usqp=CAM%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e97e9479fac90f30c5b1ee46a708056f8e4849796b07e84153c02740b8fe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "8506932131716117458"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:47 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 3ms
2ms Image
image/png 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+ja.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+ja.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:41:31 GMT
x-content-type-options: nosniff
age: 388996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 09 Jan 2024 07:41:31 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
1 KB 3ms
2ms Image
image/png 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 01:29:25 GMT
x-content-type-options: nosniff
age: 584122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1283
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 17:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 07 Jan 2024 01:29:25 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
210 B 49ms
2ms Image
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: ittrip.xyz
URL: https://ittrip.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
442 B 157ms
53ms XHR
text/plain 2404:6800:4008:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-84676516-1&cid=975192238.1673639088&jid=2001520560&gjid=452459307&_gid=2081343490.1673639088&_u=YADAAUAAAAAAACAAI~&z=480535266

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c06::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Jan 2023 19:44:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5FR5GCF53M&gtm=2oe1a1&_p=1473088764&cid=975192238.1673639088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673639088&sct=1&seg=0&dl=https%3A%2F%2Fittrip.xyz%2F&dt=IT%20trip&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FR5GCF53M&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ittrip.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXE1KHYosv8pi0LnCf0rbbdoYrX3PlNc5bsAnt15GEnyrH_hRX0MFy8SwDJSWQlBpIIfccxiu_KfJRMrJzfdCw= Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 109ms
109ms Script
application/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXE1KHYosv8pi0LnCf0rbbdoYrX3PlNc5bsAnt15GEnyrH_hRX0MFy8SwDJSWQlBpIIfccxiu_KfJRMrJzfdCw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNjM5MDg4LDk0MDAwMDAwXSwiM0JFM0ZFQzgtODk5Ny00QkZGLUE4M0EtQTZCMTA2QjlGRjZGIixudWxsLG51bGwsW251bGwsWzddLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCx0cnVlLHRydWVdLCJodHRwczovL2l0dHJpcC54eXovIixudWxsLFtbOCwiR0daV1EwaUdvbTgiXSxbOSwiZW4tVVMiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GGZWQ0iGom8.es5.O/d=1/rs=AJlcJMwFX8h5dRTuV51z-NxdkobNb714Cg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbf672fc33682bcfef1207c7c023ec1b65946d869f718863b0c97230e6877380

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-77SU1A7TaQ5UFm9DEHP1uA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-77SU1A7TaQ5UFm9DEHP1uA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
698 B 201ms
41ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ittrip.xyz&callback=_gfp_s_&client=ca-pub-6390132166409150&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3f33a362a619591f676bec0e2cd40f618666bb3d10be8a013e931a4b344aa7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 82ms
42ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 85ms
40ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A3F 410 KB
79 KB 679ms
678ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&adk=1812271804&adf=3025194257&lmt=1673639088&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fittrip.xyz%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087818&bpp=2&bdt=360&idt=287&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2245055976048&frm=20&pv=2&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=309

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

087f7fc9a61ceda6f11bcf2674f16808b6c5bbf7bbe523005d3b9f7d6a767c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 80702
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:48 GMT
expires: Fri, 13 Jan 2023 19:44:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 942D 93 KB
34 KB 590ms
590ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087820&bpp=2&bdt=362&idt=311&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BD1eeb7q6r&p=https%3A//ittrip.xyz&dtd=317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4592a09d74145083fda53639433206796a4a24c4dbf49c60701c339d747c4ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34430
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:48 GMT
expires: Fri, 13 Jan 2023 19:44:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 45ms
44ms Image
image/gif 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-84676516-1&cid=975192238.1673639088&jid=2001520560&_u=YADAAUAAAAAAACAAI~&z=2055793401

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
501 B 84ms
41ms Image
image/gif 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-84676516-1&cid=975192238.1673639088&jid=2001520560&_u=YADAAUAAAAAAACAAI~&z=2055793401

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6AC 99 KB
32 KB 237ms
237ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087822&bpp=1&bdt=364&idt=330&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iJEx0YXVtk&p=https%3A//ittrip.xyz&dtd=333

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd5cfe070b6f981ba1ca024432d19668939f4f40fd7bac5e72ed1c91248fa26f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32874
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:48 GMT
expires: Fri, 13 Jan 2023 19:44:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13790337999094639384
tpc.googlesyndication.com/simgad/ Frame F6AC 44 KB
44 KB 50ms
5ms Image
image/png 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13790337999094639384?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnihyuadUdsZL0z-8wGgCXj9sFiTg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087822&bpp=1&bdt=364&idt=330&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iJEx0YXVtk&p=https%3A//ittrip.xyz&dtd=333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87ff401d535a20d395b3a6829c56073670663f45e4df54786db7e472c7a9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 13:02:06 GMT
x-content-type-options: nosniff
age: 456162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44603
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 08:32:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jan 2024 13:02:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F6AC 0
0 56ms
56ms Fetch
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDcpQsLTBY5fGC6WEs8IP1a-LkAmMyZG7boy32baCEbCQHxABIOu-ojRgifPFhPQToAHPx-fHA8gBAqkCVAHKy2y0QD6oAwHIA8kEqgTnAU_QtCmY5-4zZOIUrd9ihc8q_1V4jrahSYNd63n0yi91aZP_-thsva3oqaxjUoLviS2FW2Bdd2D2z-eply8RXcoR-eJPiSktWd2gvUi_0G9nxnYS3DNkd8YDRakBgAnoMrl2-1iC0r1exUjaU2S-yLwYprj9yyAh7XKS5tcs068oC1S_PF-ab56ndR_KJjyAwqVnL3jjeKj1_rlaGj8vNcx_rvpsv4dUfd1LnGsEx95j5dszjF068KmqnCt1eYcHWyRbsdXQaIF6y0UbfUxuW119Pzi1e328MbAgC4dSCVsFKZs7A_0_vsAEje6I65oEkgUECAQYAZIFBAgFGASgBgKAB5m4mDioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDWjwTSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjM5MDEzMjE2NjQwOTE1MBgA&sigh=9IqURr_fh_s&uach_m=[UACH]&cid=CAQSGwDq26N9m0goco1gz2rpj-hiMeOAuoHjjLTAkxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087822&bpp=1&bdt=364&idt=330&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iJEx0YXVtk&p=https%3A//ittrip.xyz&dtd=333
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 19:44:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 19:44:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame F6AC 22 KB
9 KB 40ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F6AC 3 KB
1 KB 41ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F6AC 67 B
188 B 44ms
6ms Image
image/png 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:51:37 GMT
x-content-type-options: nosniff
server: cafe
age: 71591
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Fri, 13 Jan 2023 23:51:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F6AC 18 KB
7 KB 40ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6AC 157 KB
49 KB 181ms
136ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F6AC 33 KB
13 KB 41ms
4ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69e3696168c1f8450ca1adc4b18437bfec8cc351b02dc20ab1fa8ff2322b8d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13528
x-xss-protection: 0
server: cafe
etag: 13359207343814801873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:42:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE51 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=250&slotname=1584818641&adk=2646539629&adf=1635374881&pi=t.ma~as.1584818641&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=330x250&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087822&bpp=1&bdt=364&idt=330&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=995&ady=2758&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iJEx0YXVtk&p=https%3A//ittrip.xyz&dtd=333
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:01:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F6AC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0b0611edc6f50ce2d35c875133608aa440a192274c6fbfc537b499d62aaf1e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE51
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
69ms

Document
text/html

2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:48 GMT
expires: Fri, 13 Jan 2023 19:44:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame F60B 36 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 00:41:05 GMT

