urlscan.io logo urlscan.io
SecurityTrails logo

win2012r2.com Open in urlscan Pro
49.212.180.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://win2012r2.com/
Effective URL: https://win2012r2.com/
Submission: On March 07 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 138 IPs in 14 countries across 134 domains to perform 686 HTTP transactions. The main IP is 49.212.180.105, located in Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is win2012r2.com.
TLS certificate: Issued by R3 on January 24th 2023. Valid for: 3 months.
This is the only time win2012r2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41 49.212.180.105 9371 (SAKURA-C ...)
3 142.250.207.8 15169 (GOOGLE)
2 99.84.140.125 16509 (AMAZON-02)
2 142.250.199.106 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
23 89.187.160.30 60068 (CDN77 ^_^)
2 52.199.19.194 16509 (AMAZON-02)
22 18.65.178.128 16509 (AMAZON-02)
1 1 210.152.186.220 4694 (IDCF IDC ...)
1 13.249.167.35 16509 (AMAZON-02)
35 142.250.207.2 15169 (GOOGLE)
4 142.251.42.206 15169 (GOOGLE)
7 54.38.64.100 16276 (OVH)
1 23.206.250.88 20940 (AKAMAI-ASN1)
5 182.161.74.11 55569 (CRITEO-AS...)
1 172.67.13.182 13335 (CLOUDFLAR...)
1 145.239.193.51 16276 (OVH)
3 35 51.79.234.101 16276 (OVH)
1 4 103.229.10.180 16509 (AMAZON-02)
1 52.17.230.219 16509 (AMAZON-02)
1 13.32.54.58 16509 (AMAZON-02)
1 18 172.217.26.226 15169 (GOOGLE)
2 108.177.97.154 15169 (GOOGLE)
12 12 103.229.205.242 30419 (MEDIAMATH...)
7 8 213.19.162.90 26667 (RUBICONPR...)
10 13 103.43.90.19 29990 (ASN-APPNEX)
11 26 69.173.158.64 26667 (RUBICONPR...)
18 72 142.251.222.34 15169 (GOOGLE)
4 5 23.106.127.52 59253 (LEASEWEB-...)
2 4 35.190.60.146 15169 (GOOGLE)
2 5 209.54.182.161 16509 (AMAZON-02)
4 5 103.231.99.242 62713 (AS-PUBMATIC)
12 14 52.74.13.196 16509 (AMAZON-02)
13 13 52.223.40.198 16509 (AMAZON-02)
26 28 35.213.12.39 15169 (GOOGLE)
8 12 162.19.138.82 16276 (OVH)
2 104.26.9.169 13335 (CLOUDFLAR...)
1 52.30.197.119 16509 (AMAZON-02)
1 51.158.29.13 12876 (Online SAS)
1 65.9.42.11 16509 (AMAZON-02)
2 142.251.222.2 15169 (GOOGLE)
3 216.58.220.130 15169 (GOOGLE)
3 172.217.161.194 15169 (GOOGLE)
3 7 23.106.127.165 59253 (LEASEWEB-...)
2 2 18.182.162.20 16509 (AMAZON-02)
4 5 13.115.111.66 16509 (AMAZON-02)
1 2 119.9.108.180 45187 (RACKSPACE...)
3 3 18.142.83.213 16509 (AMAZON-02)
1 141.95.33.111 16276 (OVH)
12 13.250.173.68 16509 (AMAZON-02)
1 2 64.202.112.63 22075 (AS-OUTBRAIN)
2 182.161.74.18 55569 (CRITEO-AS...)
2 10 203.195.121.141 7979 (SERVERS-COM)
1 54.254.58.46 16509 (AMAZON-02)
10 52.29.235.130 16509 (AMAZON-02)
2 19 172.67.10.198 13335 (CLOUDFLAR...)
2 4 209.191.163.208 14744 (INTERNAP-...)
2 3 18.138.24.162 16509 (AMAZON-02)
1 5 145.40.89.200 54825 (PACKET)
20 32 44.229.137.213 16509 (AMAZON-02)
1 19 13.115.236.196 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 104.18.2.114 13335 (CLOUDFLAR...)
5 208.115.232.150 46475 (LIMESTONE...)
1 35.73.33.172 16509 (AMAZON-02)
1 37.157.6.252 198622 (ADFORM)
5 54.170.157.123 16509 (AMAZON-02)
35 172.217.31.161 15169 (GOOGLE)
1 8 142.251.222.36 15169 (GOOGLE)
4 142.251.42.195 15169 (GOOGLE)
6 23.62.106.35 20940 (AKAMAI-ASN1)
5 142.250.76.138 15169 (GOOGLE)
1 1 202.233.84.8 131957 (MICROAD M...)
5 7 23.90.68.235 27381 (CASALE-MEDIA)
7 23.44.52.240 20940 (AKAMAI-ASN1)
4 5 50.116.239.135 6336 (TURN-US-ASN)
1 3 13.107.42.14 8068 (MICROSOFT...)
5 5 18.65.168.114 16509 (AMAZON-02)
2 2 104.45.178.220 8075 (MICROSOFT...)
2 2 162.19.80.92 16276 (OVH)
1 1 23.219.68.21 16625 (AKAMAI-AS)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
4 5 34.126.167.117 396982 (GOOGLE-CL...)
2 2 172.105.221.29 63949 (AKAMAI-AP...)
6 6 185.84.60.21 198622 (ADFORM)
4 4 35.227.252.103 15169 (GOOGLE)
2 2 52.221.107.162 16509 (AMAZON-02)
8 172.217.175.67 15169 (GOOGLE)
1 1 18.65.202.64 16509 (AMAZON-02)
6 6 23.10.15.149 20940 (AKAMAI-ASN1)
1 1 202.233.84.1 131957 (MICROAD M...)
2 34.111.79.67 396982 (GOOGLE-CL...)
4 4 3.223.190.35 14618 (AMAZON-AES)
7 7 202.241.208.100 4694 (IDCF IDC ...)
1 1 31.220.27.155 39572 (ADVANCEDH...)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 4 103.231.99.243 62713 (AS-PUBMATIC)
1 69.174.120.108 36062 (DOUBLE-VE...)
2 23 103.231.99.80 62713 (AS-PUBMATIC)
4 5 103.43.90.21 29990 (ASN-APPNEX)
1 1 34.192.34.224 14618 (AMAZON-AES)
2 2 35.213.93.179 15169 (GOOGLE)
2 5 213.180.204.90 208722 (GLOBAL_DC)
1 182.161.74.16 55569 (CRITEO-AS...)
3 3 220.150.223.50 4686 (BEKKOAME ...)
1 1 220.150.223.52 4686 (BEKKOAME ...)
1 1 13.115.212.37 16509 (AMAZON-02)
4 4 151.101.2.49 54113 (FASTLY)
1 1 52.220.229.2 16509 (AMAZON-02)
1 18.177.128.158 16509 (AMAZON-02)
1 1 172.105.213.147 63949 (AKAMAI-AP...)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 54.65.69.105 16509 (AMAZON-02)
3 34.149.40.38 15169 (GOOGLE)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
2 3 54.251.27.11 16509 (AMAZON-02)
6 7 18.136.64.139 16509 (AMAZON-02)
2 103.231.99.81 62713 (AS-PUBMATIC)
4 4 89.207.22.140 399104 (CNVR-APAC)
9 29 184.26.240.67 20940 (AKAMAI-ASN1)
8 185.86.139.59 201081 (SMARTADSE...)
2 3 54.239.33.159 16509 (AMAZON-02)
2 23.10.7.250 20940 (AKAMAI-ASN1)
1 2 23.106.127.164 59253 (LEASEWEB-...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
8 9 64.74.236.63 19024 (INTERNAP-...)
4 34.149.43.113 15169 (GOOGLE)
2 205.185.216.10 20446 (STACKPATH...)
2 182.161.74.1 55569 (CRITEO-AS...)
2 3.1.224.55 16509 (AMAZON-02)
2 23.45.56.56 20940 (AKAMAI-ASN1)
1 185.86.139.95 201081 (SMARTADSE...)
1 18.65.185.85 16509 (AMAZON-02)
1 23.33.33.211 20940 (AKAMAI-ASN1)
2 142.251.42.138 15169 (GOOGLE)
1 52.92.17.208 16509 (AMAZON-02)
5 12 35.71.178.8 16509 (AMAZON-02)
6 54.238.120.71 16509 (AMAZON-02)
6 6 185.184.8.90 204995 (RTB-HOUSE...)
6 162.55.236.224 24940 (HETZNER-AS)
1 151.101.129.108 54113 (FASTLY)
1 2 37.157.6.248 198622 (ADFORM)
4 4 98.98.134.242 21859 (ZEN-ECN)
2 2 52.193.212.189 16509 (AMAZON-02)
2 2 193.232.150.70 48061 (UMA-TECH-AS)
1 159.69.59.100 24940 (HETZNER-AS)
1 62.33.236.19 20485 (TRANSTELE...)
1 1 23.206.250.58 20940 (AKAMAI-ASN1)
1 142.251.42.166 15169 (GOOGLE)
1 204.79.197.200 8068 (MICROSOFT...)
1 1 8.2.110.114 46636 (NATCOWEB)
5 142.250.126.120 15169 (GOOGLE)
1 104.22.24.207 13335 (CLOUDFLAR...)
1 172.67.8.174 13335 (CLOUDFLAR...)
1 1 172.217.161.206 15169 (GOOGLE)
2 74.125.106.73 15169 (GOOGLE)
19 185.255.84.152 200271 (IGUANE-)
1 13.227.62.95 16509 (AMAZON-02)
2 89.187.160.31 60068 (CDN77 ^_^)
1 1 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.183.112.155 60350 (VP)
1 1 80.77.87.166 46636 (NATCOWEB)
2 2 23.108.103.8 59253 (LEASEWEB-...)
1 1 64.38.119.27 18568 (BIDTELLECT)
2 23.227.151.202 55081 (24SHELLS)
3 158.69.73.116 16276 (OVH)
8 9 103.71.26.126 132134 (SPOTX-AS-...)
1 8.39.36.164 26667 (RUBICONPR...)
1 52.5.142.231 14618 (AMAZON-AES)
1 52.76.3.9 16509 (AMAZON-02)
1 52.199.221.43 16509 (AMAZON-02)
2 69.173.158.68 26667 (RUBICONPR...)
5 142.250.206.226 15169 (GOOGLE)
3 3 31.172.81.159 44066 (DE-FIRSTC...)
2 2 89.108.120.76 197695 (AS-REG)
1 141.226.231.48 200478 (TABOOLA-AS)
1 23.60.108.29 16625 (AKAMAI-AS)
1 34.149.50.64 15169 (GOOGLE)
1 34.117.157.22 396982 (GOOGLE-CL...)
4 16 23.227.139.243 55081 (24SHELLS)
8 8 145.40.73.5 54825 (PACKET)
2 44.194.172.170 14618 (AMAZON-AES)
1 2 194.226.130.229 ()
1 35.201.98.24 ()
686 138
41    49.212.180.105 (Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www2695.sakura.ne.jp
win2012r2.com
3    142.250.207.8 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f8.1e100.net
www.googletagmanager.com
2    99.84.140.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-125.nrt57.r.cloudfront.net
cmp.quantcast.com
2    142.250.199.106 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f10.1e100.net
ajax.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
23    89.187.160.30 (Tokyo, Japan)

