99bako.com Open in urlscan Pro
118.27.125.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://99bako.com/
Effective URL:
https://99bako.com/
Submission: On May 26 via manual (May 26th 2023, 11:25:28 pm UTC) from JP — Scanned from JP

Summary HTTP 118 Redirects Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 32 domains to perform 118 HTTP transactions. The main IP is 118.27.125.193, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is 99bako.com.
TLS certificate: Issued by R3 on April 12th 2023. Valid for: 3 months.

This is the only time 99bako.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	118.27.125.193 118.27.125.193	7506 (INTERQ GM...) (INTERQ GMO Internet)
2	151.101.1.55 151.101.1.55	54113 (FASTLY) (FASTLY)
2	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:811::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21c... 2600:9000:21c5:7200:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.183.14 13.225.183.14	16509 (AMAZON-02) (AMAZON-02)
21	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:90c0:999... 2a03:90c0:9994::9994	199524 (GCORE) (GCORE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.84.140.72 99.84.140.72	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c13::9a	15169 (GOOGLE) (GOOGLE)
1	99.84.140.107 99.84.140.107	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:20c... 2600:9000:20c4:b200:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.140.54 99.84.140.54	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	54.151.251.103 54.151.251.103	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:81c::2001	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4004:820::2004	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 3	216.58.220.130 216.58.220.130	15169 (GOOGLE) (GOOGLE)
2 4	23.90.68.235 23.90.68.235	27381 (CASALE-MEDIA) (CASALE-MEDIA)
10	2404:6800:400... 2404:6800:4004:808::2006	15169 (GOOGLE) (GOOGLE)
2	142.251.222.34 142.251.222.34	15169 (GOOGLE) (GOOGLE)
1 2	18.180.4.49 18.180.4.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:140b:1a0... 2600:140b:1a00:19::17dc:44ad	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
118	44

15 118.27.125.193 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 118-27-125-193.virt.lolipop.jp

99bako.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c5:7200:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.183.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-14.nrt57.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:90c0:9994::9994 (Russian Federation)

ASN199524 (GCORE, LU)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c006:158::65 (Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.140.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-72.nrt57.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c13::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.140.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-107.nrt57.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c4:b200:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.140.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-54.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.151.251.103 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-251-103.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)

46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:820::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.220.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.90.68.235 (India) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:808::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.222.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.180.4.49 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-4-49.ap-northeast-1.compute.amazonaws.com

ihg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1a00:19::17dc:44ad (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	222 KB
15	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337	262 KB
15	99bako.com 1 redirects 99bako.com	263 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	177 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
3	gstatic.com www.gstatic.com	15 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2233 google-bidout-d.openx.net — Cisco Umbrella Rank: 2602	664 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1351 mp.4dex.io — Cisco Umbrella Rank: 1975	25 KB
2	demdex.net 1 redirects ihg.demdex.net — Cisco Umbrella Rank: 22131	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	107 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3109	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1025 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 862 id5-sync.com — Cisco Umbrella Rank: 421	18 KB
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 27888	3 KB
2	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19744 invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	2 KB
2	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 30746 s.trvdp.com — Cisco Umbrella Rank: 31158	144 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	130 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 20547	137 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1325	63 KB
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 20655	397 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 84358	531 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2334	8 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 20315	719 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 469	2 KB
1	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 20344	34 KB
118	32

	Domain	Requested by
17	pagead2.googlesyndication.com	cdn.unblockia.com securepubads.g.doubleclick.net tpc.googlesyndication.com 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com pagead2.googlesyndication.com 99bako.com googleads.g.doubleclick.net www.googletagservices.com
15	99bako.com	1 redirects 99bako.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com 99bako.com
10	s0.2mdn.net	99bako.com s0.2mdn.net 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	anymind360.com securepubads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	99bako.com 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
3	fonts.googleapis.com	46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com 99bako.com
3	46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ihg.demdex.net	1 redirects 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	99bako.com
2	www.googletagservices.com	46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com 99bako.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	script.4dex.io	anymind360.com script.4dex.io
2	cdn.jsdelivr.net	anymind360.com securepubads.g.doubleclick.net
2	www.googletagmanager.com	99bako.com www.googletagmanager.com
2	anymind360.com	99bako.com anymind360.com
1	code.createjs.com	s0.2mdn.net
1	s-cs.send.microad.jp	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.jp	securepubads.g.doubleclick.net
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	mp.4dex.io	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	prebid-asia.creativecdn.com	anymind360.com
1	go.trvdp.com	99bako.com
1	cdn.unblockia.com	99bako.com
118	46

This site contains no links.

Subject Issuer	Validity	Valid
99bako.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
anymind360.com R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.unblockia.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
cdn.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2022-10-01` - `2023-10-20`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://99bako.com/
Frame ID: B01AA1623FBAF411A645228DB032D1E2
Requests: 55 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=99bako.com
Frame ID: AE1383E05214ABF9361DFF3F20E0CCD8
Requests: 2 HTTP requests in this frame

Frame: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52857A5F794F27023B4E3A91BA84711E
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: DEA05BF8CE6D439E5869151C554E1815
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 070CE079B495B2E3643A16192F3F9F87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91122A342DDD86D6C89DBBE549E5C1C2
Requests: 2 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.802/prtct.php?val=f&geo=JP&timestamp=1685143524&level=0
Frame ID: 6CB24FBAA3BD0FDDCE412EAC6059BDB9
Requests: 1 HTTP requests in this frame

Frame: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 630B4A5F332DE7746AFAD27CB281245D
Requests: 20 HTTP requests in this frame

Frame: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 07FF9B4CD0332A571933E300BF5D6A87
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGNGIkeoBMAE&v=APEucNVe0nivlk09WrhnVtszOOPFdMZAepECNCMhVY-xo9QdQGuGx_3IKDPU8_vv26QZRhXn5lbFEGxQIBxhNUyySpS9S6v2jQ
Frame ID: 2F003C9361AE7ECCE9BAC2245C8771F2
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AE%E3%83%97%E3%81%BF%E6%96%B0%E7%94%A3%E3%80%81%E6%B0%97%E6%8E%A1%E4%BC%9A%E4%B8%AD%E9%85%8D%E3%82%B0%E6%89%8B%E5%AE%9F%E3%81%AF%E3%81%9D%E3%83%AB%E3%81%B8%E3%82%8A%E9%96%89%E6%97%A5%E9%96%8B%E7%A4%BE%E3%80%82%E5%BA%97%E5%BC%B7%E8%B2%A9%E8%AA%AC%E6%98%8E%E6%96%BD%E3%81%98%E5%82%AC%E3%81%8F%E5%A3%B2%E3%81%A7%E4%B8%8A%E5%8D%92%E7%94%A8%E3%82%8B%E3%83%BC%E3%81%8A%E3%82%92
Frame ID: FCC48A56C691C06423D14DF0C09D26E0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C75C59CDF6EF404DB5324D03200AFE3C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Frame ID: 68A2482B882C808D02C56A88EAEB81A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 19775AA0C6A6A294688557C63F955A31
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
Frame ID: 1D8150E6667BF424CDE5CD5654EF16EC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

言葉の救急箱 - 言葉の救急箱

Page URL History Show full URLs

http://99bako.com/ HTTP 301
https://99bako.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

118
Requests

95 %
HTTPS

52 %
IPv6

32
Domains

46
Subdomains

44
IPs

8
Countries

1678 kB
Transfer

4548 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://99bako.com/ HTTP 301
https://99bako.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://oajs.openx.net/esp?url=https%3A%2F%2F99bako.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2F99bako.com%2F&rid=esp&cc=1

Request Chain 49

https://gum.criteo.com/sid/json?origin=publishertagids&domain=99bako.com&sn=ChromeSyncframe&so=0&topUrl=99bako.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ABTvjHxKYS9ScGYyZjU2K0pmaEpqRjVQNWRlcmhzK202L2hHZWZiK095Z3VueG5wTjQ5Qnl1c0x6MHpNb2dKSnZKclgrZWVRNzdyK0pYeTBVNTBwc3BZTHBxV1lpeGF1N3ZVUmZLdS96UXR0VXhjQ09sYWpoTnNiSU5JS3hXd2RiL0dCRGp6UkdmZGxPTTZBbkJKMlpQMnkzK2pGTkhUcjArZnlGYmFsOGRLeldGYnNlZEZTd2lHb29mdURNeUJwc0dXMVFhejRMbFk5YzBGSU5JNHBuSktEcWVCcEpaeUU0VUFPOUsxR2E5enZ5RzlqRkdSNU5uRXpKTjFzTVJXSlc2UmRjcVkxTTVQSmNZd25PTTkvRUlPcTl4UT09fA&cppv=2

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHE-5CFCO2p-CLibbxxppQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1

Request Chain 103

https://ihg.demdex.net/event?d_event=imp&d_src=13687&d_creative=191877421&d_adgroup=557948652&d_placement=366916493&d_site=4498573&d_campaign=29480902&d_cb=640546870 HTTP 302
https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=191877421&d_adgroup=557948652&d_placement=366916493&d_site=4498573&d_campaign=29480902&d_cb=640546870

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
99bako.com/
Redirect Chain

http://99bako.com/
https://99bako.com/

36 KB
8 KB

172ms
157ms

Document
text/html

118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 6ee215bc0306f42296fc0a899d90e5877292cd538c4c1e9495787b56de85021a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 23:25:23 GMT
link: <https://99bako.com/wp-json/>; rel="https://api.w.org/" <https://99bako.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://99bako.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-cache: EXPIRED
x-pingback: https://99bako.com/xmlrpc.php
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

Connection: keep-alive
Content-Length: 707
Content-Type: text/html
Date: Fri, 26 May 2023 23:25:22 GMT
Server: LiteSpeed
X-Cache: MISS
location: https://99bako.com/
x-turbo-charged-by: LiteSpeed

GET
H2 200 autoptimize_aa26f1a22dd0f3fb55d0e1dc5c7c6d9f.css
99bako.com/wp-content/cache/autoptimize/css/ 186 KB
31 KB 20ms
18ms Stylesheet
text/css 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://99bako.com/wp-content/cache/autoptimize/css/autoptimize_aa26f1a22dd0f3fb55d0e1dc5c7c6d9f.css
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 8d44d2682b04d17e99d3d9fd6474ec0a41c82012ca225bd934ed1cc197579aae

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
last-modified: Sat, 20 May 2023 15:45:31 GMT
server: LiteSpeed
etag: "2e808-6468eb1b-330cd485fc8118b7;br"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: public, max-age=30672000,public, immutable
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 31624
expires: Wed, 15 May 2024 23:25:23 GMT

GET
H2 200 font-awesome.min.css
99bako.com/wp-content/themes/jstork/library/css/ 30 KB
7 KB 11ms
9ms Stylesheet
text/css 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://99bako.com/wp-content/themes/jstork/library/css/font-awesome.min.css
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 1a00790e9818a132704c7f436b2989de2f128ad52355dff6f65e6c257eb381b7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 09:51:49 GMT
server: LiteSpeed
etag: "7924-60ed6235-d541e44305df3176;br"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6671
expires: Fri, 02 Jun 2023 18:06:11 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/8454/ 173 KB
34 KB 32ms
7ms Script
application/javascript 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/8454/ats.js