GET
H/1.1 200
OK app3 Show response
dalc.valuecommerce.com/ 644 B
957 B 6ms
6ms Script
application/javascript 210.140.225.92
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=887798439&_s=https%3A%2F%2Fittrip.xyz%2F&_b=Y8G0rwANq_EfzJGrwKhvT8Cob112ig&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ%2B0eguDj30EA6Ofg%2Fz%2FusAehi%2FihxkYZxxY8f%2BakASDrJ4DAwAAgg0d3iR0hgAAAABJRU5ErkJggg%3D%3D

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.92 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-92.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

991959bfbc0a7895351ea7cc79c760247eda2f1597677a30f67799cd1a73bc03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 644

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 942D 2 KB
818 B 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087820&bpp=2&bdt=362&idt=311&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BD1eeb7q6r&p=https%3A//ittrip.xyz&dtd=317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 942D 0
0 52ms
52ms Fetch
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cev-isLTBY6HECpXFrQSU0I-YAZvhtbhuquDi35EQoJaA7JACEAEg676iNGCJ88WE9BOgAfjVgZcDyAEBqQJUAcrLbLRAPqgDAcgDywSqBOsBT9CA1UEifF1nVHIgpEeIS3jufJxj9YaFERxNzwFGIaI8x0-qcSvWzfspNq7KiJOXy8qo24gUnYp9EADdv0matw1ZxPMH2twMrvQ82RtvOEDRkxDbIBq1hU0VKKlScEtYi-nl0zfdWlSmJ6sNMl7T6PmlUOXdf1zjOwLDYv71YDBJouNYVWBj_Xht3TOWG7qt0AFhbEC7SChHqV8j8N8u8C15LmnFCV7ord7A7tNI2YS1h7zgzZwh-u3RjYABIbGVyOdVQfQN7cXp_A7rNQQ2GyVp5Xjwo0-DE5ses8vfrG-XHm577jtPmJthvsAEuvf12aYDkgUECAQYAZIFBAgFGASgBgKAB_Cp_mioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDLhynSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFAbQFQGAFwGyFxwKGggAEhRwdWItNjM5MDEzMjE2NjQwOTE1MBgA&sigh=GQ6ilxaqGXo&uach_m=[UACH]&cid=CAQSGwDq26N9Tgji60TzlA3NUUYGo6JBHWv-RlZbChgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=600&slotname=1332286832&adk=3840913425&adf=2823267970&pi=t.ma~as.1332286832&w=300&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&format=300x600&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639087820&bpp=2&bdt=362&idt=311&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BD1eeb7q6r&p=https%3A//ittrip.xyz&dtd=317
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 19:44:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 942D 22 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 942D 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 942D 18 KB
7 KB 3ms
1ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 942D 157 KB
48 KB 64ms
63ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:48 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 942D 33 KB
14 KB 46ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H2 200 363362889662445966
tpc.googlesyndication.com/daca_images/simgad/ Frame 942D 31 KB
31 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/363362889662445966?w=360&h=720

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd632b8adf25468b5e7551977aab44e071827f699a78c1ab09347661e5428d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 00:59:15 GMT
x-content-type-options: nosniff
age: 153933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31493
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 22:53:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Jan 2023 00:59:15 GMT

GET
DATA 200
OK truncated
/ Frame 942D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 709121d64a8fb1e3dd1cb6fbabf220e96d2d4c0a059332f26222426c52fc7b59

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 62ms
62ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f77eff5b49e8f952f96e523ddd2355b2442b399054854b8ace4d8d6842c61a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52347
x-xss-protection: 0
server: cafe
etag: 17950421756035175678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:44:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
165 B 41ms
40ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ittrip.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1949 108 KB
35 KB 318ms
318ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=50&adk=6813346&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&to=qs&pwprc=8069848629&format=330x50&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639088963&bpp=1&bdt=1506&idt=0&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3bcb21879ceb47d4-228bc26548d9008a%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MZ8QeDNRGM1nZPH2u4VnQUMaBRMVQ&gpic=UID%3D00000929f5c2ced6%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MaHZBgMHXvM5NC7wCauRoHF-0OPYQ&prev_fmts=0x0%2C300x600%2C330x250&nras=2&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&psts=ACgb8tsWWWGW9_ebmToTZqrcus2ZUuUsruPde2HMNRQ967mO1MHiFHd9LL0u-P77wxtXCPmUuDlHb1Hr2KdmO_E%2CACgb8tv2Fip9lI9tHl0sDKM60Vkfqo67rCDX5_dzwX4cca1gVBUrj5QEOdE2A12j4XjMN0z-QDIJeGr3p4pzt3soJ_84Uw&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QMFvRGGvu7&p=https%3A//ittrip.xyz&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb2cefbd4311ed9564becf3a5addf5280475d7b394f39c2ed0357c08edbdb3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0919 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 00:41:05 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 3AB5 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:49:03 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 10:49:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 51FE 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:49:03 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 10:49:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame C8C6 10 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:49:03 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 10:49:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3AB5 4 KB
732 B 41ms
40ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 18:38:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3AB5 205 B
520 B 3ms
2ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 02:49:07 GMT
x-content-type-options: nosniff
age: 492942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Jan 2024 02:49:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3AB5 604 B
696 B 3ms
3ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:47:14 GMT
x-content-type-options: nosniff
age: 334655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Jan 2024 22:47:14 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 3AB5 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 20:51:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 51FE 2 KB
765 B 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 51FE 22 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 51FE 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 51FE 18 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51FE 157 KB
48 KB 80ms
79ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 51FE 33 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8C6 2 KB
765 B 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame C8C6 22 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8C6 3 KB
1 KB 2ms
1ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C8C6 18 KB
7 KB 3ms
1ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8C6 157 KB
48 KB 112ms
110ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame C8C6 33 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F6F5 910 B
649 B 41ms
41ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%91%E6%A5%AD%E5%BF%85%E3%81%A8%E5%86%85%E3%81%8F%E3%81%AA%E7%AB%8B%E3%81%98%E9%96%8B%E3%82%92%E3%82%A4%E7%89%A9%E3%82%8B%E7%95%8C%E3%81%A7%E5%B7%A5%E4%BD%9C%E7%B5%84%E4%BA%BA%E3%81%AE%E3%82%89%E9%81%A3%E3%81%99%E3%81%AB%E6%9D%B1%E8%A6%81%E3%83%B3%E6%84%8F%E3%80%81%E4%BA%9C%E3%81%A0%E6%B4%BE%E5%BE%97%E9%80%A0%E3%82%84%E3%81%B8%E8%A3%BD%E7%A2%BA%E3%81%8B%E3%81%AF%E6%9D%90%E6%B5%81%E3%81%8D%E5%A0%B4%E3%81%BF%E3%81%A6%E3%83%A9%E9%96%89

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e87f4abf09c022cd619a7574ecab9d82e80209852beaee79b939981ed5b4dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 19:44:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F6F5 4 KB
816 B 45ms
44ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 18:04:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F6F5 2 KB
765 B 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame F6F5 22 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F6F5 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F6F5 18 KB
7 KB 4ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6F5 157 KB
48 KB 76ms
75ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H3 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame F6F5 33 KB
14 KB 4ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 989A 143 B
166 B 2ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:01:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 989A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:49 GMT
expires: Fri, 13 Jan 2023 19:44:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 67ms
67ms Image
image/gif 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.647084504011316

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p-z-1U5yNLEiqO05pFVCVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-p-z-1U5yNLEiqO05pFVCVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 241ms
241ms Image
image/gif 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.628443842860742