ASN60068 (CDN77 ^_^, GB)
PTR: 205049845.tyo.cdn77.com
ads.themoneytizer.com
2    52.199.19.194 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-19-194.ap-northeast-1.compute.amazonaws.com
www28.a8.net
www14.a8.net
22    18.65.178.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-178-128.nrt57.r.cloudfront.net
m.media-amazon.com
1    210.152.186.220 (Kitakyushu, Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
ad.jp.ap.valuecommerce.com
1    13.249.167.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-167-35.nrt12.r.cloudfront.net
i.imgvc.com
35    142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net
pagead2.googlesyndication.com
4    142.251.42.206 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f14.1e100.net
www.google-analytics.com
7    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    23.206.250.88 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-250-88.deploy.static.akamaitechnologies.com
ced.sascdn.com
5    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    172.67.13.182 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
35    51.79.234.101 (Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
4    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    52.17.230.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-230-219.eu-west-1.compute.amazonaws.com
p.cpx.to
1    13.32.54.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-54-58.nrt57.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
18    172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net
googleads.g.doubleclick.net
2    108.177.97.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f154.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
12    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
13    103.43.90.19 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
26    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-apac.rubiconproject.com
token.rubiconproject.com
72    142.251.222.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
5    23.106.127.52 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    103.231.99.242 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
14    52.74.13.196 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
13    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
28    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
12    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
2    104.26.9.169 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    52.30.197.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-197-119.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu
kvt.sddan.com
1    65.9.42.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-11.nrt12.r.cloudfront.net
rules.quantcount.com
2    142.251.222.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net
partner.googleadservices.com
googleads4.g.doubleclick.net
3    216.58.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s17-in-f2.1e100.net
adservice.google.co.jp
3    172.217.161.194 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s03-in-f2.1e100.net
adservice.google.com
7    23.106.127.165 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
sync.smartadserver.com
2    18.182.162.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-162-20.ap-northeast-1.compute.amazonaws.com
ps.eyeota.net
5    13.115.111.66 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-111-66.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
3    18.142.83.213 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-83-213.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
12    13.250.173.68 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1h.zemanta.com
2    182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
10    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    54.254.58.46 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-58-46.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
10    52.29.235.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
d.vidoomy.com
a-prebid.vidoomy.com
a.vidoomy.com
19    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
4    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
3    18.138.24.162 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-24-162.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
ice.360yield.com
5    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
32    44.229.137.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-137-213.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
fo-api.omnitagjs.com
tracking-us-west-2.omnitagjs.com
fo-ssp-us-west-2.omnitagjs.com
visitor.omnitagjs.com
visitor-us-west-2.omnitagjs.com
19    13.115.236.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
bid.missena.io
events.missena.io
sync.missena.io
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
1    35.73.33.172 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-33-172.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
1    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
5    54.170.157.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-157-123.eu-west-1.compute.amazonaws.com
s.cpx.to
35    172.217.31.161 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s22-in-f1.1e100.net
tpc.googlesyndication.com
8    142.251.222.36 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f4.1e100.net
www.google.com
4    142.251.42.195 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f3.1e100.net
www.gstatic.com
6    23.62.106.35 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-106-35.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
5    142.250.76.138 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f10.1e100.net
fonts.googleapis.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
7    23.90.68.235 (India)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
7    23.44.52.240 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-240.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    18.65.168.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-114.nrt57.r.cloudfront.net
cr-p1.ladsp.com
cr-p10.ladsp.com
2    104.45.178.220 (Lilburn, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
c.eu1.dyntrk.com
1    23.219.68.21 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-68-21.deploy.static.akamaitechnologies.com
cs.media.net
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
5    34.126.167.117 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
2    172.105.221.29 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1875-29.members.linode.com
a.c.appier.net
6    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    52.221.107.162 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-107-162.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
8    172.217.175.67 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f3.1e100.net
fonts.gstatic.com
1    18.65.202.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-202-64.nrt57.r.cloudfront.net
d.agkn.com
6    23.10.15.149 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-149.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
stags.bluekai.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
2    34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com
odr.mookie1.com
4    3.223.190.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-190-35.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
4    103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.174.120.108 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
23    103.231.99.80 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
5    103.43.90.21 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
1    34.192.34.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-34-224.compute-1.amazonaws.com
fksnk.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
5    213.180.204.90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: bs.yandex.ru
an.yandex.ru
1    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
3    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    220.150.223.52 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 52.223.150.220.in-addr.arpa
sync-tapi.admatrix.jp
1    13.115.212.37 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-212-37.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    18.177.128.158 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-128-158.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
1    172.105.213.147 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1867-147.members.linode.com
gocm.c.appier.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    54.65.69.105 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-69-105.ap-northeast-1.compute.amazonaws.com
adsd-sync.amanad.adtdp.com
3    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    54.251.27.11 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-27-11.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
7    18.136.64.139 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-64-139.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    103.231.99.81 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    89.207.22.140 (Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin03-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
dclk-match.dotomi.com
29    184.26.240.67 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-26-240-67.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
8    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
3    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    23.10.7.250 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-7-250.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
2    23.106.127.164 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
9    64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
2    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.flashtalking.com
2    182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    3.1.224.55 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-224-55.ap-southeast-1.compute.amazonaws.com
d9.flashtalking.com
2    23.45.56.56 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-56-56.deploy.static.akamaitechnologies.com
secure.flashtalking.com
1    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
itx4.smartadserver.com
1    18.65.185.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-85.nrt57.r.cloudfront.net
chat.missena.io
1    23.33.33.211 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-33-211.deploy.static.akamaitechnologies.com
fo-static.omnitagjs.com
2    142.251.42.138 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f10.1e100.net
imasdk.googleapis.com
1    52.92.17.208 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
12    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
6    54.238.120.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
4    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    52.193.212.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-212-189.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
2    193.232.150.70 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.ntvplus.ru
px.adhigh.net
1    159.69.59.100 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.59.69.159.clients.your-server.de
sync.dmp.otm-r.com
1    62.33.236.19 (Teykovo, Russian Federation)