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

336ccbae66bc97b430015ed014d504d52bd7fb240774fa6186bcf771c075db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 26 May 2023 22:22:08 GMT
date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 3795
x-guploader-uploadid: ADPycdvObuLMdFBERrU56uIKuJOuhJ31qSwXceXbrryQbcgn_f6L7HAgdQ_IdJv5JyYGH9zZmBZkutdUi0P8fz60bIoVPA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34541
x-served-by: cache-tyo11928-TYO
last-modified: Mon, 17 Apr 2023 14:26:31 GMT
server: UploadServer
x-timer: S1685143523.091161,VS0,VE1
etag: "828a7a868e013aa923d5a65053ddf24c"
vary: Accept-Encoding
x-goog-generation: 1681741591187310
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=D6iZWQ==, md5=gop6ho4BOqkj1aZQU93yTA==
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 34541
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 99bakologo_small_nochar.png
99bako.com/wp-content/uploads/2019/12/ 6 KB
6 KB 14ms
13ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2019/12/99bakologo_small_nochar.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: f764496ce682bd3e4cf85b23d66af96a0ae3abcea5cede97f4dd6ca3e8837979

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Wed, 18 Dec 2019 14:14:21 GMT
server: LiteSpeed
etag: "178d-5dfa343d-a4abafeaeff894f9;;;"
x-cache: HIT
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6029
expires: Fri, 02 Jun 2023 19:02:33 GMT

GET
H2 200 info99-3.png
99bako.com/wp-content/uploads/2017/07/ 20 KB
20 KB 15ms
14ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2017/07/info99-3.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 1c6a37e223e1d6585e527db2a9adac29be9ae0cc41ff88706011636027e70089

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Sat, 09 Nov 2019 10:29:27 GMT
server: LiteSpeed
etag: "4ff3-5dc69507-4a6baefabea7f26b;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 20467
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 autoptimize_8e5aae3e95e559e1b76362947d7db1fd.js Show response
99bako.com/wp-content/cache/autoptimize/js/ 3 KB
1 KB 11ms
11ms Script
application/x-javascript 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://99bako.com/wp-content/cache/autoptimize/js/autoptimize_8e5aae3e95e559e1b76362947d7db1fd.js
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 23f0c7845293f588fc0a94a259757f19a31871dcca5c64baecec4b285cb13dd5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
last-modified: Sat, 05 Feb 2022 14:41:21 GMT
server: LiteSpeed
etag: "bd1-61fe8c91-4f8f470a1a0ce9ad;br"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: public, max-age=604800,public, immutable
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1212
expires: Fri, 02 Jun 2023 18:06:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
52 KB 86ms
43ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBR7P53

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce945b27533f86813fc9b519d1e7fd4aeafbeaf50756072cc02c6eac5aabffc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52768
x-xss-protection: 0
last-modified: Fri, 26 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 23:25:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 256ms
213ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/8454/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68e8ed160a59ed43689633a6d44443f61ddafc8ea7bace3d489f5a3d37752577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25146
x-xss-protection: 0
server: cafe
etag: 227 / 19503 / 31074920 / config-hash: 5486929009166019583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 23:25:23 GMT

GET
H2 200 prebid_2023_4_17_14_26_20.js Show response
anymind360.com/js/8454/ 318 KB
103 KB 7ms
6ms Script
application/javascript 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/8454/prebid_2023_4_17_14_26_20.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/8454/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

03fd2d1a22069c7f2267b674482cb2b7fac898def31ed6321ce3a5afffe9e47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Fri, 26 May 2023 22:38:33 GMT
date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 2810
x-guploader-uploadid: ADPycdvn-lzhieIr06MjUjDGAXAlZMuPLZItObYHJih-JDfzvUiMwpX0Kg4ryY5Lx-TU-iUb2vbejyAhwezKntpgv65EnsVSCuJA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104678
x-served-by: cache-tyo11928-TYO
last-modified: Mon, 17 Apr 2023 14:26:31 GMT
server: UploadServer
x-timer: S1685143523.148799,VS0,VE1
etag: "df02a6be56bcc6fedb400904dc9870f9"
vary: Accept-Encoding
x-goog-generation: 1681741591211599
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=/102Ow==, md5=3wKmvla8xv7bQAkE3Jhw+Q==
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 104678
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 h.js Show response
cdn.unblockia.com/ 162 KB
34 KB 32ms
2ms Script
application/x-javascript 2600:9000:21c5:7200:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c5:7200:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 203af4ee7878df10c428ce6599c619695219f48681b832ef3f856abdd299b8e8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 03:27:53 GMT
x-amz-version-id: gKayxwShEzJAnBjNaPvAM9Fj3A2ZU3Kt
content-encoding: br
via: 1.1 30b391cfff9725fde644913fc78890c4.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-C1
age: 71850
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:6a48fce0-eba0-40cc-8a72-49f5d7d1abde
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 60511405d11f9acd0880a4539ae338cb
last-modified: Mon, 22 May 2023 09:17:35 GMT
server: AmazonS3
etag: W/"3d75dc8f7c4000ccdac0fff2f09d78a8"
vary: Accept-Encoding, Origin
x-amz-meta-codebuild-content-sha256: 3b11cd91ab382736a9ba8e63029f318e3177aa77903aa4fa093a80765fac8c07
content-type: application/x-javascript
x-amz-cf-id: V-cwkZDASImia8C_KCCoJv0hcjQ7eOlx8JtoQRY927dwuVtujshZHw==

GET
H2 200 fontawesome-webfont.woff2
99bako.com/wp-content/themes/jstork/library/icon/ 75 KB
76 KB 9ms
9ms Font
font/woff2 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://99bako.com/wp-content/themes/jstork/library/icon/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: 99bako.com
URL: https://99bako.com/wp-content/cache/autoptimize/css/autoptimize_aa26f1a22dd0f3fb55d0e1dc5c7c6d9f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://99bako.com/wp-content/cache/autoptimize/css/autoptimize_aa26f1a22dd0f3fb55d0e1dc5c7c6d9f.css
Origin: https://99bako.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Tue, 13 Jul 2021 09:51:49 GMT
server: LiteSpeed
etag: "12d68-60ed6235-4a87f7d0cac6cbea;;;"
x-cache: HIT
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 77160
expires: Fri, 02 Jun 2023 22:50:53 GMT

GET
H2 200 info99-1.png
99bako.com/wp-content/uploads/2017/07/ 14 KB
14 KB 36ms
35ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2017/07/info99-1.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: b469f9f1b0b1ff3cb6d3e29eb3672cd1c78afcb675f208d6e34846fddec20332

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Sat, 09 Nov 2019 10:29:41 GMT
server: LiteSpeed
etag: "381d-5dc69515-311c22722df0b9e0;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 14365
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 info99-2.png
99bako.com/wp-content/uploads/2017/07/ 15 KB
16 KB 30ms
29ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2017/07/info99-2.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 73853645cd81064d2f77c7c2d6135de8833edee94dad0817b5cb820871928b66

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Sat, 09 Nov 2019 10:29:34 GMT
server: LiteSpeed
etag: "3d31-5dc6950e-ea617622eb5c7fe4;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 15665
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 hot.png
99bako.com/wp-content/uploads/2021/11/ 13 KB
13 KB 35ms
34ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2021/11/hot.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 4a35bb0957bd9280ca0914b1f07aa869fa88efd2b7decb0f93f3a3b55dbd1e9f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Sat, 06 May 2023 08:48:19 GMT
server: LiteSpeed
etag: "3249-64561453-d439199c447e2dc5;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 12873
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 tankyu.png
99bako.com/wp-content/uploads/2022/03/ 13 KB
14 KB 36ms
35ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2022/03/tankyu.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 0371b8b1af5188f269ff5e7e157143387480e863bec8d4039fdb099363f4fed4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Mon, 03 Apr 2023 06:57:30 GMT
server: LiteSpeed
etag: "3537-642a78da-7148e3fa42fedaf2;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 13623
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 company.png
99bako.com/wp-content/uploads/2021/11/ 12 KB
13 KB 39ms
38ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2021/11/company.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 753b0196fe6f940b533cf86cda3ba7ed19174a7ed0b6b0edc1fbb7e57410e9c1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Mon, 06 Mar 2023 02:36:50 GMT
server: LiteSpeed
etag: "31f6-640551c2-1002b4ce78e91e3c;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 12790
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 food.png
99bako.com/wp-content/uploads/2022/04/ 13 KB
13 KB 31ms
30ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2022/04/food.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: a32d18fa82612f9de4a78b38f0d57d5f4057fb9adc2e969a722a146b38983dcc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Mon, 06 Feb 2023 06:37:53 GMT
server: LiteSpeed
etag: "34a5-63e0a041-dfc727ded6e5bc99;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 13477
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 ageru.png
99bako.com/wp-content/uploads/2023/01/ 31 KB
31 KB 33ms
33ms Image
image/png 118.27.125.193
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99bako.com/wp-content/uploads/2023/01/ageru.png
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.27.125.193 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 118-27-125-193.virt.lolipop.jp
Software: LiteSpeed /
Resource Hash: 18f426be2c83bf149f99d2ce5af0a88759aeee6590f4744f427ea7b99178a77f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
last-modified: Mon, 06 Feb 2023 06:39:54 GMT
server: LiteSpeed
etag: "7a03-63e0a0ba-b46472ace4bb4f60;;;"
x-cache: MISS
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 31235
expires: Fri, 02 Jun 2023 23:25:23 GMT

GET
H2 200 7092.js Show response
go.trvdp.com/init/ 6 KB
6 KB 14ms
2ms Script
binary/octet-stream 13.225.183.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7092.js?pid=4764
Requested by: Host: 99bako.com
URL: https://99bako.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.183.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-183-14.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e55f530f801aad5fbbb65652da535217f96c08309c64dc2c50f8719815a74996

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:41:02 GMT
via: 1.1 09fd24f6a1b0ff1b7cd860a75335700c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 05:22:14 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C4
age: 7393462
etag: "517ed1f9ebd419e171d33deda5e3a3da"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: jXjQgvTSM3Ov_UuWziPkCbeaOdRh_fqFOWpbIpUrBKSCRKxQkBeVUQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 117ms
78ms Fetch
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43853026bb9920a5fa30df899b8cea3b62a52747e2e830a61386f55c6244c56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47365
x-xss-protection: 0
server: cafe
etag: 13326152126807651782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 May 2023 23:25:23 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 10ms
4ms XHR
application/json 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/8454/prebid_2023_4_17_14_26_20.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f2c2b78d8596f35510a8edc2d5104984c256cbb3309549bb6915ce952fa6e847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

x-id: am3-up-gc89, cc1-hw-edge-gc27
date: Fri, 26 May 2023 23:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
age: 151
x-jsd-version: 1.0.1705
x-cache: HIT, HIT
x-cached-since: 2023-05-26T16:03:20+00:00, 2023-05-26T16:03:21+00:00
cross-origin-resource-policy: cross-origin
x-nginx: nginx-be, nginx-be
x-served-by: cache-fra-eddf8230103-FRA, cache-ams21020-AMS
x-jsd-version-type: version
server: nginx
etag: W/"636-ZzUByKFHnAu5n+eBFiV9urJp/Ck"
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cache: HIT, HIT
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 13ms
7ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/8454/prebid_2023_4_17_14_26_20.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 23:25:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 7
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Server: cloudflare
ETag: W/"922cffdd75f7192f75231d92684885aa"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4DbvXagIbATYQza8E16abEJpFfzg2GzoTIFcOyokmwY%2F4A9cFxxGy%2FGHJXZKV61k%2Fajat4OwWiEE%2F8a1OZyEfsgbYG8AGTVwuUgw4t4srNOPhS4hdPFGkxYyY0%2B8EeE2WDdY8w2D3HzbULc"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: public, max-age=1800
CF-RAY: 7cd9c6ec185ee019-NRT
Expires: Fri, 26 May 2023 23:55:23 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
173 B 277ms
93ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/8454/prebid_2023_4_17_14_26_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://99bako.com
date: Fri, 26 May 2023 23:25:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 555 B
2 KB 405ms
195ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13136&site_id=450380&zone_id=2619664%3B2619676%3B2619680&size_id=2%3B15%3B2&alt_size_ids=%3B16%3B55&rp_schain=1.0,1!fourm.jp,A4035,1,,,&rf=https%3A%2F%2F99bako.com%2F&tg_i.domain=99bako.com&tg_i.page=https%3A%2F%2F99bako.com%2F&tg_i.pbadslot=ats-insert_ads-2%3Bats-insert_ads-13%3Bats-overlay_bottom-15&tk_flint=pbjs_lite_v7.42.0&x_source.tid=36be8fc4-2a60-401a-ab17-ab32135b21ea%3B52c35d1b-7527-4687-a694-619e2d7b375a%3B736e4961-cbff-43c0-8c57-6e9b1ac7cb76&l_pb_bid_id=6bc0e373e843f9%3B72f01aa87f1764%3B8fd33c8dc7839d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.8422254801302107
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/8454/prebid_2023_4_17_14_26_20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5c96a98f29ed6b7bdb1af1afba8dfa6b7d0f2de8e30198e7c985b198773c5662