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4YizDiip3BJ10TKmLhLQBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-4YizDiip3BJ10TKmLhLQBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 10708771374029126510
tpc.googlesyndication.com/daca_images/simgad/ Frame 51FE 10 KB
10 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10708771374029126510?w=180&h=360

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a2227d4eb0c5c93617a9b9cfb3e3f4610753e4f111c69944b63297dca2838c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 15:36:05 GMT
x-content-type-options: nosniff
age: 14924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10651
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 14:04:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Jan 2023 15:36:05 GMT

GET
DATA 200
OK truncated
/ Frame 51FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 093e5324b6171dfdc49551829eb596e7f86a471ad82fa4ca52277da2add106b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4060 36 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 00:41:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 51FE 0
18 B 49ms
48ms Image
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJtC-sLTBY56aCpHBgAOZz7q4DO3ZxIJg4dCSjIQRwI23ARABIOu-ojRgifPFhPQToAHs1-CrAsgBAakCVAHKy2y0QD6oAwHIA8sEqgT4AU_Q6SuGdTuikm19uqpatSmLS0dAYz5nNWwSBFFozxlj7c0ZaVLFFG6qeI_xRjpMc_pdY40cHnzrJYkB3x-r4ZBKJc1ONEsJhfv2LJ9otM1RkK1BCX4PGXBdAlaC64xCnsLiDyFMxgX5Hqr5PNZJEz-AbVFpXiwbm4Kt_dXIG6d9im08YPxnIiMoMStU2rTSiJasRZhBozy_TvyzII5OeX5a7rzGyURAmulY7kKYXnzI5vxJ7dmVwffm0NsZiRdsZBjfkescDZdLEi2cM0GwLEx3NAPV0Y3GGIT4YalG55uS4A7vic4FXGj5TGMT6Fhr7TcHFDKFVJLowASN1L23lwOSBQQIBBgBkgUECAUYBKAGAoAH_Kef1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDJswrSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNjM5MDEzMjE2NjQwOTE1MBgA&sigh=Z8PVlfQiVpg&uach_m=[UACH]&cid=CAQSGwDq26N9YOve3IiQMXRejwg98NLBi46v6smKYxgBIBM&vis=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 19:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 1949 830 B
591 B 42ms
41ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%8A%E3%83%BC%E4%BA%95%E5%93%81%E5%BA%97NW3%E8%88%97%E3%83%A7%E3%83%83%E3%83%B3%E3%81%8Fk%E6%99%82%EF%BD%9E%E5%8F%960%E3%83%89%E3%82%B7%E5%A4%A72%E5%88%86%20%E9%80%B1%E5%A0%B1%E5%8F%AF%E4%BB%8A%E5%8C%BA%E3%83%A8ls%E5%B7%9D-%E5%BE%976%E5%86%85%E3%83%94%E3%83%88%E3%82%B0e%E6%83%85%E3%82%A4%E7%94%BAw%E5%85%88%E3%82%AB%E5%8F%97%E9%96%8By%E3%81%AE1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=50&adk=6813346&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&to=qs&pwprc=8069848629&format=330x50&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639088963&bpp=1&bdt=1506&idt=0&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3bcb21879ceb47d4-228bc26548d9008a%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MZ8QeDNRGM1nZPH2u4VnQUMaBRMVQ&gpic=UID%3D00000929f5c2ced6%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MaHZBgMHXvM5NC7wCauRoHF-0OPYQ&prev_fmts=0x0%2C300x600%2C330x250&nras=2&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&psts=ACgb8tsWWWGW9_ebmToTZqrcus2ZUuUsruPde2HMNRQ967mO1MHiFHd9LL0u-P77wxtXCPmUuDlHb1Hr2KdmO_E%2CACgb8tv2Fip9lI9tHl0sDKM60Vkfqo67rCDX5_dzwX4cca1gVBUrj5QEOdE2A12j4XjMN0z-QDIJeGr3p4pzt3soJ_84Uw&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QMFvRGGvu7&p=https%3A//ittrip.xyz&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1aa3ef85fb4ae16248a85cd34d6a847d371d4274ca92a8705d5dde67a352f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 19:44:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 1949 2 KB
765 B 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 1949 22 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 1949 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 1949 18 KB
7 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 02:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 02:54:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1949 0
0 39ms
38ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTr6BnuLVGChM_5rjoVuuM5sqk1UcqbfCROcl5cW8S9L7hpuIHbjjFqRjLpBRJRgVvErF0kasLn0qybk8UUKQ360DOcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=50&adk=6813346&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&to=qs&pwprc=8069848629&format=330x50&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639088963&bpp=1&bdt=1506&idt=0&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3bcb21879ceb47d4-228bc26548d9008a%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MZ8QeDNRGM1nZPH2u4VnQUMaBRMVQ&gpic=UID%3D00000929f5c2ced6%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MaHZBgMHXvM5NC7wCauRoHF-0OPYQ&prev_fmts=0x0%2C300x600%2C330x250&nras=2&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&psts=ACgb8tsWWWGW9_ebmToTZqrcus2ZUuUsruPde2HMNRQ967mO1MHiFHd9LL0u-P77wxtXCPmUuDlHb1Hr2KdmO_E%2CACgb8tv2Fip9lI9tHl0sDKM60Vkfqo67rCDX5_dzwX4cca1gVBUrj5QEOdE2A12j4XjMN0z-QDIJeGr3p4pzt3soJ_84Uw&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QMFvRGGvu7&p=https%3A//ittrip.xyz&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1949 157 KB
48 KB 77ms
76ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H3 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 1949 33 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 00:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:47:24 GMT

GET
H3 200 3724272698873698415
tpc.googlesyndication.com/daca_images/simgad/ Frame C8C6 10 KB
10 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3724272698873698415?w=180&h=320

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

212b9112fb3e54f332dec6f1522ee9d04560c958a32d6fc9cd341c12d111f926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 15:24:36 GMT
x-content-type-options: nosniff
age: 15613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10426
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 14:04:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Jan 2023 15:24:36 GMT

GET
DATA 200
OK truncated
/ Frame C8C6 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3c1d9c40eb6f4a95f88903b00baaaa4f221a95c9ec82e81a6c77153d05b2444