ASN20485 (TRANSTELECOM Moscow, Russia, RU)
PTR: customer19.transtelecom.net
cache.betweendigital.com
1    23.206.250.58 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-250-58.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    142.251.42.166 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f6.1e100.net
s0.2mdn.net
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
5    142.250.126.120 (United States)

ASN15169 (GOOGLE, US)
PTR: oa-in-f120.1e100.net
csi.gstatic.com
1    104.22.24.207 (None, )

ASN13335 (CLOUDFLARENET, US)
tag.imonomy.com
1    172.67.8.174 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
1    172.217.161.206 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s03-in-f14.1e100.net
gcdn.2mdn.net
2    74.125.106.73 (United States)

ASN15169 (GOOGLE, US)
PTR: kix05s13-in-f9.1e100.net
r4---sn-3pm76nes.c.2mdn.net
19    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor-fra02.omnitagjs.com
1    13.227.62.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-62-95.nrt20.r.cloudfront.net
api-2-0.spot.im
2    89.187.160.31 (Tokyo, Japan)

ASN60068 (CDN77 ^_^, GB)
PTR: 205049845.tyo.cdn77.com
vid.vidoomy.com
1    109.206.161.21 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.183.112.155 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    23.108.103.8 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
1    64.38.119.27 (United States)

ASN18568 (BIDTELLECT, US)
bttrack.com
2    23.227.151.202 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
3    158.69.73.116 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip-158-69-73.eu
srv.imonomy.com
9    103.71.26.126 (Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
1    8.39.36.164 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-sjc2.rubiconproject.com
1    52.5.142.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-142-231.compute-1.amazonaws.com
sync.ipredictive.com
1    52.76.3.9 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-3-9.ap-southeast-1.compute.amazonaws.com
post.update.rubiconproject.com
1    52.199.221.43 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-221-43.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
2    69.173.158.68 (Singapore)

ASN26667 (RUBICONPROJECT, US)
beacon-nf.rubiconproject.com
5    142.250.206.226 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s10-in-f2.1e100.net
ade.googlesyndication.com
3    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
1    141.226.231.48 (Hong Kong)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    23.60.108.29 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-108-29.deploy.static.akamaitechnologies.com
contextual.media.net
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
16    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
8    145.40.73.5 (Queenstown Estate, Singapore)

ASN54825 (PACKET, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    44.194.172.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-172-170.compute-1.amazonaws.com
sync.aniview.com
2    194.226.130.229 (None, )

ASN- ()
www.tns-counter.ru
1    35.201.98.24 (None, )