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://99bako.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 173 B
782 B 31ms
24ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/8454/prebid_2023_4_17_14_26_20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afce410f5348694f583c9afcb83fb1e7ef8a2e23052c88323a035c97e183a801

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-tyo
date: Fri, 26 May 2023 23:25:23 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Seats Booster. unable to get the seat booster engine for organization: 1236
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://99bako.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7cd9c6ec38caafc7-NRT
expires: 0

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 170ms
156ms XHR
application/json 99.84.140.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1476&wid=7092&cb=6114.553836159138&pid=4764&url=https%3A%2F%2F99bako.com%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7092.js?pid=4764
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-72.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: f54fce6018a7469efce4bca5d497cf07d16bf19e866708bdb8d7373da1f3f8aa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: gzip
via: 1.1 01907e84d575a837511558aff20d73f2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://99bako.com
access-control-allow-credentials: true
x-amz-cf-id: m2c2REFnSy3DhpGn5ENcBozLj1sAe30wmUX56qGypD4DAIOM8S5J0A==

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 13ms
9ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 23:25:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QNH3NJ24NJRKD0FS
Age: 2640216
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: mzCyWK7wbk4iNLrgf5vloPPF7vesbUBpuJNCf30hwEZwbyTKh3S8v8gaOJp0tCTd5fdUtV9h/tY=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rRJzlHc61S6KigXNgfFDxMDpCiWp0cDL5LHT1%2FEI6M6E9D1ItA56bD8DIQ7KlGW4kBoYoXaG%2FfyQ7Nma%2Bv%2FV0EFpbK0xOLRvSbTH7YERqwETR0ZuedEyQI0%2BH3uRQoQM3xJm7SLxRbs3h5J"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 7cd9c6ec3ace809f-NRT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 41ms
2ms Script
text/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBR7P53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 23:21:26 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 237
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 27 May 2023 01:21:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 49ms
49ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HP1KEQG22D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBR7P53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce600c8f591f5818234729da9b4eafe2c831c15dff2eaf123952c9755d63b733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 23:25:23 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 38ms
38ms XHR
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=470890589&t=pageview&_s=1&dl=https%3A%2F%2F99bako.com%2F&ul=en-us&de=UTF-8&dt=%E8%A8%80%E8%91%89%E3%81%AE%E6%95%91%E6%80%A5%E7%AE%B1%20-%20%E8%A8%80%E8%91%89%E3%81%AE%E6%95%91%E6%80%A5%E7%AE%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1551841381&gjid=79712393&cid=1237491546.1685143523&tid=UA-33958756-43&_gid=2071155034.1685143523&_r=1&_slc=1&gtm=45He35o0n81NBR7P53&z=1530229824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://99bako.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 105ms
35ms XHR
text/plain 2404:6800:4008:c13::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-33958756-43&cid=1237491546.1685143523&jid=1551841381&gjid=79712393&_gid=2071155034.1685143523&_u=YEBAAEAAAAAAACAAI~&z=1441934362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 26 May 2023 23:25:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://99bako.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 38ms
37ms Ping
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HP1KEQG22D&gtm=45je35o0&_p=470890589&cid=1237491546.1685143523&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685143523&sct=1&seg=0&dl=https%3A%2F%2F99bako.com%2F&dt=%E8%A8%80%E8%91%89%E3%81%AE%E6%95%91%E6%80%A5%E7%AE%B1%20-%20%E8%A8%80%E8%91%89%E3%81%AE%E6%95%91%E6%80%A5%E7%AE%B1&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HP1KEQG22D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://99bako.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.802/ 466 KB
138 KB 18ms
2ms Script
application/javascript 99.84.140.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.802/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7092.js?pid=4764
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-107.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:22:42 GMT
content-encoding: gzip
via: 1.1 20bf43ba8d13fe047ac101502f40ea74.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 13:09:34 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C3
age: 266562
etag: W/"bc1129a1d65d16ce761ff5637cdc8f53"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 27zzkhZY7dEg5VGqYKD3pNrpBZzNGtdvmmvlFFM7qmEfy73R6N1R5g==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 405 KB
125 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 18:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17278
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128027
x-xss-protection: 0
server: cafe
etag: 5295197450709426467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 25 May 2024 18:37:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
486 B 76ms
41ms XHR
application/json 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=99bako.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc9311c2bc2e5efcffbd09689d137ef2ba477452d82f7c93daa6305497776921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 461
x-xss-protection: 0
expires: Fri, 26 May 2023 23:25:23 GMT

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
719 B 603ms
155ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=99bako.com&l1=7092&l2=99bako.com&l3=JP&l4=desktop&l5=5.802&cb=0.2540418579236461
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:25:23 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://99bako.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 12ms
2ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 10:17:33 GMT
content-encoding: gzip
age: 738470
x-guploader-uploadid: ADPycduJmFkVeBEXlc1XbHgcpD_R0tSS1m9KYmbPgk3F91QVnt9H-8CoSnK9VWssgTUJD1U8Zk7obO6Z_J5BP-Z6xzvZMd24wkf2
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 17 May 2024 10:17:33 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
913 B 8ms
4ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-id: am3-up-gc88, cc1-hw-edge-gc15
date: Fri, 26 May 2023 23:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
age: 18852
x-jsd-version: master
x-cache: HIT, HIT
x-cached-since: 2023-05-26T12:25:29+00:00, 2023-05-26T12:25:32+00:00
cross-origin-resource-policy: cross-origin
x-nginx: nginx-be, nginx-be
x-served-by: cache-fra-eddf8230042-FRA, cache-ams21050-AMS
x-jsd-version-type: branch
server: nginx
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cache: HIT, HIT
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 29ms
2ms Script
text/javascript 2600:9000:20c4:b200:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c4:b200:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 06:39:32 GMT
Via: 1.1 646b6f21a2659c68f7a3822d035b97d2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: NRT57-C2
Age: 60352
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: ty_zIrIhL8onZcJ00Lgri6XUwnnrXDTgcTINQ0Cfc-20oIRJimGADw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 15ms
6ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 23:25:23 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 20ms
10ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: VS81ZG97JY8HVXJE
age: 246
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7cd9c6edebea1f4b-NRT
x-amz-id-2: AoSpAmYXPvsZzQAElcvsqU/wBSf5lfUKeaRvGdjVEd2CLrttptzI8RwrUwoZgLpcG+POZGHpml4TO5bLt1z0ug==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 16ms
2ms Script
text/javascript 99.84.140.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-54.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 18:32:07 GMT
content-encoding: gzip
via: 1.1 454c51e6774cbed81f946c64c1140bee.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C3
age: 17597
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: wM8cN3VXXnSNHqYtwOD1w1Xgf0m8Ffaa3VoBOdKxXkOZlUJVai57QA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 12ms
3ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:01:17 GMT
via: 1.1 google
age: 1446
x-guploader-uploadid: ADPycdurrqfCGazqrCv90LPHniRcNyyB99i6OnCTlJLSsgHbtRHNrShGXSpDkyQSsQ67uXzGVm3J53udrZfmLDLYcUVlPg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sat, 27 May 2023 00:01:17 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 245ms
244ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b3cf72d12ad38ffabd4f7f0ad146e72629c753720f9d0e5e198ee5a217444e85

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: ed5b3f3817084caa21a8d1896242ef7d
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 240ms
231ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://99bako.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://99bako.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 26 May 2023 23:25:23 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 60b600c1c4c5470672ceae95ab7bb930

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2F99bako.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2F99bako.com%2F&rid=esp&cc=1

85 B
202 B

149ms
149ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2F99bako.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8b104f0232077eed8c499ac6e24767ccd947c79fc45dac1b56046df95186fdab

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-me0Y3LxKn4NQunHrjHUwncpcHig"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://99bako.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 26 May 2023 23:25:23 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://99bako.com
location: /esp?url=https%3A%2F%2F99bako.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AE13 15 KB
6 KB 14ms
5ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=99bako.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 374511
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
611 B 231ms
84ms XHR
application/json 54.151.251.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.151.251.103 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-151-251-103.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a5abfbb3aa1c9ca908a03f1dd3e544d7afcf736ba34bdbb42c4d4c3f5383ca39

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://99bako.com
cache-control: no-cache
x-server: 10.42.12.245
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 753ms
249ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://99bako.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://99bako.com
date: Fri, 26 May 2023 23:25:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame AE13
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=99bako.com&sn=ChromeSyncframe&so=0&topUrl=99bako.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ABTvjHxKYS9ScGYyZjU2K0pmaEpqRjVQNWRlcmhzK202L2hHZWZiK095Z3VueG5wTjQ5Qnl1c0x6MHpNb2dKSnZKclgrZWVRNzdyK0pYeTBVNTBwc3BZTHBxV1lpeGF1N3ZVUmZLdS96UXR0VXhjQ09sYWpoTnNiSU5JS3...