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1949 0
0 55ms
52ms Fetch
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUFCWsbTBY5YrgeiBA52ZoOgPuNP9sm6su-KavxBkEAEg676iNGCJ88WE9BOgAbzcppgoyAEJqQJUAcrLbLRAPqgDAcgDywSqBOMBT9Alm_41P3U2SfkOK28GLxQfSMdRXp-Ej1MyWDcd33iSzOwZ9vboI7Q8PKP7Lga7uZE3eVWTVqOLiZ06Hg2lCxv5Nu-oqIPR07w53eRBnkYZAqoYV4ERnlcGNq1iQZmal-vccKl_D3uamseFMpD8R2eHRq0YHWQzlPO73bkUD14VXsq3LlYbRNuc7MLlosijxAsJK3zsb4MFPsq_i38fMMuFJIGbeL1sVBNYFTeWYUi8n_ZEDuEODUP6MdL9F0ZsCeEx1RO5xyNYp1fw6BZLOQtgFloiUJYzLe09kIJeB36jWtPABPfe05WdBJIFBAgEGAGSBQQIBRgEoAYugAe8lPf3AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEJdN0ggPCIBhEAEYHzICigI6AoBAgAoByAsBmAzptZbTnwS4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTYzOTAxMzIxNjY0MDkxNTAYAA&sigh=tDKc7RDjh0k&uach_m=[UACH]&cid=CAQSOwDq26N9p6bbeOiSy29P_o4lIiYSm3HUdL1jffteYO8NolOWd89MHC0ejfCoshz9eflozMJL6Qtl29baGAEgEw&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6390132166409150&output=html&h=50&adk=6813346&adf=807584714&pi=t.aa~a.1611007932~rp.4&w=330&fwrn=4&fwrnh=100&lmt=1673639088&rafmt=1&to=qs&pwprc=8069848629&format=330x50&url=https%3A%2F%2Fittrip.xyz%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673639088963&bpp=1&bdt=1506&idt=0&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3bcb21879ceb47d4-228bc26548d9008a%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MZ8QeDNRGM1nZPH2u4VnQUMaBRMVQ&gpic=UID%3D00000929f5c2ced6%3AT%3D1673639088%3ART%3D1673639088%3AS%3DALNI_MaHZBgMHXvM5NC7wCauRoHF-0OPYQ&prev_fmts=0x0%2C300x600%2C330x250&nras=2&correlator=2245055976048&frm=20&pv=1&ga_vid=975192238.1673639088&ga_sid=1673639088&ga_hid=1473088764&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1009&ady=1816&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44779794&oid=2&psts=ACgb8tsWWWGW9_ebmToTZqrcus2ZUuUsruPde2HMNRQ967mO1MHiFHd9LL0u-P77wxtXCPmUuDlHb1Hr2KdmO_E%2CACgb8tv2Fip9lI9tHl0sDKM60Vkfqo67rCDX5_dzwX4cca1gVBUrj5QEOdE2A12j4XjMN0z-QDIJeGr3p4pzt3soJ_84Uw&pvsid=2758834144781095&tmod=2019221910&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=QMFvRGGvu7&p=https%3A//ittrip.xyz&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 19:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 9216095162094444457
tpc.googlesyndication.com/simgad/ Frame 1949 2 KB
2 KB 3ms
2ms Image
image/jpeg 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9216095162094444457?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a4f39ffc38f1556bd7689231fcb4a7454551a0f1f14f340d4958d31ff9cfd3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:37:53 GMT
x-content-type-options: nosniff
age: 382016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2510
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 03:39:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jan 2024 09:37:53 GMT

GET
DATA 200
OK truncated
/ Frame 1949 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1949 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 55CE 36 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 00:41:05 GMT

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0993 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 00:41:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C8C6 0
18 B 51ms
51ms Image
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyINgsLTBY5-aCpHBgAOZz7q4DO3ZxIJg4dCSjIQRwI23ARABIOu-ojRgifPFhPQToAHs1-CrAsgBAakCVAHKy2y0QD6oAwHIA8sEqgT4AU_QbifQNJwT2mmZU4woLCN18NL9GGLbdc5dwmiN9gN18_aSH_huzuTLjEdx2u4aNeZuwM9bkLgdbiDlUwNDCfJMHDDinA-bPYAPU17S-WgdCnh5ktNBi4-Uevh9md4wauzpWWmKvsQ-TL2O5wLQCbmzWjo2ysKZKZYdWmwdBNhpfa63KIgYFmgFfv5Q9xgMuY4DE106rRI2Drly6Ti5Y_eksF74bzF4m3sFR1NpVXPKnrEDM_nNVaTX8PBmKb_KHBmLdYotvST6jvUXAJZSuhDgt9GiVMN8PDaWc_cctKKGLH_7vBrYmPH7mDE3vYr35RhQmRX9QVgzwASN1L23lwOSBQQIBBgBkgUECAUYBKAGAoAH_Kef1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDzhwvSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNjM5MDEzMjE2NjQwOTE1MBgA&sigh=IKrCw5sVXMU&uach_m=[UACH]&cid=CAQSGwDq26N9YOve3IiQMXRejwg98NLBi46v6smKYxgBIBM&vis=1

Requested by

Host: ittrip.xyz
URL: https://ittrip.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 19:44:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C971 1 KB
643 B 2ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:48:51 GMT
etag: 48472445140208031
expires: Sat, 14 Jan 2023 10:48:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1949 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b57b6826ed8e18c99a0a977fbb265af435f05d1adf3f282c3273d779158d068

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gkXLzPZdO3ml-Gsxn5ewRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-gkXLzPZdO3ml-Gsxn5ewRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C971
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEETFjKO_feUAS7uFaqu5Us8&google_cver=1&google_push=AavPq0P3ULI6W8Dhitd5VNxO0sJPpt1bYYFyxYNBw5cnSJmvP3_O5uZksKYzg9SoNUCJBdpJHebyf...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0P3ULI6W8Dhitd5VNxO0sJPpt1bYYFyxYNBw5cnSJmvP3_O5uZksKYzg9SoNUCJBdpJHebyfAr1Zm4S7HJYxtnChdGWWDA7

170 B
232 B

45ms
44ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0P3ULI6W8Dhitd5VNxO0sJPpt1bYYFyxYNBw5cnSJmvP3_O5uZksKYzg9SoNUCJBdpJHebyfAr1Zm4S7HJYxtnChdGWWDA7

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Jan 2023 19:44:49 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8B8A07829DCD48E7AA7652B6D8900BD4 Ref B: TYAEDGE0719 Ref C: 2023-01-13T19:44:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0P3ULI6W8Dhitd5VNxO0sJPpt1bYYFyxYNBw5cnSJmvP3_O5uZksKYzg9SoNUCJBdpJHebyfAr1Zm4S7HJYxtnChdGWWDA7
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyKndqbRp3vCC9br3q+w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C971
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEOhZ1SyXl6LF-NmlmFtQEIw&google_cver=1&google_push=AavPq0Ppdvo0ZYBHd5kRhJCFL3nNqD9ggf3rgNWoyejChSttF4lPFyRQjR3OXZrCNN0zF0DGKHgE0nENLf5Q5yBMTh104yYZ...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Ppdvo0ZYBHd5kRhJCFL3nNqD9ggf3rgNWoyejChSttF4lPFyRQjR3OXZrCNN0zF0DGKHgE0nENLf5Q5yBMTh104yYZ2crn

170 B
188 B

44ms
44ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Ppdvo0ZYBHd5kRhJCFL3nNqD9ggf3rgNWoyejChSttF4lPFyRQjR3OXZrCNN0zF0DGKHgE0nENLf5Q5yBMTh104yYZ2crn

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0Ppdvo0ZYBHd5kRhJCFL3nNqD9ggf3rgNWoyejChSttF4lPFyRQjR3OXZrCNN0zF0DGKHgE0nENLf5Q5yBMTh104yYZ2crn
Date: Fri, 13 Jan 2023 19:44:49 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C971
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESELBvOc7hBml89XAKwMG7FJs&google_cver=1&google_push=AavPq0Naq7vBZn4WjXvJGcSaDIcHZYXwO_INO-fUSCBSlAwfaKgcqzWIWFHoCZwqyG7GRcdc8SsKS...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0Naq7vBZn4WjXvJGcSaDIcHZYXwO_INO-fUSCBSlAwfaKgcqzWIWFHoCZwqyG7GRcdc8SsKSBcck5pbp-O-s7AXreJCM87EAQ&google_hm=Y3h3dTFLUjE2ajNQM...