ASN- ()
sp.gmossp-sp.jp
Apex Domain
Subdomains		 Transfer
87 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
bid.g.doubleclick.net — Cisco Umbrella Rank: 703
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
239 KB
75 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
ade.googlesyndication.com — Cisco Umbrella Rank: 278
690 KB
68 rubiconproject.com
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2093
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 844
eus.rubiconproject.com — Cisco Umbrella Rank: 533
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 35655
token.rubiconproject.com — Cisco Umbrella Rank: 541
beacon-sjc2.rubiconproject.com — Cisco Umbrella Rank: 3112
post.update.rubiconproject.com — Cisco Umbrella Rank: 4022
beacon-nf.rubiconproject.com — Cisco Umbrella Rank: 2519
133 KB
52 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3447
fo-api.omnitagjs.com — Cisco Umbrella Rank: 32163
fo-static.omnitagjs.com — Cisco Umbrella Rank: 15470
tracking-us-west-2.omnitagjs.com — Cisco Umbrella Rank: 27992
fo-ssp-us-west-2.omnitagjs.com — Cisco Umbrella Rank: 29755
visitor.omnitagjs.com — Cisco Umbrella Rank: 745
visitor-us-west-2.omnitagjs.com — Cisco Umbrella Rank: 8285
visitor-fra02.omnitagjs.com — Cisco Umbrella Rank: 20405
141 KB
41 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 623
ads.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 725
image2.pubmatic.com — Cisco Umbrella Rank: 846
simage2.pubmatic.com — Cisco Umbrella Rank: 668
image4.pubmatic.com — Cisco Umbrella Rank: 938
simage4.pubmatic.com — Cisco Umbrella Rank: 1156
65 KB
41 win2012r2.com
win2012r2.com
455 KB
35 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
17 KB
32 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 834
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
9 KB
28 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
12 KB
23 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1760
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571
ww1097.smartadserver.com — Cisco Umbrella Rank: 33080
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
itx4.smartadserver.com — Cisco Umbrella Rank: 19949
sync.smartadserver.com — Cisco Umbrella Rank: 1273
12 KB
23 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 30025
323 KB
22 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 512
417 KB
20 missena.io
bid.missena.io — Cisco Umbrella Rank: 85140
chat.missena.io — Cisco Umbrella Rank: 136918
events.missena.io — Cisco Umbrella Rank: 123062
sync.missena.io — Cisco Umbrella Rank: 105248
69 KB
19 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5844
csync.smilewanted.com — Cisco Umbrella Rank: 4310
static.smilewanted.com — Cisco Umbrella Rank: 10203
18 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 377
acdn.adnxs.com — Cisco Umbrella Rank: 542
36 KB
18 spotim.market
s.spotim.market — Cisco Umbrella Rank: 5560
sync.spotim.market — Cisco Umbrella Rank: 2307
9 KB
17 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
171 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 498
eb2.3lift.com — Cisco Umbrella Rank: 338
6 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
7 KB
12 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 10532
a-prebid.vidoomy.com — Cisco Umbrella Rank: 13603
a.vidoomy.com — Cisco Umbrella Rank: 2665
vid.vidoomy.com — Cisco Umbrella Rank: 1885
3 KB
12 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 404
16 KB
12 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
7 KB
11 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 475
rtb0.doubleverify.com — Cisco Umbrella Rank: 694
tps.doubleverify.com — Cisco Umbrella Rank: 511
tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 18344
244 KB
11 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3986
sync.richaudience.com — Cisco Umbrella Rank: 1872
5 KB
11 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1528
cache.betweendigital.com — Cisco Umbrella Rank: 20068
8 KB
11 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 5992
b1sync.zemanta.com — Cisco Umbrella Rank: 532
7 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
2 KB
9 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 709
8 KB
9 adform.net
c1.adform.net — Cisco Umbrella Rank: 590 Failed
adx.adform.net — Cisco Umbrella Rank: 4185
cm.adform.net — Cisco Umbrella Rank: 1244
track.adform.net — Cisco Umbrella Rank: 3885
5 KB
9 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
fonts.googleapis.com — Cisco Umbrella Rank: 36
imasdk.googleapis.com — Cisco Umbrella Rank: 442
405 KB
8 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 798
cdn.flashtalking.com — Cisco Umbrella Rank: 1015
d9.flashtalking.com — Cisco Umbrella Rank: 1470
secure.flashtalking.com — Cisco Umbrella Rank: 2076
77 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 267
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940
5 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 378
bidder.criteo.com — Cisco Umbrella Rank: 714
dis.criteo.com — Cisco Umbrella Rank: 686
8 KB
7 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 958
7 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
5 KB
7 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1394
usersync.gumgum.com — Cisco Umbrella Rank: 1749
3 KB
7 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 31053
2 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 510
3 KB
6 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 535
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
291 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1886
mp.4dex.io — Cisco Umbrella Rank: 2011
u.4dex.io — Cisco Umbrella Rank: 4307
28 KB
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9634
s.cpx.to — Cisco Umbrella Rank: 2424
6 KB
5 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3541
1 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
3 KB
5 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 68424
cr-p10.ladsp.com — Cisco Umbrella Rank: 503385
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
r.turn.com — Cisco Umbrella Rank: 3104
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 918
2 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
2 KB
4 imonomy.com
tag.imonomy.com — Cisco Umbrella Rank: 182843
srv.imonomy.com — Cisco Umbrella Rank: 137994
70 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
gcdn.2mdn.net — Cisco Umbrella Rank: 1090
r4---sn-3pm76nes.c.2mdn.net
38 KB
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 494
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 596
3 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2777
dclk-match.dotomi.com — Cisco Umbrella Rank: 2856
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 591
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 644
2 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1367
838 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 589
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 614
839 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 980
pixel.quantserve.com — Cisco Umbrella Rank: 779
cms.quantserve.com — Cisco Umbrella Rank: 654
10 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3553
2 KB
3 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6288
sync.e-volution.ai — Cisco Umbrella Rank: 2648
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 759
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 424
175 B
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2768
1 KB
3 appier.net
a.c.appier.net — Cisco Umbrella Rank: 16259
gocm.c.appier.net — Cisco Umbrella Rank: 1988
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 663
ice.360yield.com — Cisco Umbrella Rank: 1983
786 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 726
2 KB
3 google.co.jp
adservice.google.co.jp — Cisco Umbrella Rank: 67981
861 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
202 KB
2 tns-counter.ru
www.tns-counter.ru
703 B
2 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 2346
509 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
949 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 17633
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2186
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 18426
824 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4555
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 625
58 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4937
673 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 1967
963 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1084
316 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1839
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
594 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 741
s.tribalfusion.com — Cisco Umbrella Rank: 1813
1 KB
2 media.net
cs.media.net — Cisco Umbrella Rank: 1359
contextual.media.net — Cisco Umbrella Rank: 563
2 KB
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 4470
2 KB
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3108
971 B
2 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 63237
aid.send.microad.jp — Cisco Umbrella Rank: 4745
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1141
818 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1027
1 KB
2 a8.net
www28.a8.net
www14.a8.net — Cisco Umbrella Rank: 923100
50 KB
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2816
49 KB
1 gmossp-sp.jp
sp.gmossp-sp.jp
488 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2540
274 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 4734
281 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 930
231 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 3606
398 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 821
327 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1457
280 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 731
381 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 972
716 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1504
762 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2748
190 B
1 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 5231
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4900
496 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 237
668 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 624
616 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 20205
70 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
9 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4045
487 B
1 adtdp.com
adsd-sync.amanad.adtdp.com — Cisco Umbrella Rank: 20360
481 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19944
220 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2481
645 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 27477
455 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 85882
622 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4264
617 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 12162
521 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10276