425 B
652 B

11ms
4ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ABTvjHxKYS9ScGYyZjU2K0pmaEpqRjVQNWRlcmhzK202L2hHZWZiK095Z3VueG5wTjQ5Qnl1c0x6MHpNb2dKSnZKclgrZWVRNzdyK0pYeTBVNTBwc3BZTHBxV1lpeGF1N3ZVUmZLdS96UXR0VXhjQ09sYWpoTnNiSU5JS3hXd2RiL0dCRGp6UkdmZGxPTTZBbkJKMlpQMnkzK2pGTkhUcjArZnlGYmFsOGRLeldGYnNlZEZTd2lHb29mdURNeUJwc0dXMVFhejRMbFk5YzBGSU5JNHBuSktEcWVCcEpaeUU0VUFPOUsxR2E5enZ5RzlqRkdSNU5uRXpKTjFzTVJXSlc2UmRjcVkxTTVQSmNZd25PTTkvRUlPcTl4UT09fA&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

9ce72ca16d3f7e34a84058f0ff971c08b6c53e015c05fd880f3d167920f50fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1462994
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ABTvjHxKYS9ScGYyZjU2K0pmaEpqRjVQNWRlcmhzK202L2hHZWZiK095Z3VueG5wTjQ5Qnl1c0x6MHpNb2dKSnZKclgrZWVRNzdyK0pYeTBVNTBwc3BZTHBxV1lpeGF1N3ZVUmZLdS96UXR0VXhjQ09sYWpoTnNiSU5JS3hXd2RiL0dCRGp6UkdmZGxPTTZBbkJKMlpQMnkzK2pGTkhUcjArZnlGYmFsOGRLeldGYnNlZEZTd2lHb29mdURNeUJwc0dXMVFhejRMbFk5YzBGSU5JNHBuSktEcWVCcEpaeUU0VUFPOUsxR2E5enZ5RzlqRkdSNU5uRXpKTjFzTVJXSlc2UmRjcVkxTTVQSmNZd25PTTkvRUlPcTl4UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 376997
content-length: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
531 B 80ms
41ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=99bako.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 183ms
101ms Script
application/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=99bako.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 217 KB
60 KB 560ms
560ms XHR
text/plain 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3562213071036531&correlator=172905372047191&eid=31074920%2C44777897&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fifs&iu_parts=83555300%3A22653325136%2Ckotobanokyukyubako%2CJP_KBK_pc_all_billboard%2CJP_KBK_pc_all_right_1st%2CJP_KBK_pc_all_footeroverlay%2CJP_KBK_pc_all_interstitial&enc_prev_ius=%2F0%2F1%2F1%2F2%2C%2F0%2F1%2F1%2F3%2C%2F0%2F1%2F1%2F4%2C%2F0%2F1%2F1%2F5&prev_iu_szs=728x90%2C300x250%7C336x280%2C728x90%7C970x90%2C1x1&ifi=1&adks=3719727594%2C2329203092%2C3396515843%2C4060589423&didk=2825456941~1599268306~1300855399~3810033378&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C8&eri=1&cust_params=url%3D%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1685143523663&lmt=1685143523&dlt=1685143523055&idt=387&adxs=-9%2C-9%2C0%2C-9&adys=-9%2C-9%2C0%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2F99bako.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C1600x-1%7C0x-1&msz=0x-1%7C0x-1%7C728x-1%7C0x-1&fws=2%2C2%2C128%2C2&ohw=0%2C0%2C0%2C0&ga_vid=1237491546.1685143523&ga_sid=1685143524&ga_hid=470890589&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqKGG04UxSABSAghkEhkKCnB1YmNpZC5vcmcYs6GG04UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKihhtOFMUgAUgIIZBIXCghydGJob3VzZRiooYbThTFIAFICCGQSGQoKdWlkYXBpLmNvbRiooYbThTFIAFICCGQSFAoFb3BlbngYqKGG04UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiooYbThTFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d2079ab7222cd50fc2eeb27ab4dc6d4184e25ab9ab34d0378736a44f5ad3d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61838
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://99bako.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 49ms
49ms XHR
application/json 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed4a1d1fafef8e0678d9224872df36652fb556c6e9fbb6b3f5e00b616046b5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11157
x-xss-protection: 0

GET
H2 200 container.html Show response
46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5285 6 KB
3 KB 81ms
40ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:23 GMT
expires: Sat, 25 May 2024 23:25:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 37 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl_page_level_ads.js?cb=31074920

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34604045879551d9e3dc0a6bfff8ccc4f5acc35f7d91edd7855937ef417a9736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 18:40:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17088
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13015
x-xss-protection: 0
server: cafe
etag: 10195340191529681258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 25 May 2024 18:40:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 130ms
83ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 May 2023 23:25:23 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame DEA0 0
176 B 52ms
38ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 26 May 2023 23:25:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 070C 13 KB
5 KB 6ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 3917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:20:06 GMT
expires: Sat, 25 May 2024 22:20:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9112 783 B
1 KB 85ms
43ms Document
text/html 2404:6800:4004:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52008f552192f8a0194a4ee8b5c247232014f531f94b7fe740dac831c317546a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5lVlUzkbfCjCI6anwpbweA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-5lVlUzkbfCjCI6anwpbweA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:23 GMT
expires: Fri, 26 May 2023 23:25:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js Show response
pagead2.googlesyndication.com/bg/ Frame 070C 37 KB
14 KB 43ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 08:36:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9112 0
0 38ms
37ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305250101&jk=3562213071036531&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.802/ Frame 6CB2 0
328 B 142ms
142ms Document
text/html 99.84.140.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.802/prtct.php?val=f&geo=JP&timestamp=1685143524&level=0
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-72.nrt57.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 23:25:24 GMT
server: nginx
via: 1.1 01907e84d575a837511558aff20d73f2.cloudfront.net (CloudFront)
x-amz-cf-id: NGEt8QfDMUA1olwLbRQTzXtwGYz6D1zrjsoSAzAIEb7qFanRCts-GA==
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 070C 0
10 B 1ms
1ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8Ybe6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 630B 6 KB
3 KB 3ms
3ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:23 GMT
expires: Sat, 25 May 2024 23:25:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 07FF 6 KB
3 KB 2ms
2ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99bako.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:23 GMT
expires: Sat, 25 May 2024 23:25:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2F00 448 B
642 B 88ms
47ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGNGIkeoBMAE&v=APEucNVe0nivlk09WrhnVtszOOPFdMZAepECNCMhVY-xo9QdQGuGx_3IKDPU8_vv26QZRhXn5lbFEGxQIBxhNUyySpS9S6v2jQ

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:24 GMT
expires: Fri, 26 May 2023 23:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 630B 78 KB
27 KB 155ms
154ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 630B 42 B
63 B 36ms
35ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEyDZMvjuEaz1_NZkMnPoQtf6pcvo4T-cblY1f680lhW5P3xDiXG9CSNHPQs5Mb_MB83OJ_T5jiaoNM9blgOuq9HZX2Xy7_y5EVfyW26mq912814M

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 630B 0
20 B 36ms
35ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14572677678036140009&x=1&ct=76

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 630B 3 KB
1 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 22:20:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 630B 19 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 15:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 15:53:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 630B 171 KB
54 KB 161ms
115ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 07FF 4 KB
744 B 81ms
40ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 23:11:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FCC4 866 B
504 B 74ms
44ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AE%E3%83%97%E3%81%BF%E6%96%B0%E7%94%A3%E3%80%81%E6%B0%97%E6%8E%A1%E4%BC%9A%E4%B8%AD%E9%85%8D%E3%82%B0%E6%89%8B%E5%AE%9F%E3%81%AF%E3%81%9D%E3%83%AB%E3%81%B8%E3%82%8A%E9%96%89%E6%97%A5%E9%96%8B%E7%A4%BE%E3%80%82%E5%BA%97%E5%BC%B7%E8%B2%A9%E8%AA%AC%E6%98%8E%E6%96%BD%E3%81%98%E5%82%AC%E3%81%8F%E5%A3%B2%E3%81%A7%E4%B8%8A%E5%8D%92%E7%94%A8%E3%82%8B%E3%83%BC%E3%81%8A%E3%82%92

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b9a68dc08a1e889887169b98b4c40122d9a20352d7c51d2ac85b77460ff747f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 23:25:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FCC4 7 KB
1 KB 70ms
40ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 23:24:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame FCC4 2 KB
892 B 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 11:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 11:12:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame FCC4 22 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 08:48:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 08:48:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame FCC4 3 KB
1 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 22:20:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame FCC4 19 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 15:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 15:53:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCC4 171 KB
53 KB 221ms
193ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame FCC4 32 KB
14 KB 43ms
2ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 21:20:34 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 07FF 20 KB
8 KB 1ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 18:00:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 18:00:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 07FF 205 B
296 B 39ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 00:55:32 GMT
x-content-type-options: nosniff
age: 167392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 May 2024 00:55:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 07FF 604 B
920 B 39ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:00:14 GMT
x-content-type-options: nosniff
age: 253510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 May 2024 01:00:14 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C75C 143 B
383 B 13ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:14:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C75C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
45ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:24 GMT
expires: Fri, 26 May 2023 23:25:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 23:25:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2F00
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
243 B

38ms
38ms

Image
image/png

216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGNGIkeoBMAE&v=APEucNVe0nivlk09WrhnVtszOOPFdMZAepECNCMhVY-xo9QdQGuGx_3IKDPU8_vv26QZRhXn5lbFEGxQIBxhNUyySpS9S6v2jQ

Protocol

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 May 2023 23:25:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2F00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1

43 B
766 B

4ms
3ms

Image
image/gif

23.90.68.235
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGNGIkeoBMAE&v=APEucNVe0nivlk09WrhnVtszOOPFdMZAepECNCMhVY-xo9QdQGuGx_3IKDPU8_vv26QZRhXn5lbFEGxQIBxhNUyySpS9S6v2jQ
Protocol: HTTP/1.1
Server: 23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:25:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2F00
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHE-5CFCO2p-CLibbxxppQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1