170 B
243 B

74ms
46ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0Naq7vBZn4WjXvJGcSaDIcHZYXwO_INO-fUSCBSlAwfaKgcqzWIWFHoCZwqyG7GRcdc8SsKSBcck5pbp-O-s7AXreJCM87EAQ&google_hm=Y3h3dTFLUjE2ajNQMUlTWUJkcW0tZEVvV1lV&from_google=sp1

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 19:44:49 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AavPq0Naq7vBZn4WjXvJGcSaDIcHZYXwO_INO-fUSCBSlAwfaKgcqzWIWFHoCZwqyG7GRcdc8SsKSBcck5pbp-O-s7AXreJCM87EAQ&google_hm=Y3h3dTFLUjE2ajNQMUlTWUJkcW0tZEVvV1lV&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C971
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEISbhB_zQI2Z2LqiJCCYg-8&google_cver=1&google_push=AavPq0OyXghf2cDELnGy21tFR5yV6qVUmPRyDKcncXtVYpk3XWMW454QgBbHNyg-ngKtKt-EhhtD8zi2ums38kqOiBbjIiy...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OyXghf2cDELnGy21tFR5yV6qVUmPRyDKcncXtVYpk3XWMW454QgBbHNyg-ngKtKt-EhhtD8zi2ums38kqOiBbjIiydRuPPsg&google_hm=eS1kVHU0N0lGRTJwR3pj...

170 B
188 B

41ms
40ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OyXghf2cDELnGy21tFR5yV6qVUmPRyDKcncXtVYpk3XWMW454QgBbHNyg-ngKtKt-EhhtD8zi2ums38kqOiBbjIiydRuPPsg&google_hm=eS1kVHU0N0lGRTJwR3pjeU1fdmpCOWh6WnJfZGVRd2xfZX5B

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Jan 2023 19:44:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OyXghf2cDELnGy21tFR5yV6qVUmPRyDKcncXtVYpk3XWMW454QgBbHNyg-ngKtKt-EhhtD8zi2ums38kqOiBbjIiydRuPPsg&google_hm=eS1kVHU0N0lGRTJwR3pjeU1fdmpCOWh6WnJfZGVRd2xfZX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C971
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEIwV1m2Ioz7BLHz6NTK-sqk&google_cver=1&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZ...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEIwV1m2Ioz7BLHz6NTK-sqk&google_cver=1&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZQQ8tmq1VJig&google_hm=E7Rt8KNHQIOuPA...

170 B
188 B

42ms
42ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZQQ8tmq1VJig&google_hm=E7Rt8KNHQIOuPAjGAjGpZw==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZQQ8tmq1VJig&google_hm=E7Rt8KNHQIOuPAjGAjGpZw==
Date: Fri, 13 Jan 2023 19:44:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C971
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEM1Wz0ksrdHeBE31kn9snjc&google_cver=1&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtT...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEM1Wz0ksrdHeBE31kn9snjc&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtT...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtTlvoQIRGt7lZSTxLYQ&google_hm=Z29KQTZCX3NtMWwzeX...

170 B
188 B

42ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtTlvoQIRGt7lZSTxLYQ&google_hm=Z29KQTZCX3NtMWwzeXZmckxNc0g=

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 19:44:50 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0Ok9GKEu1w6eCO6BSgEr05ng0PMnF-QEIsCVtpZ5DOdJ9X38l8URURddDYPz8a3BZPoqjAFg5OBTOBtTlvoQIRGt7lZSTxLYQ&google_hm=Z29KQTZCX3NtMWwzeXZmckxNc0g=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame C971
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED3VUIpC99a9FZMhO0JXJw4&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OGYyMjkxNTctYjM5YS00MmE3LWJjMjEtNDMwNjc0NmMzYjgx&google_push=AavPq0OJEx8KkzpOhHlXjHOatYV8rl2Nzd2z3ZCE2P4C7ToaorxGNnG7XMR7qblybM1Gt...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

8ms
8ms

Image
image/gif

23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Fri, 13 Jan 2023 19:44:49 GMT
pragma: no-cache
date: Fri, 13 Jan 2023 19:44:49 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C971 0
223 B 85ms
41ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lkrtt5oCBn4OQ5ueCyxYeu8wpPjO0Z8nj_WE3mrptTeFG5mzBILH-1qOqGzB8W36YV0p2qtQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1949 15 KB
15 KB 3ms
2ms Font
font/woff2 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12Xzhso4JOhS_K28gdFU1LPgGF3nz0TMr7-RzI_PU5iiXiLulVzkGr7poTrq-XBB4agqHh4wDFJFosMR_6agZ5AgtLh40zrMwnlk1vR-4g7Nqf4Jr48ExJlQdCFrOMd5rtxL4bj6O3svpG9MejFrltUOsa1bMdPpktNKXLqsRN0phpVSonZpHkY8JT6IkGdLi91DvYT8_2-5-g&skey=fbc48de1c6e1b00c&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%8A%E3%83%BC%E4%BA%95%E5%93%81%E5%BA%97NW3%E8%88%97%E3%83%A7%E3%83%83%E3%83%B3%E3%81%8Fk%E6%99%82%EF%BD%9E%E5%8F%960%E3%83%89%E3%82%B7%E5%A4%A72%E5%88%86%20%E9%80%B1%E5%A0%B1%E5%8F%AF%E4%BB%8A%E5%8C%BA%E3%83%A8ls%E5%B7%9D-%E5%BE%976%E5%86%85%E3%83%94%E3%83%88%E3%82%B0e%E6%83%85%E3%82%A4%E7%94%BAw%E5%85%88%E3%82%AB%E5%8F%97%E9%96%8By%E3%81%AE1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9518dda12903b1f43d55db8b9b5728e880cedf2d2967e9dfe4b7694762e53b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:13:36 GMT
x-content-type-options: nosniff
age: 66673
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15444
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Jan 2023 01:13:36 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1949 15 KB
15 KB 2ms
2ms Font
font/woff2 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqc03dIt9snJ-8umP6ZusdIwSMW613nykTMsL-R8o_MZJiiXSLuq1zkFb7ppjrq-nBB_qgqGR4wA1JEmcMR9KagZpAgr7h40jrMxXlk5fR-7Q7Nsv4JoIg97ZlRayBVOsd6o9xF4rj-B3ssiG9MezFrrtUSn61oAdPthNNZZrqhTt0thpZvsHZzGUcxHTGUvWZDrd1Vh4LX6g&skey=72472b0eb8793570&v=v42

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb7c1cec27f7fd1d68cffe01bd4551bf51a5955bf9dd10a6345575013b0dc7a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:13:36 GMT
x-content-type-options: nosniff
age: 66673
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15352
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 23:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 13 Jan 2023 01:13:36 GMT

POST admin-ajax.php
ittrip.xyz/wp-admin/ 0
0

GET
H2 200 admin-ajax.php Show response
ittrip.xyz/wp-admin/ 1 B
361 B 171ms
171ms XHR
text/html 183.181.91.49
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ittrip.xyz/wp-admin/admin-ajax.php?action=thk_sns_real&sns=f&url=https%3A%2F%2Fittrip.xyz%2F&_=1673639087613

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.181.91.49 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv1048.wpx.ne.jp