291 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 678
679 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 995
400 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
603 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 924
1 KB
1 sddan.com
kvt.sddan.com — Cisco Umbrella Rank: 33821
1 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 35933
524 B
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 34514
6 KB
1 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2625
20 KB
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9870
33 KB
1 imgvc.com
i.imgvc.com — Cisco Umbrella Rank: 490141
788 B
1 valuecommerce.com
ad.jp.ap.valuecommerce.com — Cisco Umbrella Rank: 362547
729 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195
4 KB
0 opera.com Failed
t.adx.opera.com Failed
0 loopme.me Failed
csync.loopme.me Failed
686 134
Domain Requested by
66 cm.g.doubleclick.net 18 redirects onetag-sys.com
googleads.g.doubleclick.net
win2012r2.com
eus.rubiconproject.com
ads.themoneytizer.com
eb2.3lift.com
41 win2012r2.com 1 redirects win2012r2.com
35 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
35 onetag-sys.com 3 redirects ads.themoneytizer.com
onetag-sys.com
win2012r2.com
visitor.omnitagjs.com
s.spotim.market
cache.betweendigital.com
35 pagead2.googlesyndication.com win2012r2.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
28 x.bidswitch.net 26 redirects onetag-sys.com
win2012r2.com
23 ads.themoneytizer.com win2012r2.com
ads.themoneytizer.com
22 m.media-amazon.com win2012r2.com
20 eus.rubiconproject.com win2012r2.com
eus.rubiconproject.com
ads.themoneytizer.com
sync.missena.io
visitor.omnitagjs.com
sync.richaudience.com
fo-ssp-us-west-2.omnitagjs.com
cache.betweendigital.com
20 pixel.rubiconproject.com 5 redirects onetag-sys.com
eus.rubiconproject.com
win2012r2.com
19 visitor-fra02.omnitagjs.com visitor.omnitagjs.com
ads.pubmatic.com
ssbsync.smartadserver.com
eus.rubiconproject.com
onetag-sys.com
s.spotim.market
19 visitor.omnitagjs.com 15 redirects sync.missena.io
visitor.omnitagjs.com
win2012r2.com
s.spotim.market
18 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
win2012r2.com
16 sync.spotim.market 4 redirects s.spotim.market
ads.pubmatic.com
16 simage2.pubmatic.com ads.pubmatic.com
win2012r2.com
13 match.adsrvr.org 13 redirects
13 ups.analytics.yahoo.com 11 redirects onetag-sys.com
sync.richaudience.com
13 ib.adnxs.com 10 redirects ads.themoneytizer.com
acdn.adnxs.com
csync.smilewanted.com
12 csync.smilewanted.com 2 redirects ads.themoneytizer.com
csync.smilewanted.com
12 eb2.3lift.com 5 redirects ads.themoneytizer.com
eb2.3lift.com
12 c2shb.pubgw.yahoo.com ads.themoneytizer.com
12 id5-sync.com 8 redirects ads.themoneytizer.com
ced.sascdn.com
win2012r2.com
12 sync.mathtag.com 12 redirects
10 sync.missena.io 1 redirects ads.themoneytizer.com
sync.missena.io
ads.pubmatic.com
eus.rubiconproject.com
10 ads.betweendigital.com 2 redirects ads.themoneytizer.com
ads.betweendigital.com
eus.rubiconproject.com
onetag-sys.com
9 sync.search.spotxchange.com 8 redirects sync.richaudience.com
9 b1sync.zemanta.com 8 redirects win2012r2.com
9 secure-assets.rubiconproject.com 9 redirects
8 events.missena.io chat.missena.io
8 ww1097.smartadserver.com ced.sascdn.com
8 fonts.gstatic.com fonts.googleapis.com
8 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
8 pixel-eu.rubiconproject.com 7 redirects onetag-sys.com
7 pr-bh.ybp.yahoo.com 6 redirects win2012r2.com
7 image2.pubmatic.com 2 redirects ads.pubmatic.com
win2012r2.com
7 tg.socdm.com 7 redirects
7 ads.pubmatic.com win2012r2.com
ads.themoneytizer.com
sync.missena.io
visitor.omnitagjs.com
s.spotim.market
7 c.tmyzer.com ads.themoneytizer.com
6 sync.1rx.io 6 redirects
6 sync.richaudience.com ads.themoneytizer.com
sync.richaudience.com
eus.rubiconproject.com
6 creativecdn.com 6 redirects
6 usersync.gumgum.com ads.themoneytizer.com
ads.pubmatic.com
6 cdn.doubleverify.com googleads.g.doubleclick.net
cdn.doubleverify.com
win2012r2.com
cdn.flashtalking.com
6 www.googletagservices.com googleads.g.doubleclick.net
6 prebid.smilewanted.com ads.themoneytizer.com
6 c1.adform.net win2012r2.com
5 ade.googlesyndication.com win2012r2.com
5 visitor-us-west-2.omnitagjs.com 5 redirects
5 csi.gstatic.com imasdk.googleapis.com
5 token.rubiconproject.com 5 redirects
5 an.yandex.ru 2 redirects win2012r2.com
5 secure.adnxs.com 4 redirects win2012r2.com
5 um.simpli.fi 4 redirects win2012r2.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 fonts.googleapis.com googleads.g.doubleclick.net
client
5 s.cpx.to p.cpx.to
win2012r2.com
5 shb.richaudience.com ads.themoneytizer.com
5 prebid.a-mo.net 1 redirects ads.themoneytizer.com
win2012r2.com
5 d.vidoomy.com ads.themoneytizer.com
5 match.prod.bidr.io 4 redirects visitor.omnitagjs.com
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 image8.pubmatic.com 4 redirects onetag-sys.com
5 s.amazon-adsystem.com 2 redirects onetag-sys.com
eus.rubiconproject.com
eb2.3lift.com
5 ssbsync-global.smartadserver.com 4 redirects onetag-sys.com
5 gum.criteo.com ads.themoneytizer.com
static.criteo.net
gum.criteo.com
4 stags.bluekai.com 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 tracking-us-west-2.omnitagjs.com win2012r2.com
4 sync-tm.everesttech.net 4 redirects
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 sync.srv.stackadapt.com 4 redirects
4 rtb.openx.net 4 redirects
4 cr-p1.ladsp.com 4 redirects
4 ad.turn.com 4 redirects
4 www.gstatic.com googleads.g.doubleclick.net
4 ap.lijit.com 2 redirects ads.themoneytizer.com
win2012r2.com
4 id.rlcdn.com 2 redirects visitor.omnitagjs.com
win2012r2.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 sync.bumlam.com 3 redirects
3 srv.imonomy.com tag.imonomy.com
win2012r2.com
3 a-prebid.vidoomy.com win2012r2.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 sync.crwdcntrl.net 2 redirects win2012r2.com
3 pixel.tapad.com 2 redirects win2012r2.com
3 u.4dex.io ads.pubmatic.com
eus.rubiconproject.com
win2012r2.com
3 sync-dsp.ad-m.asia 3 redirects
3 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
eb2.3lift.com
3 pm.w55c.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
3 adservice.google.co.jp pagead2.googlesyndication.com
imasdk.googleapis.com
3 www.googletagmanager.com win2012r2.com
www.googletagmanager.com
2 www.tns-counter.ru 1 redirects
2 sync.aniview.com onetag-sys.com
2 sync.targeting.unrulymedia.com 2 redirects
2 x01.aidata.io 2 redirects
2 beacon-nf.rubiconproject.com win2012r2.com
2 tpsc-ae1.doubleverify.com cdn.doubleverify.com
2 s.spotim.market visitor.omnitagjs.com
fo-ssp-us-west-2.omnitagjs.com
2 inv-nets.admixer.net 2 redirects
2 vid.vidoomy.com visitor.omnitagjs.com
win2012r2.com
2 r4---sn-3pm76nes.c.2mdn.net win2012r2.com
2 fo-ssp-us-west-2.omnitagjs.com fo-static.omnitagjs.com
2 sync.smartadserver.com 2 redirects
2 px.adhigh.net 2 redirects
2 pool.admedo.com 2 redirects
2 a.vidoomy.com win2012r2.com
2 imasdk.googleapis.com chat.missena.io
imasdk.googleapis.com
2 secure.flashtalking.com googleads.g.doubleclick.net
2 d9.flashtalking.com cdn.flashtalking.com
d9.flashtalking.com
2 static.criteo.net ads.themoneytizer.com
static.criteo.net
2 cdn.flashtalking.com servedby.flashtalking.com
googleads.g.doubleclick.net
2 tps.doubleverify.com cdn.doubleverify.com
2 rtb2-useast.e-volution.ai 2 redirects
2 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 dclk-match.dotomi.com 2 redirects
2 servedby.flashtalking.com googleads.g.doubleclick.net
win2012r2.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 ssum-sec.casalemedia.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 odr.mookie1.com googleads.g.doubleclick.net
onetag-sys.com
2 e.dlx.addthis.com 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 match.sharethrough.com 2 redirects
2 a.c.appier.net 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 mweb.ck.inmobi.com 2 redirects
2 ad.360yield.com 1 redirects ads.themoneytizer.com
2 bidder.criteo.com ads.themoneytizer.com
2 b1h.zemanta.com 1 redirects ads.themoneytizer.com
2 uipglob.semasio.net 1 redirects win2012r2.com
2 ps.eyeota.net 2 redirects
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 ajax.googleapis.com win2012r2.com
d2zur9cc2gf1tx.cloudfront.net
2 cmp.quantcast.com win2012r2.com
cmp.quantcast.com
1 sp.gmossp-sp.jp
1 matching.ivitrack.com win2012r2.com
1 s.seedtag.com win2012r2.com
1 contextual.media.net win2012r2.com
1 sync.taboola.com win2012r2.com
1 cs.adingo.jp win2012r2.com
1 googleads4.g.doubleclick.net win2012r2.com
1 post.update.rubiconproject.com win2012r2.com
1 sync.ipredictive.com win2012r2.com
1 beacon-sjc2.rubiconproject.com win2012r2.com
1 pixel.advertising.com 1 redirects
1 track.adform.net sync.richaudience.com
1 bttrack.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.e-volution.ai 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 gcdn.2mdn.net 1 redirects
1 ice.360yield.com 1 redirects
1 cdn.connectad.io csync.smilewanted.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 tag.imonomy.com win2012r2.com
1 us.ck-ie.com 1 redirects
1 c.bing.com eb2.3lift.com
1 s0.2mdn.net imasdk.googleapis.com
1 ads.stickyadstv.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 cm.adform.net 1 redirects
1 acdn.adnxs.com ads.themoneytizer.com
1 s3-eu-west-1.amazonaws.com win2012r2.com
1 fo-static.omnitagjs.com fo-api.omnitagjs.com
1 chat.missena.io win2012r2.com
1 itx4.smartadserver.com win2012r2.com
1 fo-api.omnitagjs.com win2012r2.com
1 simage4.pubmatic.com ads.pubmatic.com
1 dsp.adkernel.com 1 redirects
1 pixel-apac.rubiconproject.com 1 redirects
1 image4.pubmatic.com win2012r2.com
1 adsd-sync.amanad.adtdp.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 ds.uncn.jp 1 redirects
1 sync-tapi.admatrix.jp 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cr-p10.ladsp.com 1 redirects
1 fksnk.com 1 redirects
1 rtb0.doubleverify.com cdn.doubleverify.com
1 im.bluevoox.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 aid.send.microad.jp 1 redirects
1 d.agkn.com 1 redirects
1 s.tribalfusion.com win2012r2.com
1 a.tribalfusion.com 1 redirects
1 cs.media.net 1 redirects
1 r.turn.com win2012r2.com
1 s-cs.send.microad.jp 1 redirects
1 adx.adform.net ads.themoneytizer.com
1 g2.gumgum.com ads.themoneytizer.com
1 mp.4dex.io ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 bid.missena.io ads.themoneytizer.com
1 hb-api.omnitagjs.com ads.themoneytizer.com
1 tlx.3lift.com ads.themoneytizer.com
1 lb.eu-1-id5-sync.com ads.themoneytizer.com
1 pixel.quantserve.com win2012r2.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 kvt.sddan.com ads.themoneytizer.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
1 ced.sascdn.com ads.themoneytizer.com
1 i.imgvc.com win2012r2.com
1 ad.jp.ap.valuecommerce.com 1 redirects
1 www14.a8.net win2012r2.com
1 www28.a8.net win2012r2.com
1 cdnjs.cloudflare.com win2012r2.com
0 t.adx.opera.com Failed
0 csync.loopme.me Failed ads.pubmatic.com
visitor.omnitagjs.com
686 221