43 B
766 B

8ms
3ms

Image
image/gif

23.90.68.235
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGNGIkeoBMAE&v=APEucNVe0nivlk09WrhnVtszOOPFdMZAepECNCMhVY-xo9QdQGuGx_3IKDPU8_vv26QZRhXn5lbFEGxQIBxhNUyySpS9S6v2jQ
Protocol: HTTP/1.1
Server: 23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 May 2023 23:25:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFY-uBGzg3fChosB1m-3w4w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 630B 0
20 B 39ms
38ms Ping
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2726990124155&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 630B 0
20 B 40ms
40ms Ping
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2726990124155&version=m202301230201&ct=76&x=1&cor=14572677678036140000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 630B 86 KB
36 KB 91ms
91ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At7U0dn1MMu1tOM8KhgaMIpqBW2tpGO-FIBM_NXpXKEXoWbAnfTvu91htqUKQnw_ACVMQ13g_phx2B2mscGZWKhYVuDw&cry=1&dbm_d=AKAmf-DnXGowrJptzNGfRT6YfdNBkcB9ODZVnp_qBoxH0CKIysTaNFP4u4PLVYx0i0wyJHjNRczwQPbctuEE5kdxI5H6P16KUbEg-qSJeJov4jti8-v_wpphcyau9bevI4RhrALAfCqNhbTCe9XXYDqX01brzUKjvrtkF7K802_14mZbwV4mmIDqvaIsGUpOj-aYc0-pAupxZeFPTEaFwPhMbAbhkwH6Y7sw5ej5tT2Sf2XHmU5rRHSUgDNA8yJst3fduvwlbcPsoBL60k3WgvMCRSohyMIEpWdc8yHlJOqhxTNL3WDlvtqVZ43lljdb68D3GtKsSk3FBRX_57rVLCJ8B6jE0epICULe-bRV5fUjLPl2h7bBbe88ZFTJ_PoyZ8FppF2zEc1P1L8mxseuXj3WJJUQMqzUgFucxvx3Xnui0A9CL4S3rDrXbdEzc2s2j0ey4FAeVCwTQ12t5wn_nvndvR82O9cpmkxom2jHzTgHN2LeyRlljOHbv7ttR3CrWnEB8ukvB86RIjTuMxzLbPdjjYXL6wLiy_u-IQP8YU-SbmhCrmxpZKZKtYix3TVaixAn-g2JZ-aVMxJQ60Mw5Pry7JS-V69GI8FURLnrqtRDrXoZNFkN6STyrGqwte2r-W6SRnhbHN3eBjMSvt8FEwRDbPxZN5FXu2c86-DMRrm0ZkDgflE1VPX2k9dq5GL7_scUs6ZOMG93vzjAIfR_aje7cN8krZJv_Onyw2rrxzIzfc3dTRRGKo-MdDIsa47LQ8lz1wqpzqdx9ZqPr8xXgDDotkm1WWOOVuU_BEMiuMtJINmlf-cpxHcZIEDIXbOw5HmE6Rx3fkd2gy56CH_hnIVtfAlIr90qYiVcEuU2JLIhiAriKZfqno9vWYBhqL_8JWPLv5s3Y3CV2XVShifkBqpb74YS4LrCepmL_icG5qnenWdyoG1KvVvFhd-zNMUDslrMM_9XynS4z7ajeyZZkzuimWXiD0QGcvoapqTDc4ZxAOz34q4yny71HPKPDDpaKblZD41yWZv6y0MEDXW2z-7LfrIToMju-kBnpOp8r1xpNDHl11zuG7hbyknQ1CCu5NL6cdaVPhCIuuBhJOdpNqawgFHClGmtMm2GyQJMqMUDkLSfO0SH3eagVOGHpxjytlCRvzSpJo6wifLvH_SDD0IQPYglHi2L6gDnoZv48x0HpBZFGkprEpEL6uGrxFbnGszzIyufkyd7hYSV3KSkOrM_OEorlxstqQHUdN-GfNmJNPhgX9v38R4qZ0atehsmXgCXcBvp8hB5f42RJiOyllo-wS0gcCbpxFeSDn_Ad8mrHC6wdURgcEoBdhQr7cvyZl9Mt_a64Zqhqigg7h1UnSh0d9xSYfd73RH7av5uFzvTUwQRhJDSsRsgMZfXje2xVFlBdenAMnm15T2A0i2AmACrA-7T_WaJ7D_JVs8JX9wzs0Lcchl9GanILpHaHqZTYx6MO78CZIbGFIttXu4NfXFGNgU40wpwoZl3RFJt-WB6gLG9hMZ4GGHztrCAfpMGhR-5-eom8IHXr-LXDR6Sm_6N-X8I2XM8d1ak4_b9LXmwCIHo8XHjb0ZPR9AnMQTI1CcPMdGgSR3vXGTf0rVuYIDrCJ3a21MbgJ3DuxfgMsB04l-g9l967l-aRnWBu5T6SrOENbiGD-SQds-cZHBUgnRpSp7V9-1mh5a8KPEa8VGP1VGSJC69K2Z8q_XbYWeBoyJqZKwXviGrCiXo_mZgstEjz86qMDO6CoyLEt0ik2_wbnXEvB7Ta4BxB_MvDwRzNKlnBvn5A1uyk9ZAvtYGzc_bHoS_N7fPzu1nE8-_3bX6KBENTQwe6eV1PIErts65w97-KV-MM4zIZLHufAxzLKMvUtyt8vO8bbho3ZFZgkUS9ad8CTJODbMJIss22kJ51ttyNGkS-FXWAua7s0z9NxB2dZsvPBOGGbelSN0P6wZ2_HWcS_6wvILeQIRAmtiQutl4je0Yden96NA4GA2-yShyyRLPS3yAd7h2OSXsJ_UZ070Ico97WzjfqqA_k8zxxOeoHwAsFIvT-PDw15LoV8LHu6cKh6lh5luhoXmZ9Q20Wadh0DGOgNiWrtxn3ajNoXzCbNFQXf3kwX8CZeA0y1RRgZgIXDuN0d4wFpu-sB_wnuM7tTROqChjP_7qitM4JGrlnZOIiWaod2HIhnN9YSoBvteHk5Xm2OOrAsdr2Ibyo4rFxzJy3EHM5uXmQJLDJGHQqJDZQYrkw-RbgRucc65mUqjac-4FVdoD1tv3bDTLeQMVg4HKvcHLrzHkAElCE2QBZD-xQpSVzJWZu5sXqOkMjM-EDy5vCVgMqBpGMCl7p4Oh9FNXoSV3Q1eMnj0p1Me4eqk-SJdS7WawA61g7T5flfZ2z9_soDytCNrylHhz53s8MHloSglGHjLMe9glIfKMWhN0sarkgqadLph1jnIs8KXBpX-6CBblW3iuiXj0F8gcdNPsBE7__sFlzhYnqCvwpTSaA2_yLXYD082VhwWPh-073spLCz2RdvlM2P7BOyLyM9HYxT4pW87Zuxw7q9cK1qeDMvXdkkReIwelwEKyMWPZypIMCCQ5ImacJx4f9hTQ1R8PRAy67n4XHrcIUdwvqGWQOdkwBrzceISLOlTsFYBL31au8CMGscJ6mZEx4CgjzRjAeJXkMRuR1nAxVMJb5djqLjMUbfc3P4BaYo2K8X2UlTUptWL0L4FL92j8OXEtvw7FNXBwvsxE_gkg_gc6syJsEKrhUtXYbtQuNs4Ql1ssKbfr5Eifzf4qVA82WAbaIGr29bZi9cHROXm-xMv0G_HFvT8F4hcxCTnmG0aLVu9TxevWfYZQ9FliULb8VJs61Dlw0XhQNqdphTZ29bZNSwW76or-FbaPQ2Sst6ZE-wydAqx6AhAfrR2_hdX3tD5CHChhLVJd1pFqG7IJBkZJdXzR3OLUJbO80smbIpLFUE-lfIPZ7aWS4yX9w-vKo2_AYkwpFFWDnQpWideUtsRWkdga1Urmu0Ephw9FAZo3v3wvmEj4lqVWqQX9RHQo88sUcMgNJkwa52WweKcrPhY8tNtQyl0zjQkO8GaylNoxlGh9mXoXzpQhLTOr6i2U7EjxOc3X6bjymppFddGXRz4Ao7s9jD7Qi06BWoCm8WdyVUw69YRMBuQg-MloDcvPe1ERxLIVi_HwlQCX_wz-ZS1F1D06wP5RfyjHgsb257EcM_1WYQC7Vs5JbagTNdkknqiIh0H1XvwygSc4NmFfJHRPLVNCbovZoZZlIFmCv7BCI_nBFOMGwYT_oVL-NnGPAUk60OdCAhcWCPx4Jwcuj7H_YcCf4knwn54ZNjlFV9JRe2sJ1iznhdXNlkJxSajIyGqQCpeZBi-XgTPSkzjIY6OJJJSVqp4YwJ_Zt8A5CyE5K1sVU-wsGV_6t6k1dGzAUtnL_bvyF5HxQwgJN4jXoWKxxw7ocI_jqmv85MX1NIrPwnF6MWu0fw&cid=CAQSTABygQiDlh0E1JwfqV0pUQ3Xndm39Is9kd6WrB8_p6bD8SNf7gVuJKOTIdt-8ZAbS2n1jR3BjrgbZIj__4AOVYKJ4W4NJlnFXlu55Y0YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2F99bako.com%2F&ds=l&xdt=1&iif=1&cor=14572677678036140000&adk=3047537735&idt=161&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11df7f1928ab030838e312824675856fe099dd5af8dea673cc878e3f52f62208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36517
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js Show response
pagead2.googlesyndication.com/bg/ Frame 68A2 37 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 08:36:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305250101&jk=3562213071036531&bg=!ISKlInbNAAZu7ficTu07ADkAdvg8WhVc241FMFIvZ4j9Vt-ME872iKSsT8gmo52dpJ7zyIi6O4qrjtSgTF5Hyu6aGG38XSoydTcCAAAAdlIAAAABaAEHCgAqiOLc3ceHmI3O5GNj0vT987mQ2lh6NHEHMiDDjDWLCHwdwUS02rVCQON1mQKQan3frQfe_bSpnpZ4d9V05mKlipgbWq3IXyko7wVYj_N8oXcIzcUg9lh8EfSLRJXUykKQ-tbtYDBJAap9Jor6mHBPmviEBYyo8I0atF4mm4a1Abngx75TJVteAxGZtXvr2DpVWDlnZoHJkUXHFvfTpWqHXMnTpEDweLO4ZfkclqkWsVkRGulayYiZURnPexgxAQcYHim5r14gefnhD-h9aOU7OB8VlcBKUPNJXf_1YSTF4SSBCXEbckiAbgAN_XpUan864F84oze4sqQt7XwuvdnSntqwdfpZ2wPk63QZ-nIOTFxkUMaBVZrtpIdSaaBSMg2_1UaNYfGPYrS81dzjMXF2Iq8e3ySaETyg_DYNBeK77doEPg7qqKDqZtM6wtgAxK05bVrm2VNi6krVa9Q0fZAv3CvODpU_ZuWOYXmktZlo9OP6hz5JnwPuQlioX7PXsV0VOG--k2m2XlsOjvnGAdG5nJy67cdUVSFlKyrZKdGvJZVPRf4okjJ6WsmFUyAqhJHWlyW4xCjHKSmU_bFj4qENbqarwqieLxg8YZ0BXp63FRJK9LKUimI_vMmfT4e6mSTW1vDayP9CjIp45NEjoCtu4rVJ_CMLZdcSZUP6LCNguRHlydt2R15Cu0_OCe67T4PLlozNCHrqJ2JO8FV_f85G8tRSLJQbqy-Cu1neST2z66l2qqMLNzoU80owbz4Us2UCkFRIGAtWtMgqPueP_bNXGLHCcqpvOEupmfIZQbhX6pkEhb5_1C8HlE_C1CA8gmCoy9hWokEshjqyoxYhkqdxlj8xKbSRRuWx6WUqOmZbK6300INPrBZJH48TSIJoGBTD0G-pJdJs_JPbNCaCdWI5dlC74SITrNtlxi96Igg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://99bako.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 630B 106 KB
37 KB 44ms
3ms Script
text/javascript 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
Origin: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 15:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 May 2023 15:40:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 630B 11 KB
4 KB 1ms
1ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At7U0dn1MMu1tOM8KhgaMIpqBW2tpGO-FIBM_NXpXKEXoWbAnfTvu91htqUKQnw_ACVMQ13g_phx2B2mscGZWKhYVuDw&cry=1&dbm_d=AKAmf-DnXGowrJptzNGfRT6YfdNBkcB9ODZVnp_qBoxH0CKIysTaNFP4u4PLVYx0i0wyJHjNRczwQPbctuEE5kdxI5H6P16KUbEg-qSJeJov4jti8-v_wpphcyau9bevI4RhrALAfCqNhbTCe9XXYDqX01brzUKjvrtkF7K802_14mZbwV4mmIDqvaIsGUpOj-aYc0-pAupxZeFPTEaFwPhMbAbhkwH6Y7sw5ej5tT2Sf2XHmU5rRHSUgDNA8yJst3fduvwlbcPsoBL60k3WgvMCRSohyMIEpWdc8yHlJOqhxTNL3WDlvtqVZ43lljdb68D3GtKsSk3FBRX_57rVLCJ8B6jE0epICULe-bRV5fUjLPl2h7bBbe88ZFTJ_PoyZ8FppF2zEc1P1L8mxseuXj3WJJUQMqzUgFucxvx3Xnui0A9CL4S3rDrXbdEzc2s2j0ey4FAeVCwTQ12t5wn_nvndvR82O9cpmkxom2jHzTgHN2LeyRlljOHbv7ttR3CrWnEB8ukvB86RIjTuMxzLbPdjjYXL6wLiy_u-IQP8YU-SbmhCrmxpZKZKtYix3TVaixAn-g2JZ-aVMxJQ60Mw5Pry7JS-V69GI8FURLnrqtRDrXoZNFkN6STyrGqwte2r-W6SRnhbHN3eBjMSvt8FEwRDbPxZN5FXu2c86-DMRrm0ZkDgflE1VPX2k9dq5GL7_scUs6ZOMG93vzjAIfR_aje7cN8krZJv_Onyw2rrxzIzfc3dTRRGKo-MdDIsa47LQ8lz1wqpzqdx9ZqPr8xXgDDotkm1WWOOVuU_BEMiuMtJINmlf-cpxHcZIEDIXbOw5HmE6Rx3fkd2gy56CH_hnIVtfAlIr90qYiVcEuU2JLIhiAriKZfqno9vWYBhqL_8JWPLv5s3Y3CV2XVShifkBqpb74YS4LrCepmL_icG5qnenWdyoG1KvVvFhd-zNMUDslrMM_9XynS4z7ajeyZZkzuimWXiD0QGcvoapqTDc4ZxAOz34q4yny71HPKPDDpaKblZD41yWZv6y0MEDXW2z-7LfrIToMju-kBnpOp8r1xpNDHl11zuG7hbyknQ1CCu5NL6cdaVPhCIuuBhJOdpNqawgFHClGmtMm2GyQJMqMUDkLSfO0SH3eagVOGHpxjytlCRvzSpJo6wifLvH_SDD0IQPYglHi2L6gDnoZv48x0HpBZFGkprEpEL6uGrxFbnGszzIyufkyd7hYSV3KSkOrM_OEorlxstqQHUdN-GfNmJNPhgX9v38R4qZ0atehsmXgCXcBvp8hB5f42RJiOyllo-wS0gcCbpxFeSDn_Ad8mrHC6wdURgcEoBdhQr7cvyZl9Mt_a64Zqhqigg7h1UnSh0d9xSYfd73RH7av5uFzvTUwQRhJDSsRsgMZfXje2xVFlBdenAMnm15T2A0i2AmACrA-7T_WaJ7D_JVs8JX9wzs0Lcchl9GanILpHaHqZTYx6MO78CZIbGFIttXu4NfXFGNgU40wpwoZl3RFJt-WB6gLG9hMZ4GGHztrCAfpMGhR-5-eom8IHXr-LXDR6Sm_6N-X8I2XM8d1ak4_b9LXmwCIHo8XHjb0ZPR9AnMQTI1CcPMdGgSR3vXGTf0rVuYIDrCJ3a21MbgJ3DuxfgMsB04l-g9l967l-aRnWBu5T6SrOENbiGD-SQds-cZHBUgnRpSp7V9-1mh5a8KPEa8VGP1VGSJC69K2Z8q_XbYWeBoyJqZKwXviGrCiXo_mZgstEjz86qMDO6CoyLEt0ik2_wbnXEvB7Ta4BxB_MvDwRzNKlnBvn5A1uyk9ZAvtYGzc_bHoS_N7fPzu1nE8-_3bX6KBENTQwe6eV1PIErts65w97-KV-MM4zIZLHufAxzLKMvUtyt8vO8bbho3ZFZgkUS9ad8CTJODbMJIss22kJ51ttyNGkS-FXWAua7s0z9NxB2dZsvPBOGGbelSN0P6wZ2_HWcS_6wvILeQIRAmtiQutl4je0Yden96NA4GA2-yShyyRLPS3yAd7h2OSXsJ_UZ070Ico97WzjfqqA_k8zxxOeoHwAsFIvT-PDw15LoV8LHu6cKh6lh5luhoXmZ9Q20Wadh0DGOgNiWrtxn3ajNoXzCbNFQXf3kwX8CZeA0y1RRgZgIXDuN0d4wFpu-sB_wnuM7tTROqChjP_7qitM4JGrlnZOIiWaod2HIhnN9YSoBvteHk5Xm2OOrAsdr2Ibyo4rFxzJy3EHM5uXmQJLDJGHQqJDZQYrkw-RbgRucc65mUqjac-4FVdoD1tv3bDTLeQMVg4HKvcHLrzHkAElCE2QBZD-xQpSVzJWZu5sXqOkMjM-EDy5vCVgMqBpGMCl7p4Oh9FNXoSV3Q1eMnj0p1Me4eqk-SJdS7WawA61g7T5flfZ2z9_soDytCNrylHhz53s8MHloSglGHjLMe9glIfKMWhN0sarkgqadLph1jnIs8KXBpX-6CBblW3iuiXj0F8gcdNPsBE7__sFlzhYnqCvwpTSaA2_yLXYD082VhwWPh-073spLCz2RdvlM2P7BOyLyM9HYxT4pW87Zuxw7q9cK1qeDMvXdkkReIwelwEKyMWPZypIMCCQ5ImacJx4f9hTQ1R8PRAy67n4XHrcIUdwvqGWQOdkwBrzceISLOlTsFYBL31au8CMGscJ6mZEx4CgjzRjAeJXkMRuR1nAxVMJb5djqLjMUbfc3P4BaYo2K8X2UlTUptWL0L4FL92j8OXEtvw7FNXBwvsxE_gkg_gc6syJsEKrhUtXYbtQuNs4Ql1ssKbfr5Eifzf4qVA82WAbaIGr29bZi9cHROXm-xMv0G_HFvT8F4hcxCTnmG0aLVu9TxevWfYZQ9FliULb8VJs61Dlw0XhQNqdphTZ29bZNSwW76or-FbaPQ2Sst6ZE-wydAqx6AhAfrR2_hdX3tD5CHChhLVJd1pFqG7IJBkZJdXzR3OLUJbO80smbIpLFUE-lfIPZ7aWS4yX9w-vKo2_AYkwpFFWDnQpWideUtsRWkdga1Urmu0Ephw9FAZo3v3wvmEj4lqVWqQX9RHQo88sUcMgNJkwa52WweKcrPhY8tNtQyl0zjQkO8GaylNoxlGh9mXoXzpQhLTOr6i2U7EjxOc3X6bjymppFddGXRz4Ao7s9jD7Qi06BWoCm8WdyVUw69YRMBuQg-MloDcvPe1ERxLIVi_HwlQCX_wz-ZS1F1D06wP5RfyjHgsb257EcM_1WYQC7Vs5JbagTNdkknqiIh0H1XvwygSc4NmFfJHRPLVNCbovZoZZlIFmCv7BCI_nBFOMGwYT_oVL-NnGPAUk60OdCAhcWCPx4Jwcuj7H_YcCf4knwn54ZNjlFV9JRe2sJ1iznhdXNlkJxSajIyGqQCpeZBi-XgTPSkzjIY6OJJJSVqp4YwJ_Zt8A5CyE5K1sVU-wsGV_6t6k1dGzAUtnL_bvyF5HxQwgJN4jXoWKxxw7ocI_jqmv85MX1NIrPwnF6MWu0fw&cid=CAQSTABygQiDlh0E1JwfqV0pUQ3Xndm39Is9kd6WrB8_p6bD8SNf7gVuJKOTIdt-8ZAbS2n1jR3BjrgbZIj__4AOVYKJ4W4NJlnFXlu55Y0YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2F99bako.com%2F&ds=l&xdt=1&iif=1&cor=14572677678036140000&adk=3047537735&idt=161&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 16:24:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 630B 29 KB
11 KB 1ms
1ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:28:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:28:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 630B 41 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 23:03:55 GMT