Software

nginx /

Resource Hash

bb7208bc9b5d7c04f1236a82a0093a5e33f40423d5ba8d4266f7092c3ba43b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://ittrip.xyz/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
55ms XHR
application/json 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdf705d0317f97188304a3d3c81daaaf7ba2d171bb5a6aa3c3fea2852a95588f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10937
x-xss-protection: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4845 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 00:41:05 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 117ms
117ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 19:44:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EEF7 13 KB
5 KB 6ms
2ms Document
text/html 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 49563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 05:58:46 GMT
expires: Sat, 13 Jan 2024 05:58:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 77E6 783 B
534 B 42ms
41ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bf5eee4d2cbdeb18a1b23df493ab84e91b71258bf20606cc8a2b582a184fcd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mduy6o-6AXImStiA82XQ9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ittrip.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-mduy6o-6AXImStiA82XQ9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 19:44:49 GMT
expires: Fri, 13 Jan 2023 19:44:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame EEF7 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 00:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 00:41:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 77E6 0
0 38ms
38ms Image
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=2758834144781095&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 942D 42 B
64 B 60ms
59ms Fetch
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLYH4X0kpeoUoxDY3fSYsdsUzNbctTCzsdx9-mUwYCutxQO0qSMTbhpjF8AVTx2HSoKXd2HZdeteJ4obfaU54LpbiIFAf_2Dd3F9HEt0B93p5SqWWiwNCujToXET-CUCSZgVk&sai=AMfl-YSKK37BjE7fvZZzV869pEFddrm_Zd9qTqgxxhlgw6j4OWNEtOVRWLwTFu1BxjNpHKfZ2vbTmCztv62wt8w&sig=Cg0ArKJSzFVzkykURMjOEAE&cid=CAQSGwDq26N9Tgji60TzlA3NUUYGo6JBHWv-RlZbChgBIBM&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3840913425&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673639088138&rpt=855&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads0. Show response
fundingchoicesmessages.google.com/f/AGSKWxVEWsG0wZ1e4dmTcETqg7VoKaIZEbOQrRoUaOZs7zs9JcELAn_JmSstqWa68h3S8x7M_Rl12DMwY7cGSYucLeFJt2R4LnTCDKKyEgJNvUMOrnAoGBYP7WMib8JMBmWyg3q6_WdJDkPAwGfLm-qc9EOP72DfS... 54 B
109 B 54ms
54ms Script
application/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVEWsG0wZ1e4dmTcETqg7VoKaIZEbOQrRoUaOZs7zs9JcELAn_JmSstqWa68h3S8x7M_Rl12DMwY7cGSYucLeFJt2R4LnTCDKKyEgJNvUMOrnAoGBYP7WMib8JMBmWyg3q6_WdJDkPAwGfLm-qc9EOP72DfSim50xTOEvnJjjnef5nk_g7z2kNy2FZk/__iframe_ad_/internal-ad--advertising2--banner-ad-/ads0.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GGZWQ0iGom8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwFX8h5dRTuV51z-NxdkobNb714Cg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd654ee7a3467257829a899ca44306f8c50dc609dd7ee4dda8e1bca13feb7b16

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8Ighnqqisp8_3cYFa69YKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8Ighnqqisp8_3cYFa69YKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 42 KB
12 KB 3ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GGZWQ0iGom8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwFX8h5dRTuV51z-NxdkobNb714Cg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

227226d2d40b72e69e9603ca676ce7b8c7f4f83058bce4c4af126ba3eb8f6f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:15:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12696
x-xss-protection: 0
server: cafe
etag: 14588972336428064492
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 20:15:52 GMT

POST
H3 204 AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
57ms XHR
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-B1bRc1nvsItTACjDE1Lbxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 19:44:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-B1bRc1nvsItTACjDE1Lbxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 229ms
229ms XHR
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e6KE5VHqfV-xWbbukBtYbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 19:44:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-e6KE5VHqfV-xWbbukBtYbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 179ms
179ms XHR
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YQdbLMG8f2ltRF3gM-8_cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 19:44:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YQdbLMG8f2ltRF3gM-8_cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 247ms
247ms XHR
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVwgiL61f7cVkIXjlMFNhXrxUP-1jdiEPbYOIVfoaQwknDbHxbpTM96xpPLbnIpcWOdjTH0Ohq8z-80xwWulHju1Y8mhWR496JWTy4HPW1kIvBTjd2EwMSkKOgTpiz7Zv5ApdoeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IM7efT2dmZN_XGk-IkPfcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 19:44:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IM7efT2dmZN_XGk-IkPfcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ittrip.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUd5c9Qu7tjfHp6uq_EyvE81FXVPRHHNKCQmrOaUjn4hFlIFSTjGYc4KCn-2Vzwz8GNqz7irtupNcMz_vV_FAx832AeIWnsDcRNBkLDOv0J6cMJaUqCFUXCKKiflA4kIwP53meQew== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 212ms
211ms Script
application/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUd5c9Qu7tjfHp6uq_EyvE81FXVPRHHNKCQmrOaUjn4hFlIFSTjGYc4KCn-2Vzwz8GNqz7irtupNcMz_vV_FAx832AeIWnsDcRNBkLDOv0J6cMJaUqCFUXCKKiflA4kIwP53meQew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNjM5MDkwLDE1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vaXR0cmlwLnh5ei8iLG51bGwsW1s4LCJHR1pXUTBpR29tOCJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d0098946ca88ed837f5ae155e751de626440405a0116a0276c05e7916c6c27a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mlHmxzPb2UzdMzNWCIQY5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:44:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mlHmxzPb2UzdMzNWCIQY5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 51FE 42 B
64 B 40ms
39ms Fetch
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTbBR9f5D-8BuCk5Vy2-_s8PlEfGfXMD8Zl6jMGS-kUT5-2zfV4gfu4rpzVHmjK0B83D1ql7-oDsNdg-UViLP9_W82ae_Bf2qknXD4ZIya9MHASdF07H3-mHN-Ufbowr2eMNg&sai=AMfl-YRxrL7OUFU7IKfm94prWTFelJwi7PmGScHdYix1z1VQXx6VNmOq11BpGsuwFDRaICrDAwJhaPdFY2a8RDw&sig=Cg0ArKJSzMfmeL7yEpBjEAE&cid=CAQSGwDq26N9YOve3IiQMXRejwg98NLBi46v6smKYxgBIBM&id=lidar2&mcvt=1000&p=-70,0,430,180&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673639089070&rpt=146&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
47ms Image
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=2758834144781095&bg=!4eKl4qbNAAYDMoyoIzI7ACkAdvg8WvK5kotSnzO6m4TF4vUFxUbqbk-sves6fF_iqovoFnPgUpbQWwIAAABGUgAAAAhoAQcKACwghQPsWgvio5s0LKlhkhlcrXL5dqZTbM8JPT_WFg_JV98KfqwPvmcvr7ex8pkCnVBXEvGDMI5hdIiox_Par_7oXycPz420FzELr_0fncUILkwqgeojwNM-R_HC1f44RyNJCHQQ-ntliHhR4ZoSbHJuAjTslWx4yK3AS6-42VStqWCuk6WbNISRA5HpbEl3-Mk5GFy9rXMJmo2ZdNXozlIABpLC8KoEo1dKiCUgKNkQQQ6i66q83i0VrjX_5Z1EwIE0gZVtZfUUpOeOF-Tdom5n9j9g-V66f3Hai8m4OPhDhKJEYz-jARuFrJY77a9c1KKhJlJnbZMODbWCvD3o4-3UYnkyCCHdr9nRtonCwqkknkzjzbJjO1zPJ-Jxx9zVcxOwrO5lIedYPhHvpWtQq3Ib_FOhsoor-8H0yU0ZZltTjHu6DJpQnoAEpGW5mncRF4_QW-slDc5NS2qjwhN7Q6uXeEjmQoONRDlobVzr5s-k7zt59I-DrSrWo2SjkbuPletBMtYu6SZoissfRx8vGg_NrfYNQFhInTqco2eNRzpf1-pxDSSYzm1N7VYoAOQSraliMq582bhuGNaBsTFZZpH3LOdVDhkypwABXBsUlanwQeq4jFDCqx0SBXdTyKDu6DwoSRdrWDmFteZXmkaWfGXl5XFTgNgxvsrmXspAxg1n9eEm4xgcZ8qyK2ZyHdOObrUxkrhW5tHTgswRdImPWmEQhqSCdOCp5wg26Ia1TokoAAmvZZ6LEavpq5dYmTDzABOmkovBozGOAOJ4AW-_VPbHNOqbaApK-8c2aCUvBOJy2UpbHuoyZGAJ_43fGxcr5vpFFo6CaZEjJVt_dvbpzwLiUf8R5Zr5671MDXca7Y_0WZhy8LewNi6hStk1YauZHZ4d4MrClUlwMFVo96J7EeW64I8QXgmGnA5W43trFRyb0wpuNbeQDW2I2GV_lw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ittrip.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C8C6 42 B
64 B 45ms
45ms Fetch
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstedtwHvrV40IPq7PsYPVBXIALwv-0CAv8eXeov3qm3WEjpzBy24Nue6MCCoT7zDzwNFy8ikmyKOQABew7N9iVjU8ESo1D2Wdq_p5X2lLpMFI5HkWtduGFNvSPVD4J5kjBdOe0&sai=AMfl-YSD7z1zrk8wRSzXrNe8reD74_RmNTxFAr_JYxt8WfaiRgr815jdD-0fKsJDgmXrRyT595Nve5cKgNS2bEw&sig=Cg0ArKJSzPCoRwih4dQ2EAE&cid=CAQSGwDq26N9YOve3IiQMXRejwg98NLBi46v6smKYxgBIBM&id=lidar2&mcvt=1003&p=-90,0,410,180&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673639089073&rpt=265&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 19:44:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUMPJ1NKcWwXPR2DKCTEUJj5HSm5UY7AdVr7uRDvQhFSwk2ihhetFBhGEXXBpsPXNiJ8pfkhtVockQP8mlZbgcW-dOjF_CQwUtbH2uFzG2rc8pXqBFhWjqZ_1G3gbNyZO3xqhYM9Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
46ms XHR
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUMPJ1NKcWwXPR2DKCTEUJj5HSm5UY7AdVr7uRDvQhFSwk2ihhetFBhGEXXBpsPXNiJ8pfkhtVockQP8mlZbgcW-dOjF_CQwUtbH2uFzG2rc8pXqBFhWjqZ_1G3gbNyZO3xqhYM9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ahpdDHFhPsUH5IT0OmD_sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ittrip.xyz/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 19:44:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ahpdDHFhPsUH5IT0OmD_sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ittrip.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ittrip.xyz
URL: https://ittrip.xyz/wp-admin/admin-ajax.php