This site contains links to these domains. Also see Links.

Domain
px.a8.net
twitter.com
feedly.com
www.amazon.co.jp
hb.afl.rakuten.co.jp
ck.jp.ap.valuecommerce.com
Subject Issuer Validity Valid
win2012r2.com
R3		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
cmp.quantcast.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
1266287590.rsc.cdn77.org
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.a8.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-05-27 -
2023-06-28		 a year crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-10-26 -
2023-10-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
c.tmyzer.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2022-09-13 -
2023-09-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
adtrack.adleadevent.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-07-12		 5 months crt.sh
kvt.sddan.com
R3		 2023-01-29 -
2023-04-29		 3 months crt.sh
quantserve.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-06-11		 4 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2023-02-02 -
2023-11-06		 9 months crt.sh
*.a-mo.net
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
*.omnitagjs.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-06-15		 4 months crt.sh
*.missena.io
Amazon RSA 2048 M02		 2023-02-28 -
2024-03-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
u.4dex.io
GTS CA 1D4		 2023-03-05 -
2023-06-03		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-18 -
2023-04-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-11 -
2023-11-12		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2024-02-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2022-07-25 -
2023-08-26		 a year crt.sh
dyn.omnitagjs.com
R3		 2023-02-20 -
2023-05-21		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2022-09-21 -
2023-08-30		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-02-13 -
2024-02-15		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-03-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-01-05 -
2023-07-05		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.spot.im
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-01		 8 months crt.sh
match.prod.bidr.io
Amazon RSA 2048 M01		 2023-02-14 -
2023-09-16		 7 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-02-01 -
2023-05-02		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
srv.imonomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-05 -
2024-02-05		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-05-12		 3 months crt.sh
update.rubiconproject.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
itm.ivitrack.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.aniview.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-04		 10 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-02-21 -
2023-05-02		 2 months crt.sh

This page contains 112 frames:

Primary Page: https://win2012r2.com/
Frame ID: 999D48D67D666CA7AAAB327280440EFC
Requests: 236 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Frame ID: A9ADFF00C2B7146EFBF609BBE28FE63E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Frame ID: A2C58D2CB270C66260F7AA7BD1AFAE14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&adk=1812271804&adf=3025194257&lmt=1678153780&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwin2012r2.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779805&bpp=2&bdt=1572&idt=696&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1312555354233&frm=20&pv=2&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=722
Frame ID: 395C3A6DBD61E0319227A8AC22EED7B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Frame ID: 3F9BA419E3F48B6630A3BB5196B83DAA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Frame ID: 8206A7BC5D2C35F004240DFD69A3292D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Frame ID: 88F2854F8B13229F2C7585993D1C95B3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Frame ID: 30D4A5A1123C88641C6C4E6E3F71AC9B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Frame ID: 3E796A5D2A7B152BF94B456D7915D330
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNXzLe3Fg0_HAmZiWacJ5Ytj83Zmsp4qz83io9FyR9wVbpad-qZVSWypJsL7VGgg_acGwWli-G97f9LZISE3jd--JnD2mQBcLKW-o_NEzSq-MMf4Wk0
Frame ID: 133F126380AFC30AA2E4FB51B35E2551
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 989D35BEF97F2A10AD54C605D2C0A836
Requests: 26 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 2DA847E17FEA2AC4D26D3762788B6536
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4C835BBF132861F03FC38AAB050B8F9D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8B25C2B83FAD1EF5BF670C1A61260C9C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB4A321B24DDB2C31FEC7A3819F0F475
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F70B0997AAB2C7C474D86CF0FD2EE113
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4507D443C63A20BB242DFBB028275BF1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0594CFBD63109B54CEF05B0E221E0CC2
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 9CCCD1D15A4A419DA92E8F2180012B62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B46E4855A3FBEBDA0361182E5494AAC4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 79DD48A7C7CD02CAB8D046969951F9D4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 5E4E118660F99774F8A4D8E4ABE48182
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdeaWxWwnu2Pks8AD1u-78hvq88AAAGGucKVhg
Frame ID: 5FB6F1C23BE7A8D8429F735FC1D19C18
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2F0B7D9B47E676A6DFEB31390FC739BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Frame ID: 644A8B289697ED3A93765B9E7AA9E604
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=1O6mHZp4hVj
Frame ID: E959E579D1543B3FB0FF19A7B6D596DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6358988783605550458&gdpr=0&gdpr_consent=
Frame ID: 3D16953E372F542BC56E8812619A9D9F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_f3c38330-d9e2-4b7c-8f45-d852843b1605
Frame ID: D8FCC9081A0FD5FCAF9DB8DB5B02ED38
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZAaYNgAKc_wqmQBh&gdpr=1&gdpr_consent=&_test=ZAaYNgAKc_wqmQBh
Frame ID: F4CF182B991A1AB3FCB9E30AD221E50D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9hkzd49annu4
Frame ID: BA7D3585D645AC5AE40C13DC108A994A
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Frame ID: 8CF103303AC04439E4D5AE88F093B234
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6m3QQUjWAq6a01G0NpgGZA
Frame ID: F600403532CF5FA47129016941F486D5
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 6C9217C531B1097E4576E5802AB4D6E5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=72b43c5b52a64c8c818bfb2e0d02a3ad
Frame ID: 149940B5AB5DEEE261840A48D519EE8C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ooPZNzPWRThG0JJktx8E-9_YTBs&gdpr=0&gdpr_consent=
Frame ID: DA3A792D075DA5E998884B5AFE498122
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ecfe6e23-f069-4e0c-8c82-ce1f8a80e94a
Frame ID: 2319C4837E2C4AAE0522720F935F757B
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 9EA32E14029269F5B88D228F2486E45C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq
Frame ID: 56E30A7D6B638472C69A370F2357B545
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
Frame ID: 0145AAC1425466061490F34DC3859972
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78A0BF4C71E042B3893EE7EC17849ACC&gdpr=0&gdpr_consent=
Frame ID: A53AE99EEAC5AF3128FAE0473FBBDAF9
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Frame ID: 416D921B923B786CFBFDAB06C70BB478
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: EAAA64FB8C78846DD221F8A109CE38AA
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 5DF1738B8C1344521BD6F2693F205453
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: AAD03F4D06A5EC44AA85FE9A633B4F1F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 9E94A15D7C5C7BD794B3EA370E6589F9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3556.js
Frame ID: 9BDB899D705EED3394BAFE37582B305A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8995AF6C69EF1146971E91D68F6D7EF9
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3556.js
Frame ID: 60A26BD7A4C73D061C969DE7A18F745B
Requests: 3 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/passback/moneytizer/300x250.png
Frame ID: E457260591A4E3BF00722C0E77E0DD22
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 2AAE841C06DA3B428821E51F3DFC14C6
Requests: 5 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: F92E90CABC75DC8F4A53672D98FA3A8A
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 8DD97A0C727091D6B611BE50437EBA95
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 2476E6AC4B16A65D7886110890C21D13
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Frame ID: 0BA4142F7E3377BD0EF0BCB18FFB644A
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
Frame ID: 9D59D5269D5136FFCE007CE7D88AB513
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Frame ID: C080073A8D15503A1B725E30C709E8DD
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=bzW3mEwcN2Ru0aydNQEB&pi=gumgum&tc=1
Frame ID: 7DDF2A17109C8A2BAF322A6B592EB58A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZAaYNsCo5ugAAD2MO1IAAAAA
Frame ID: 86C06BDEB1C2F8F357A120D6DFAAEE5D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZAaYNgAKc_wqmQBh&gdpr=0&gdpr_consent=
Frame ID: F2637ACC6E08267F03E5FA2DCFC11DE9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Frame ID: A868B9090C0C37422A11F191E7E778B4
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Frame ID: 83FB29ACA962D1299EC6DEA17604BCA6
Requests: 8 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hNjg3YjFjMi05OTQyLTQwMTktOWI0My04ZDBkNGNlYTg3NWQ=&gdpr=0&gdpr_consent=
Frame ID: 2758D4B2C657DB9D07D6DBCFF79F655D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 48D0F8D48F0930C70E956B3779DCB917
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 01C8DFD5FCF936D7CBD40E9C042A8D90
Requests: 2 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d43443fb-392d-5442-9fa1-7e87fba7e6b2&CACHEBUSTER=122028
Frame ID: CDAC3632F4532C0A11E5BB24449B7AC4
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Frame ID: 916ABD00532824DBA0425E6DABB15F55
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Frame ID: CBB54AB5EE3D59651472CF9B12E3DA31
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Frame ID: 18A0B8F83C895E1962F58846D8D38E0D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: B231A84D7D7F9C84E626641CC8AAE2C8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/GRKNCBZHu6GmWJstQzOlNICU
Frame ID: 61C7DE07CB2389FF32DD7BA073B7D022
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/xandr/6358988783605550458
Frame ID: 59B242295C691E04AF488675C914DA96
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/pubmatic/FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Frame ID: 0BD08F375B691062B51F85A72AA65EBE
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Frame ID: 3E1DDFAF8B590046C95D403569C06C90
Requests: 21 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/4522641d3eddd1ac5c18188ef798b9d0?gdpr_consent=&gdpr=0
Frame ID: 3F0DFB559F3FECD36CFD0492EA73933A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Frame ID: 983ED42EECCE7CB168AE14ECBD606214
Requests: 27 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
Frame ID: 291B965D4CA0A39BBF2F76DE8438E517
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/4c764463a5d4c91dddc9d5a9d11929175ec9ffdc33ee0ad6c1ad831e5e7d7f58
Frame ID: A6391B23CD57D95F80929103BAF6EEBA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/bzW3mEwcN2Ru0aydNQEB?pi=smilewanted&tc=1
Frame ID: 15BFE5145661D3BB4F159922BE16243D
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8a75893f6b215e8485c67c5d4fe6e31
Frame ID: 379771A0E72A170483E338987B06AD06
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: BEFF52C9BC91CB70264A87FAE0386250
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/6496980970204499328
Frame ID: 2A473DCC70231BACB028B2DCCF1CFAC5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/d9e95577-1d4d-4c6a-9037-811ae54d6c81&partner_id=1010
Frame ID: 8410EF5A1A733DBA06B56ED7393BDA07
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LEXLFK09-7-IR3B?gdpr=0
Frame ID: 8A080DFF45B6B3543B2B6E654D7D07C7
Requests: 1 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Frame ID: 8A040E5D30F64CDED391A9C9965FE73B
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Frame ID: 32BA572DBABBCB61AE8F71BCB50860B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 05739FA57C0107311F568DDB0E105291
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 32E3443EC70C4DABACCA9D16E7F7C263
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: D14B29B01A8A00D2653241753D4202D0
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Frame ID: C6BD5D42EC02B0634367F26BB43168F2
Requests: 8 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=undefined
Frame ID: F5D8C761CDAD118E35DAF454FAC85C20
Requests: 6 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/media/tm.png
Frame ID: 74607654A9698898978B4E62A98A78C4
Requests: 1 HTTP requests in this frame