GET
DATA 200
OK truncated
/ Frame 630B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 783f13f364ffd9825a62a77e7cbb97da82e1d44f7f921827239a838fca3bc00b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1977 22 KB
8 KB 2ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 390376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 10:59:08 GMT
expires: Tue, 21 May 2024 10:59:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 728_90.html Show response
s0.2mdn.net/sadbundle/989991152880975941/728x90/ Frame 1D81 21 KB
5 KB 42ms
4ms Document
text/html 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

895cc6792c69aba8d586edef01f9fb11123a074d83bcc506e126d989f8e375b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 308963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4925
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 09:36:01 GMT
expires: Wed, 22 May 2024 09:36:01 GMT
last-modified: Wed, 17 May 2023 01:37:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 630B 0
0 99ms
51ms Fetch
image/gif 142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyloz2uRwy7mezkJ2XUFcPkO3nszXTVR0QJWw0XxQF9AmefKnXGrTYG4DR3yu_r46PJsuZq4uNxKPjYsf-7_7r5LCprok_THkWrtsTPh5GCcU1Uv4VL04YJyI4oAegch30A5hQNBsG637zwVpTcYZ1Rxii-Q-K0sEUooDCBXTIVu4v_o1fzMMBH0o5lEH2sIIyf30hhSuaEBiIhL1AjfI4ybH34RDQ4DHuxOGrId4mJk3-USfgG2J1sVP4Zoite6zkdC_Dux3NG3UTz12cu2GVBOVyclI0JpEIvy6OgiI0r5vDQ2jCbeeNheSFiKXzR5J5T9pAJvsWp7oo5NeRRDFehy-GJymvYdkORlDO-_17ApOPKr0VOK8nDSi8RUdO5e5NmCjLT3dBGgM32Gh_pjkZitcZ1vnTflVnwZg9BRPdmGUwYVhkMIzqmOznlIQDD3bDnpLATGdOa9dwvlHkofTNy9_vLXNd3SrnIb88QgkA9JlmYZ_cA4egH1Xy4oiDCmHkX1JxPSbrcBVLvAg2JdIu7i9EvFLQnn0bwTm5Y8ImLTaGpCC7zg7lKJFZppXnVCqVDWlrpsHPf6xpgohlSiXxS_kiXWWycqIb2X7bCXWStcgpdgVTBu07zAA8xn5ZZxGCGqTmjGzClKyUcRDLNp-DWVzXd6Ddnoa6Lp2eLt1uK8KsKFohi0TOxvTUK1TXOx54GJIns58hQoPPamQF-Am5kF3RWNSSrXozDmXon0EL20HvtoSESy9U_TFnVUeKYGW9DO3L04qNpBbCQ1vrYV-CFG78QZrdT7a3Wmxydb7-NFRsqeF1xTY9kvid3Vv8sk4C-fxAlvcQgXHj37JEpKZDgNZLlPOplquFuCgvsr0W5uzRNqh1JZXyo7BtmJcSdMD7dhfwU5-XK8qfQfSJlAUibuZsys5DS3zECmFei0APIlXDp9M6UjRij_kNWHVfzHUGu1cffAs2Jzwg3i124oaTBS4fwFyvznHMlnlu39oO6qfkaUTYxRRe2Gg1wmVj5l5203JMNOYKNNLisNRUOO_KB9EMKIne2MUpD910mWQaug9t3R0eLssW7IUjZyCGTMnDDUhn6HmQoGPfRUF9iJdaEF96Z4qbKbnylH_U7o2CCB9-0wIR6X7oydSck3xH7R-8dEa99CtNQ3uKp72dTdODI3vi7iw5_G6vapP8I0Mia4b3A4B9VT_nfUaThGv0W-iPYcwHnqy49QF3SmNl_O_r-ONPQlMmfhEPGPJGeSoq9cpbQtpP3EX8W1-iwwobIStZcPiC2ctgiw&sai=AMfl-YQdmOhKkE6kL1s3gBJ571LdZRNeqwYcGCPjX6TvFGBYcAtkNdN-OLJkP4wbIaK4Q_6Q3RcOIDk3bqL2kzEzCzBk0UIRibrWDG8wOW9irzEPXUbHQar41VFgKr9HB0j5iB5oC9ePPPA6u2rqz5IYZMdPAxPg2bBgBgxZVTt9JEX76vG-kCYgqjlE0USc45GQ9NYgZ9aTPGKE1lUKDOda7k5tsyJsW4BqdqjrikfiKZUEtXsVLrLnJIC5WQLwEGscH2Fk6kWjBz6EIrI8FgcMMgVeU4kFvJfBcDvvoRh_XLPv1fWL2MEw5njHNEw2qQ&sig=Cg0ArKJSzI7GqPemhnMlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=65&cisv=r20230523.60974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 May 2023 23:25:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H/1.1

200
OK

firstevent
ihg.demdex.net/ Frame 630B
Redirect Chain

https://ihg.demdex.net/event?d_event=imp&d_src=13687&d_creative=191877421&d_adgroup=557948652&d_placement=366916493&d_site=4498573&d_campaign=29480902&d_cb=640546870
https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=191877421&d_adgroup=557948652&d_placement=366916493&d_site=4498573&d_campaign=29480902&d_cb=640546870