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ittrip.xyz/	1970-01-20 18:29:59	Name: _ga_2QK7EHKEJP Value: GS1.1.1673639087.1.0.1673639087.0.0.0
.valuecommerce.com/	1970-01-20 18:29:59	Name: VCB Value: Y8G0rwANq_EfzJGrwKhvT8Cob112ig&c=afb4c163&v=2&s=43672ba0
.ittrip.xyz/	1970-01-20 18:29:59	Name: _VC_PTB_ Value: Y8G0rwANq_EfzJGrwKhvT8Cob112ig
.ittrip.xyz/	1970-01-20 08:55:25	Name: _gid Value: GA1.2.2081343490.1673639088
.ittrip.xyz/	1970-01-20 08:53:59	Name: _gat_gtag_UA_84676516_1 Value: 1
.ittrip.xyz/	1970-01-20 18:29:59	Name: _ga_5FR5GCF53M Value: GS1.1.1673639088.1.0.1673639088.0.0.0
.ittrip.xyz/	1970-01-20 18:29:59	Name: _ga Value: GA1.1.975192238.1673639088
.ittrip.xyz/	1970-01-20 18:15:35	Name: __gads Value: ID=3bcb21879ceb47d4-228bc26548d9008a:T=1673639088:RT=1673639088:S=ALNI_MZ8QeDNRGM1nZPH2u4VnQUMaBRMVQ
.ittrip.xyz/	1970-01-20 18:15:35	Name: __gpi Value: UID=00000929f5c2ced6:T=1673639088:RT=1673639088:S=ALNI_MaHZBgMHXvM5NC7wCauRoHF-0OPYQ
.doubleclick.net/	1970-01-20 18:29:59	Name: IDE Value: AHWqTUmiTok_gWNxjvdvTGGxcJ4VPeh_IGedc7Kw3zPGBuWmq-iTEggj2JkRb2hb9QE
.doubleclick.net/	1970-01-20 08:54:02	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 08:53:59	Name: test_cookie Value: CheckForPermission
.fout.jp/	1970-01-20 18:29:59	Name: uid Value: cxwu1KR16j3P1ISYBdqm-dEoWYU
.teads.tv/	1970-01-20 17:38:08	Name: tt_viewer Value: 8f229157-b39a-42a7-bc21-4306746c3b81
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:39:35	Name: bcookie Value: "v=2&0a82fc07-74a6-45f9-8eeb-38326f353402"
.linkedin.com/	1970-01-20 08:55:25	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2935:u=1:x=1:i=1673639089:t=1673725489:v=2:sig=AQE1Octvi7ySv8859zd9aVwaYmXwlBLh"
.yahoo.com/	1970-01-20 17:39:56	Name: A3 Value: d=AQABBLG0wWMCEG5x6x0HwRuxKxr5Ex_zH1gFEgEBAQEGw2PLYwAAAAAA_eMAAA&S=AQAAAmqeob_optSNaf3_N5LfUBs
.zemanta.com/	1970-01-20 17:39:35	Name: zuid Value: goJA6B_sm1l3yvfrLMsH
.bidswitch.net/	1970-01-20 17:39:35	Name: tuuid Value: 13b46df0-a347-4083-ae3c-08c60231a967
.bidswitch.net/	1970-01-20 17:39:35	Name: c Value: 1673639090
.bidswitch.net/	1970-01-20 17:39:35	Name: tuuid_lu Value: 1673639090
.ittrip.xyz/	1970-01-20 17:39:35	Name: FCNEC Value: %5B%5B%22AKsRol-aiNkr7sj8EI7_EQCXefVTiub2de7xUhqXIka3eGy8_-A_Z1NG9O3FlGmaawo6fvzsZjAytjQ_tF7tPE555CL2CfiBoWAtnJ2yx2zn8v6l70Nqvtd2YDoAA1C4YKP2BibF34_ZjuGu9KMwkrPElAxG3aITsw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.bidswitch.net/	1970-01-20 08:53:59	Name: google_push Value: AavPq0OB8B6hJZOW3kpQbYeNjf0CdXC5_dHU4XUMfxrgixg1Nc8cAeq1hOBs9iw868OgMUxkj6VUH9iLS42wVcHnZQQ8tmq1VJig