42 B
942 B

9ms
9ms

Image
image/gif

18.180.4.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=191877421&d_adgroup=557948652&d_placement=366916493&d_site=4498573&d_campaign=29480902&d_cb=640546870

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

18.180.4.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-180-4-49.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v045-05f829c4d.edge-tyo3.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lx8ptcaUTaA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-tyo3-2-v045-0db947a4c.edge-tyo3.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JHjQ0qFqT9A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=191877421&d_adgroup=557948652&d_placement=366916493&d_site=4498573&d_campaign=29480902&d_cb=640546870
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1977 37 KB
14 KB 2ms
1ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 405758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 06:42:46 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1D81 236 KB
63 KB 36ms
13ms Script
text/javascript 2600:140b:1a00:19::17dc:44ad
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:140b:1a00:19::17dc:44ad Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:24 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 26 May 2023 23:40:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1977 0
20 B 45ms
44ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtrDH5D9xZLzwI-u1vcAPkZCQwAMAAAAAOAHgBAI&bg=!SUqlSh7NAAZ8_aWmXP07ADkAdvg8WgEc11ivMo9CIBKXdTnZGwXyeHJiBs47M1e1vHBJoPlH9mEnOg_WXM8q6JxIYgoypCv6BBICAAAARVIAAAADaAEHCgALaIC1JVHsqYObs0-ZAu6nSehlnwVwe3Jff0K694DODun4W9sJtwbXlAakyzpwwKenkKOSpdgzhkamNpk0Dqh3HT75BiYyiNu4JC5gioNs6YJuCOOQUGBp8zWIKqPVbeDRPAqR-A5TUR5bgR3FvqJNciXSjYHvMPr162ov-9tzeqSsMFPiKc3ohq2Xhlv_van-7uCsuHx7VYyizEiFVJGVBRmmyGscv7uIhOTvME0st0mstORKoog_PrPs5U0YjQzCybK53XlEjKJ9bGKQiovTr_dkcAb6M2C7wo8uJ02bfRzDlSMs-95klslu6LscVridLRo9Tq9GWqBwoh6guWGipCwFesAESffa3QMDcGyKLEM4FdWBMtZCehRwRdWWKE2ewVby8XjYepS0aiaTt7gWHPtpCg9kP9mEc7SqxrCzavekZkQIKPmpzbHSe2lZmEUu2-CHWI82ox1JkUAUg1hWqN_Amw_sCV6_ikd-8PeUqyAcWn7UMMLgEMtL_QpXAVg1IwC-7itXHl5fynyk-JAzxBKXo0yIxYr2_E7tqZGWuUG7iEdPx-W31J1t4vtVeeSd3VoDWVfcQDC2ifG5eRyK6cWNzE0zxAv0Rwf0GQjezXN6vuRZTOyXDMYRngyexpAzh2ArxpF9WQw1ZXaKEoEu2VO7hw14sIuVlmNRS9xjGirWmgx7ZjYnqqodVVt073alFq_-MWzlE0bK74qFVbN-vyOvUhxoJnXZ22wNZpNsjYGzWIXzZOLJCk9zlU8zo9H9qoZbsHJ1LrUDSLxsEga5jyKV3ftcyVx5ukn8q1-rnUBnzB1ay_yyJEAx91v8aKnWeUMAKBx49yq0r_78Rx6Ed4kmORK4_2IatScgCAGdWXmcZqc87p_YZw57qOwr690IPc8skbDZyZyu6cn8a9GrGqfhzRmdhTbhg0MH4ag-c1tr5RRYhbs02KmwU1WHmrsE77_7_O4JlAE1JeWjoouzuqbD0l2rJnASOjCiLYHy2pOTrXEk71NYbYWI31M

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _728_90_1_bg.jpg
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 39 KB
39 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_1_bg.jpg

Requested by

Host: 46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
URL: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

430da5ea36ccd98746d48f88e101fa49a321262daaeadf97e8897f38cfe22c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:44:52 GMT
x-content-type-options: nosniff
age: 290432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40401
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 14:44:52 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 630B 0
0 40ms
39ms Fetch
image/gif 142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyloz2uRwy7mezkJ2XUFcPkO3nszXTVR0QJWw0XxQF9AmefKnXGrTYG4DR3yu_r46PJsuZq4uNxKPjYsf-7_7r5LCprok_THkWrtsTPh5GCcU1Uv4VL04YJyI4oAegch30A5hQNBsG637zwVpTcYZ1Rxii-Q-K0sEUooDCBXTIVu4v_o1fzMMBH0o5lEH2sIIyf30hhSuaEBiIhL1AjfI4ybH34RDQ4DHuxOGrId4mJk3-USfgG2J1sVP4Zoite6zkdC_Dux3NG3UTz12cu2GVBOVyclI0JpEIvy6OgiI0r5vDQ2jCbeeNheSFiKXzR5J5T9pAJvsWp7oo5NeRRDFehy-GJymvYdkORlDO-_17ApOPKr0VOK8nDSi8RUdO5e5NmCjLT3dBGgM32Gh_pjkZitcZ1vnTflVnwZg9BRPdmGUwYVhkMIzqmOznlIQDD3bDnpLATGdOa9dwvlHkofTNy9_vLXNd3SrnIb88QgkA9JlmYZ_cA4egH1Xy4oiDCmHkX1JxPSbrcBVLvAg2JdIu7i9EvFLQnn0bwTm5Y8ImLTaGpCC7zg7lKJFZppXnVCqVDWlrpsHPf6xpgohlSiXxS_kiXWWycqIb2X7bCXWStcgpdgVTBu07zAA8xn5ZZxGCGqTmjGzClKyUcRDLNp-DWVzXd6Ddnoa6Lp2eLt1uK8KsKFohi0TOxvTUK1TXOx54GJIns58hQoPPamQF-Am5kF3RWNSSrXozDmXon0EL20HvtoSESy9U_TFnVUeKYGW9DO3L04qNpBbCQ1vrYV-CFG78QZrdT7a3Wmxydb7-NFRsqeF1xTY9kvid3Vv8sk4C-fxAlvcQgXHj37JEpKZDgNZLlPOplquFuCgvsr0W5uzRNqh1JZXyo7BtmJcSdMD7dhfwU5-XK8qfQfSJlAUibuZsys5DS3zECmFei0APIlXDp9M6UjRij_kNWHVfzHUGu1cffAs2Jzwg3i124oaTBS4fwFyvznHMlnlu39oO6qfkaUTYxRRe2Gg1wmVj5l5203JMNOYKNNLisNRUOO_KB9EMKIne2MUpD910mWQaug9t3R0eLssW7IUjZyCGTMnDDUhn6HmQoGPfRUF9iJdaEF96Z4qbKbnylH_U7o2CCB9-0wIR6X7oydSck3xH7R-8dEa99CtNQ3uKp72dTdODI3vi7iw5_G6vapP8I0Mia4b3A4B9VT_nfUaThGv0W-iPYcwHnqy49QF3SmNl_O_r-ONPQlMmfhEPGPJGeSoq9cpbQtpP3EX8W1-iwwobIStZcPiC2ctgiw&sai=AMfl-YQdmOhKkE6kL1s3gBJ571LdZRNeqwYcGCPjX6TvFGBYcAtkNdN-OLJkP4wbIaK4Q_6Q3RcOIDk3bqL2kzEzCzBk0UIRibrWDG8wOW9irzEPXUbHQar41VFgKr9HB0j5iB5oC9ePPPA6u2rqz5IYZMdPAxPg2bBgBgxZVTt9JEX76vG-kCYgqjlE0USc45GQ9NYgZ9aTPGKE1lUKDOda7k5tsyJsW4BqdqjrikfiKZUEtXsVLrLnJIC5WQLwEGscH2Fk6kWjBz6EIrI8FgcMMgVeU4kFvJfBcDvvoRh_XLPv1fWL2MEw5njHNEw2qQ&sig=Cg0ArKJSzI7GqPemhnMlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&vt=11&dtpt=107&dett=3&cstd=65&cisv=r20230523.60974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: 99bako.com
URL: https://99bako.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:25:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 May 2023 23:25:24 GMT

GET
H3 200 _728_90_2_bg.jpg
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 34 KB
34 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_2_bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae023a12e0947bb536f875821546c17b51d9a066b714f367cc24848800a239d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:06:47 GMT
x-content-type-options: nosniff
age: 292717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34319
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 14:06:47 GMT

GET
H3 200 _728_90_4_bg.jpg
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 30 KB
30 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_4_bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06fbc2d68fa196315981ae118b02550baed67d9c189968fb0285914a2dd915e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:31:53 GMT
x-content-type-options: nosniff
age: 266011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30627
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 21:31:53 GMT

GET
H3 200 _728_90_btn.png
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 2 KB
2 KB 3ms
2ms Image
image/png 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_btn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

545caf94819d14c01b67884a73721c070daf79c8b63953616894dd11ae9b7f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:04:05 GMT
x-content-type-options: nosniff
age: 318079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1923
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 07:04:05 GMT

GET
H3 200 _728_90_text12x.png
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 5 KB
5 KB 3ms
2ms Image
image/png 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_text12x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9846f21c19cab189386b06ec2711fe5ff601f666035259462505c3ae8384011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:24:48 GMT
x-content-type-options: nosniff
age: 252036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5303
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 May 2024 01:24:48 GMT

GET
H3 200 _728_90_text22x.png
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 11 KB
11 KB 3ms
3ms Image
image/png 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_text22x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feae78aeae3861e0cf097bf647ce0e919fa9a96cbf6230a582e62f1eae3b268c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:26:49 GMT
x-content-type-options: nosniff
age: 284315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11080
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 16:26:49 GMT

GET
H3 200 _728_90_text32x.png
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 10 KB
10 KB 2ms
2ms Image
image/png 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_text32x.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8241f4dfd657f061c8657ba506dde0578a0198c8a9a3f07ab90b8708aaa4bf9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:05:28 GMT
x-content-type-options: nosniff
age: 328796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9962
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 04:05:28 GMT