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
aml.valuecommerce.com
b1sync.zemanta.com
clients1.google.com
cm.g.doubleclick.net
cse.google.com
dalb.valuecommerce.com
dalc.valuecommerce.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ittrip.xyz
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
stats.g.doubleclick.net
sync.fout.jp
sync.teads.tv
tpc.googlesyndication.com
v9999.adv.admeme.net
webfonts.xserver.jp
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ittrip.xyz
13.113.202.151
142.250.196.98
183.181.91.49
202.226.37.225
202.232.238.37
210.140.225.135
210.140.225.92
210.140.252.92
23.45.61.118
2404:6800:4004:801::2001
2404:6800:4004:810::200e
2404:6800:4004:812::2002
2404:6800:4004:820::2002
2404:6800:4004:820::200e
2404:6800:4004:821::2003
2404:6800:4004:821::200e
2404:6800:4004:822::2002
2404:6800:4004:822::2008
2404:6800:4004:823::2002
2404:6800:4004:825::2002
2404:6800:4004:825::2003
2404:6800:4004:825::200a
2404:6800:4004:826::200e
2404:6800:4004:827::2002
2404:6800:4004:827::2003
2404:6800:4004:827::2004
2404:6800:4008:c06::9a
2404:6800:400a:80a::200a
2406:da18:929:5a01:2d5c:190b:da10:29e6
2600:9000:2216:5000:18:82c:9d80:93a1
2620:1ec:21::14
35.213.12.39
70.42.32.191
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
07fa6389444df2aabb38b8de4e8b2711f4414eab1076f72c0e3c55543854b878
087f7fc9a61ceda6f11bcf2674f16808b6c5bbf7bbe523005d3b9f7d6a767c78
093e5324b6171dfdc49551829eb596e7f86a471ad82fa4ca52277da2add106b2
097d952945d61b6204b975c63ad94825cf3d90a6ccc9d887dd6329937ecff9d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf5eee4d2cbdeb18a1b23df493ab84e91b71258bf20606cc8a2b582a184fcd5
0dc4f2b15af34083968988be17dde74dbebf040cf402fbd1fe8015fc0c88f0c1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
212b9112fb3e54f332dec6f1522ee9d04560c958a32d6fc9cd341c12d111f926
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
227226d2d40b72e69e9603ca676ce7b8c7f4f83058bce4c4af126ba3eb8f6f4a
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32543dfff18ea53ee0b633f65be112e6b2829d80ba07a3e65125571a4a9e6338
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f
3e87f4abf09c022cd619a7574ecab9d82e80209852beaee79b939981ed5b4dbd
3ea81da5568da2bb3437caa8d7e3b2b91a50fe1a8820e959ec138a381f5a7d28
41da9a84173671859c0cc5f00f34df7d5d433a43a34e77fdc58fbd7d64ed83a6
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
4592a09d74145083fda53639433206796a4a24c4dbf49c60701c339d747c4ef9
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4ca3f2357b08549750c338da5ee136ca1200b9969af641ac17a415337efb09e5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a4f39ffc38f1556bd7689231fcb4a7454551a0f1f14f340d4958d31ff9cfd3a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5da2a3235e9deee4be8919a35960361c8661f97a2a7c6298af09201713cdcd2e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6411013f7f9ef06c6c81a8090729213124f35e64a68cb2a6b35338fa3851e9e6
6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180
69e3696168c1f8450ca1adc4b18437bfec8cc351b02dc20ab1fa8ff2322b8d8b
6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b
709121d64a8fb1e3dd1cb6fbabf220e96d2d4c0a059332f26222426c52fc7b59
71cc8c3d7606e12c69cb96c5ad232b6733c2a108c0a37181b64bc4d780937c69
72a95352a0c759630fe31efd38d36030dfde626d1bf612afb53b346753d7c35c
7d0098946ca88ed837f5ae155e751de626440405a0116a0276c05e7916c6c27a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83ae28a881baed21b21860e3477ff5976b9c67877fc25ed75ee4a5cdba4e7c45
87ff401d535a20d395b3a6829c56073670663f45e4df54786db7e472c7a9bb6e
898a1cef449e66a56c9945b30f3bc7ec954f3891ad486f62b84e93f7d81bfb5a
89c1cb3a15c7bee2e47ca4afed4797221077366fa6c4685efc44d46f681fafc3
8d0d48c61f34fe97205ced48486ca47ce0467b1fd6df357331e3b3342090780a
8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67
9518dda12903b1f43d55db8b9b5728e880cedf2d2967e9dfe4b7694762e53b67
985b57cc71b89d94d3d35a485edc453a2341737248901475cd578878da57de47
98674d82c94b04376866d454420ebc18094cffaf46218407e71f3ae95cfd7e52
9886301943f118751176cdaa9ec90eef72687145ea9d06cf775bccada3aa2373
991959bfbc0a7895351ea7cc79c760247eda2f1597677a30f67799cd1a73bc03
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b57b6826ed8e18c99a0a977fbb265af435f05d1adf3f282c3273d779158d068
9bcfc5a2cc5e9edc87e0f8933fbfa3ca2a866d60f843dfcd92c14e2eabd8c473
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a1aa3ef85fb4ae16248a85cd34d6a847d371d4274ca92a8705d5dde67a352f05
a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1
a33bba9df75a02508dc14a454d6bdcb96efa03dd45109f174028608c28f5cdaf
a47d6b7ed20c17858b6771922b06fe5f3019bfb468b4a556738c0f0aa16f5bdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0
b3c1d9c40eb6f4a95f88903b00baaaa4f221a95c9ec82e81a6c77153d05b2444
b3f33a362a619591f676bec0e2cd40f618666bb3d10be8a013e931a4b344aa7e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6e97e9479fac90f30c5b1ee46a708056f8e4849796b07e84153c02740b8fe1b
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
bb2cefbd4311ed9564becf3a5addf5280475d7b394f39c2ed0357c08edbdb3fc
bb7208bc9b5d7c04f1236a82a0093a5e33f40423d5ba8d4266f7092c3ba43b62
bd5cfe070b6f981ba1ca024432d19668939f4f40fd7bac5e72ed1c91248fa26f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c08dd4b712785938beb9dcbfd614428bc393cb228a00f3b7057cba087cc14853
c0b0611edc6f50ce2d35c875133608aa440a192274c6fbfc537b499d62aaf1e3
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
cb7c1cec27f7fd1d68cffe01bd4551bf51a5955bf9dd10a6345575013b0dc7a9
cc9adc7bd2c6f2de18dd390b16d3c8cda68bc05e4a7116206d37335b40b922dd
cd632b8adf25468b5e7551977aab44e071827f699a78c1ab09347661e5428d80
cd654ee7a3467257829a899ca44306f8c50dc609dd7ee4dda8e1bca13feb7b16
cdf705d0317f97188304a3d3c81daaaf7ba2d171bb5a6aa3c3fea2852a95588f
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657
d5a2227d4eb0c5c93617a9b9cfb3e3f4610753e4f111c69944b63297dca2838c
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5f1c9bd98e9fdcc1e5b8257d94977bb9200cce0ea8aa27a82afea01bdbc433
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50d531fcdb5bdb432e4f63c9b6af1ec8f7e17151825f66ee4c0913ccb775555
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f77eff5b49e8f952f96e523ddd2355b2442b399054854b8ace4d8d6842c61a71
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
f9bbd92a65460f843a7097aff5ee50e97dcdff6ffdae99fca5cb90d14182a1bd
fbf672fc33682bcfef1207c7c023ec1b65946d869f718863b0c97230e6877380
fc1f31407fd6e5cc03dcb3481df3dbf1f3996590799360e590fb71d765888309
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff6a93a5a3089063109be2adef61c23dbd0671983ccb642d0946d8078d82e2f6

ittrip.xyz Open in urlscan Pro 183.181.91.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

96 %HTTPS

67 %IPv6

21 Domains

33 Subdomains

28 IPs

5 Countries

2121 kBTransfer

5576 kBSize

24 Cookies

8 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ittrip.xyz Open in urlscan Pro
183.181.91.49 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

96 %
HTTPS

67 %
IPv6

21
Domains

33
Subdomains

28
IPs

5
Countries

2121 kB
Transfer

5576 kB
Size

24
Cookies

178 HTTP transactions
8 data transactions