GET
H3 200 _728_90_logo.png
s0.2mdn.net/sadbundle/989991152880975941/728x90/images/ Frame 1D81 4 KB
4 KB 2ms
2ms Image
image/png 2404:6800:4004:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/989991152880975941/728x90/images/_728_90_logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6ad3e14ca51af7b81bade0f2f42ef37aa1ca0c47cf926ad1dee7d76385e381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/989991152880975941/728x90/728_90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 11:21:22 GMT
x-content-type-options: nosniff
age: 302642
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4129
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:37:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 11:21:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 630B 42 B
64 B 44ms
43ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5BwbBoRhJC5flEAoRiQbqf0UGDkkNB-ToQyAFp8J-RkoxfbL6gah4zuESHv_9z3wFeKKLpU-7bAYu3qcYwtGbAek4mBn1IKiLcjQ8T4_EuBfMNCDj23-Cw3xf4-HOJ253pGA&sai=AMfl-YRBYA9JSkETBdtjRxdev7Em9JEHSd_OLZ0vGXiRDn953-5OqVVXjedgJb3ayKHxPZfRLdJG9cFAZwA9uMgpL2Onmj0d6AH3NReZy_EZ6TIlM7pvKYDd0Vtnzmgyca5sbZBX-sYL7squk_y_pw&sig=Cg0ArKJSzAv7gZgmVHfuEAE&cid=CAQSTABygQiDlh0E1JwfqV0pUQ3Xndm39Is9kd6WrB8_p6bD8SNf7gVuJKOTIdt-8ZAbS2n1jR3BjrgbZIj__4AOVYKJ4W4NJlnFXlu55Y0YAQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3396515843&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685143524293&rpt=458&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 630B 0
20 B 40ms
40ms Ping
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2726990124155&version=m202301230201&ct=76&x=1&cor=14572677678036140000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 23:25:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
99bako.com/	1970-01-20 12:48:55	Name: _pbjs_userid_consent_data Value: 3524755945110770
.4dex.io/	1970-01-20 13:32:07	Name: uids Value: eyJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiJkMGJlMTRmZS05MGM4LTQxOTUtOGNiOC0yODU1MDk4ZjE1OTUiLCJleHBpcmVzIjoiMjAyMy0wNy0yNVQyMzoyNToyMy4yNDgyNzYwNzdaIn19LCJiZGF5IjoiMjAyMy0wNS0yNlQyMzoyNToyMy4yNDc4NDk3NzJaIn0=
.99bako.com/	1970-01-20 12:07:09	Name: _gid Value: GA1.2.2071155034.1685143523
.99bako.com/	1970-01-20 12:05:43	Name: _gat_UA-33958756-43 Value: 1
.99bako.com/	1970-01-20 21:41:43	Name: _ga_HP1KEQG22D Value: GS1.1.1685143523.1.0.1685143523.0.0.0
.99bako.com/	1970-01-20 21:41:43	Name: _ga Value: GA1.1.1237491546.1685143523
.criteo.com/	1970-01-20 21:27:19	Name: uid Value: 93acabdc-c777-457a-bb12-6e84ecc650f7
.99bako.com/	1970-01-20 21:27:19	Name: cto_bundle Value: bfgICV92bVFydXZWWU1mOElNZldoa2N4YlpNNGZpdmFRSUhlaXptTnQ2RkUxNjIlMkJzdEptcnJWZ1lpSm4xTU5Ha2doMnQlMkZQcFF0Smg5QW92VlpSUnRWd0hYJTJGQXV0MXV3S2R4dnhwS3ZZQ0xQUzJudVNRZllpTklWVnROYXZlWkk4Tm4lMkIwcGUzYXQ3Q1dPTnVpUGJPRm5BYU5EUSUzRCUzRA
.rubiconproject.com/	1970-01-20 20:51:19	Name: khaos Value: LI56Y0EP-1Z-GSKB
.rubiconproject.com/	1970-01-20 20:51:19	Name: audit Value: 1\|WD0cx+9RTMKtU5DHku1OE1qbBgMWySGKid6DeFnocd8I3zpcoBMdLdd3ctOK5MTRI/7q0tm4F6HggJ3pD4CYm1XsaoPAbm3d0A+VO7RH1E0=
.openx.net/	1970-01-20 20:51:19	Name: i Value: 3658d0e9-8e19-41a8-a0f9-326bd858f20d\|1685143523
.crwdcntrl.net/	1970-01-20 18:34:30	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 18:34:30	Name: _cc_id Value: d9fda33f3735972fa79d5167badb7708
.99bako.com/	1970-01-20 18:34:31	Name: _cc_id Value: d9fda33f3735972fa79d5167badb7708
.99bako.com/	1970-01-20 12:07:09	Name: panoramaId_expiry Value: 1685229923644
rt.ad-score.com/	1970-01-20 21:41:43	Name: token Value: XCSVlogkbytFc-p7tb-DAgNXSoYWMVAt
.99bako.com/	1970-01-20 13:32:07	Name: truvid_protected Value: {"val":"f","level":0,"geo":"JP","timestamp":1685143524}
.99bako.com/	1970-01-20 21:27:19	Name: __gads Value: ID=df1cf61da550e12f:T=1685143523:RT=1685143523:S=ALNI_MZICc6MD3aFUSgXss3mYLG5a_jFnQ
.99bako.com/	1970-01-20 21:27:19	Name: __gpi Value: UID=00000c0b69a04d48:T=1685143523:RT=1685143523:S=ALNI_MY9EN7X5U3N-c5yrsDCIpbOwKkVVQ
.doubleclick.net/	1970-01-20 21:41:43	Name: IDE Value: AHWqTUmP58_593KSOTIFQixr-3_gTLAh-LmobYDd7N32dl04Yah7iPApLtNtk0C7
.casalemedia.com/	1970-01-20 20:51:19	Name: CMID Value: ZHE-5CFCO2p-CLibbxxppQAA
.casalemedia.com/	1970-01-20 14:15:19	Name: CMPS Value: 5487
.casalemedia.com/	1970-01-20 14:15:19	Name: CMPRO Value: 5487
.doubleclick.net/	1970-01-20 12:05:47	Name: DSID Value: NO_DATA
.demdex.net/	1970-01-20 16:24:55	Name: demdex Value: 26024567727274270473106865150234320105
.ihg.demdex.net/	1970-01-20 16:24:55	Name: ihg Value: 26024567727274270473106865150234320105

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

46bcc34d4f88a73fe53290c9a353d911.safeframe.googlesyndication.com
99bako.com
adservice.google.co.jp
adservice.google.com
anymind360.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.unblockia.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
fastlane.rubiconproject.com
fonts.googleapis.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
id5-sync.com
ihg.demdex.net
invstatic101.creativecdn.com
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
rt.ad-score.com
s-cs.send.microad.jp
s.trvdp.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
stg.truvidplayer.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
103.132.192.30
118.27.125.193
13.225.183.14
142.251.222.34
151.101.1.55
162.19.138.117
18.180.4.49
182.161.74.11
202.233.84.8
216.58.220.130
23.90.68.235
2404:6800:4004:801::2002
2404:6800:4004:808::2006
2404:6800:4004:80c::2002
2404:6800:4004:811::2002
2404:6800:4004:81c::2001
2404:6800:4004:820::2004
2404:6800:4004:821::200e
2404:6800:4004:823::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:825::2001
2404:6800:4004:826::2002
2404:6800:4008:c13::9a
2406:2600:4::1
2406:2600:4::b
2600:140b:1a00:19::17dc:44ad
2600:9000:20c4:b200:a:e047:753:be1
2600:9000:21c5:7200:12:abfb:9280:93a1
2602:803:c006:158::65
2606:4700:10::6816:3556
2606:4700:20::681a:9a9
2606:4700::6812:272
2a03:90c0:9994::9994
34.102.146.192
34.120.107.143
34.96.70.87
35.190.39.111
35.208.216.174
35.244.159.8
54.151.251.103
99.84.140.107
99.84.140.54
99.84.140.72
0371b8b1af5188f269ff5e7e157143387480e863bec8d4039fdb099363f4fed4
03fd2d1a22069c7f2267b674482cb2b7fac898def31ed6321ce3a5afffe9e47f
06fbc2d68fa196315981ae118b02550baed67d9c189968fb0285914a2dd915e1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11df7f1928ab030838e312824675856fe099dd5af8dea673cc878e3f52f62208
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f426be2c83bf149f99d2ce5af0a88759aeee6590f4744f427ea7b99178a77f
1a00790e9818a132704c7f436b2989de2f128ad52355dff6f65e6c257eb381b7
1c6a37e223e1d6585e527db2a9adac29be9ae0cc41ff88706011636027e70089
203af4ee7878df10c428ce6599c619695219f48681b832ef3f856abdd299b8e8
23f0c7845293f588fc0a94a259757f19a31871dcca5c64baecec4b285cb13dd5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
336ccbae66bc97b430015ed014d504d52bd7fb240774fa6186bcf771c075db4d
34604045879551d9e3dc0a6bfff8ccc4f5acc35f7d91edd7855937ef417a9736
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d2079ab7222cd50fc2eeb27ab4dc6d4184e25ab9ab34d0378736a44f5ad3d6b
3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
430da5ea36ccd98746d48f88e101fa49a321262daaeadf97e8897f38cfe22c9f
43853026bb9920a5fa30df899b8cea3b62a52747e2e830a61386f55c6244c56a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a35bb0957bd9280ca0914b1f07aa869fa88efd2b7decb0f93f3a3b55dbd1e9f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52008f552192f8a0194a4ee8b5c247232014f531f94b7fe740dac831c317546a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
545caf94819d14c01b67884a73721c070daf79c8b63953616894dd11ae9b7f14
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c96a98f29ed6b7bdb1af1afba8dfa6b7d0f2de8e30198e7c985b198773c5662
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68e8ed160a59ed43689633a6d44443f61ddafc8ea7bace3d489f5a3d37752577
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ee215bc0306f42296fc0a899d90e5877292cd538c4c1e9495787b56de85021a
707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb
73853645cd81064d2f77c7c2d6135de8833edee94dad0817b5cb820871928b66
753b0196fe6f940b533cf86cda3ba7ed19174a7ed0b6b0edc1fbb7e57410e9c1
783f13f364ffd9825a62a77e7cbb97da82e1d44f7f921827239a838fca3bc00b
7ae023a12e0947bb536f875821546c17b51d9a066b714f367cc24848800a239d
8241f4dfd657f061c8657ba506dde0578a0198c8a9a3f07ab90b8708aaa4bf9b
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125
895cc6792c69aba8d586edef01f9fb11123a074d83bcc506e126d989f8e375b4
8b104f0232077eed8c499ac6e24767ccd947c79fc45dac1b56046df95186fdab
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8b9a68dc08a1e889887169b98b4c40122d9a20352d7c51d2ac85b77460ff747f
8d44d2682b04d17e99d3d9fd6474ec0a41c82012ca225bd934ed1cc197579aae
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9ce72ca16d3f7e34a84058f0ff971c08b6c53e015c05fd880f3d167920f50fe3
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
a32d18fa82612f9de4a78b38f0d57d5f4057fb9adc2e969a722a146b38983dcc
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5abfbb3aa1c9ca908a03f1dd3e544d7afcf736ba34bdbb42c4d4c3f5383ca39
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afce410f5348694f583c9afcb83fb1e7ef8a2e23052c88323a035c97e183a801
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3cf72d12ad38ffabd4f7f0ad146e72629c753720f9d0e5e198ee5a217444e85
b469f9f1b0b1ff3cb6d3e29eb3672cd1c78afcb675f208d6e34846fddec20332
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
ce600c8f591f5818234729da9b4eafe2c831c15dff2eaf123952c9755d63b733
ce945b27533f86813fc9b519d1e7fd4aeafbeaf50756072cc02c6eac5aabffc3
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e55f530f801aad5fbbb65652da535217f96c08309c64dc2c50f8719815a74996
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9846f21c19cab189386b06ec2711fe5ff601f666035259462505c3ae8384011
ed4a1d1fafef8e0678d9224872df36652fb556c6e9fbb6b3f5e00b616046b5ba
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c2b78d8596f35510a8edc2d5104984c256cbb3309549bb6915ce952fa6e847
f54fce6018a7469efce4bca5d497cf07d16bf19e866708bdb8d7373da1f3f8aa
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
f764496ce682bd3e4cf85b23d66af96a0ae3abcea5cede97f4dd6ca3e8837979
fa6ad3e14ca51af7b81bade0f2f42ef37aa1ca0c47cf926ad1dee7d76385e381
fc9311c2bc2e5efcffbd09689d137ef2ba477452d82f7c93daa6305497776921
feae78aeae3861e0cf097bf647ce0e919fa9a96cbf6230a582e62f1eae3b268c

99bako.com Open in urlscan Pro 118.27.125.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

95 %HTTPS

52 %IPv6

32 Domains

46 Subdomains

44 IPs

8 Countries

1678 kBTransfer

4548 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

99bako.com Open in urlscan Pro
118.27.125.193 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

95 %
HTTPS

52 %
IPv6

32
Domains

46
Subdomains

44
IPs

8
Countries

1678 kB
Transfer

4548 kB
Size

26
Cookies

118 HTTP transactions
1 data transactions