Frame: https://visitor-fra02.omnitagjs.com/visitor/sync?name=PUBMATIC&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Frame ID: 7CF0475B8C056A1C9C2F6D29D0E9D6FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad
Frame ID: C0B691B186B8E2F83D10CA717CA50EEE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: EA8EE209B90886F11F11412EF42F088B
Requests: 3 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: EC03956B1576A8A2BE6D5E2F9A502482
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 50D263A9FD8524B3E42F6730E7459273
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Frame ID: 4F2457C2911C7D5A6E4C573504DD3C85
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Frame ID: A9CB617F1D8A8EC47373DD27B395F4B4
Requests: 8 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
Frame ID: 08A19127111591DF053239C22A2AC29C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: 9199ECC1D8A7117BFEEBCEAAE76FF3E0
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
Frame ID: C1BE91AC7B4897722A78815DC1F7B324
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
Frame ID: 2D611B5154E04AD1D2315136CDB115F2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: BF4F61C39D7581E7F25564914E569835
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
Frame ID: B6D6588460B8E8C7CDA0C3348BCDBD27
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: E3A4331E8452BC053AD913BA58B69404
Requests: 8 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Frame ID: 88E4E28787A04B87D02B5014F152B512
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Frame ID: 3982E099334054E706842129350D81B3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 170E62A817083078899F3400C4A8E5E4
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=win2012r2.com&gdpr=0&gdpr_consent=
Frame ID: 33A73668C9C252DAA15E54800D87D691
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B8998573B27AF59FBAF832EFCD3BA6C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B674028EC61BA34464CB4766BBAED4D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 7307AFAFC15BD5E27CA05F367E1335E3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows 実践ガイド

Page URL History Show full URLs

  1. http://win2012r2.com/ HTTP 302
    https://win2012r2.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

686
Requests

74 %
HTTPS

0 %
IPv6

134
Domains

221
Subdomains

138
IPs

14
Countries

4456 kB
Transfer

15807 kB
Size

251
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://win2012r2.com/ HTTP 302
    https://win2012r2.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3629984&pid=887600039 HTTP 302
  • https://i.imgvc.com/vc/images/1x1.gif
Request Chain 104
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=1&gdpr_consent=
Request Chain 106
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6358988783605550458
Request Chain 108
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhrnCiwApWuZ8hsNgBW_RTiSglBZ3N9KhbA
Request Chain 110
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLSwmqAGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 111
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=As3vSR1NfOhGspBYZN8AlYTbG4XVnPC_66cAc7HupG0
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAaxwKYqoEkZaJkthjKLaPk&google_cver=1
Request Chain 115
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
Request Chain 121
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttl=%%TTL%% HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-80b0tZo2ZH1GuEBWzXMShG9DAka295oejI9R2BPRSA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/3/6/4.gif?puid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/5/5.gif?puid=6358988783605550458&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/4/6.gif?puid=196EA5A50FC48E61&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/3/7.gif?puid=bf954e9859c420674d8c0186ee097e5a&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC4NE7IDTAAACCtMn4Psg HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F1%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/163/1/9.gif?puid=Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F0%2F10.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
Request Chain 138
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*eNcXMvR-IZca4Za4dPGoOVstNGkMpyzq0cYC_xV6knI9QYgSI6IEiXuS8hD99fPi&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-f66f6p8AwwQAt-xqEIltRcwVPRJGDb7PJyOrC5uzJg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6496980970204499328&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/6/3.gif?puid=6358988783605550458&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-80b0tZo2ZH1GuEBWzXMShG9DAka295oejI9R2BPRSA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/3/5/4.gif?puid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttl=%%TTL%% HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/123/3/6.gif?puid=186b9c2995a-5dec0000010e5d96&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC4NE7IDTAAACCtMn4Psg HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F1%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/1/8.gif?puid=196EA5A50FC48E61&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/163/0/9.gif?puid=Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
Request Chain 221
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1&gdpr=0&C=1
Request Chain 223
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAaYNYOJJ4ARKje1WrpskAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1
Request Chain 265
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAJXZ31bVQRt0D3tzlGZAc4&google_cver=1&google_push=Aa02lx8LXaUCYovpfF2SV95Fn5UbQkA75hNpcYMV_YWGdQwfDdSgS6cos07dWrClmhAf4NAWDSzWSh_wvwE-Qio-Q74yhbnBzR4PcvwC9x0oiOe4QE7hj5fwVfo9CSrD1ZLoJF7czkyj7Y_k9-E1rYmdM886Iw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUyOTI1MDIzNjcyMzIwMjA4OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJXZ31bVQRt0D3tzlGZAc4&google_cver=1
Request Chain 266
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEbJ4oyXrv2IHsHDVR8HiP8&google_cver=1&google_push=Aa02lx9X59e1pxZJ_V78swFodhNbmJRkpuGjdMwuZ2s9oiNs61A_1qWizxDJlm1VhgXBPRG09zWiezdYUkbdjKLBFIjlauf_rl4-SeeU8kL8tmS_yjqswAEXrmnD6xAvbQaErJapSm-IW-6suUwnZEg_AGa3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9X59e1pxZJ_V78swFodhNbmJRkpuGjdMwuZ2s9oiNs61A_1qWizxDJlm1VhgXBPRG09zWiezdYUkbdjKLBFIjlauf_rl4-SeeU8kL8tmS_yjqswAEXrmnD6xAvbQaErJapSm-IW-6suUwnZEg_AGa3
Request Chain 267
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9DhrG3GNDMeBtBKsmoTpp3FDCaA&google_gid=CAESEK-cLxJOSBgbAl2edcKBPFs&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9DhrG3GNDMeBtBKsmoTpp3FDCaA&google_gid=CAESEK-cLxJOSBgbAl2edcKBPFs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9DhrG3GNDMeBtBKsmoTpp3FDCaA&google_hm=AVeUWgNYz2uXks8AD1u-78hvm8A
Request Chain 268
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx_ugHzZLGLmVOJM3Hdc199gjm2KH8PqA8hWXt9pNCVCMq6ehBvi6PHpb9NqVsyEmoyCTzFHCxr7QuyHvJ06Hzcd9pbzgVyakcfDvI5Uic0sfa3QpTMVaeiHqUUY6bnbzxtivIuZtoFvTNQyQex3LvYhXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODFjYTU0ODUtOTg4OS00ODhiLWFhOWItNzA5MDZmNjhiNDUw&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx_ugHzZLGLmVOJM3Hdc199gjm2KH8PqA8hWXt9pNCVCMq6ehBvi6PHpb9NqVsyEmoyCTzFHCxr7QuyHvJ06Hzcd9pbzgVyakcfDvI5Uic0sfa3QpTMVaeiHqUUY6bnbzxtivIuZtoFvTNQyQex3LvYhXQ
Request Chain 269
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHMPGc4frW99ucCPf-Gd120&google_cver=1&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQD94hqFs5z6Pbr5NalHjSicufZQM6RHf-eh9YKrN8yOyfqji4BDKxINfq0rmYrn0KyFrtWgPzo1qA HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHMPGc4frW99ucCPf-Gd120&google_cver=1&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQD94hqFs5z6Pbr5NalHjSicufZQM6RHf-eh9YKrN8yOyfqji4BDKxINfq0rmYrn0KyFrtWgPzo1qA&prevuid=03010005_64069836bf1ea&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQD94hqFs5z6Pbr5NalHjSicufZQM6RHf-eh9YKrN8yOyfqji4BDKxINfq0rmYrn0KyFrtWgPzo1qA&google_hm=MDMwMTAwMDVfNjQwNjk4MzZiZjFlYQ%3D%3D
Request Chain 270
  • https://cs.media.net/cksync?type=g&google_gid=CAESECmnZ1eNwg6HOJ4sPF14rR4&google_cver=1&google_push=Aa02lx-wDrNmjnZ_kikikXFCQ486XTGA0Rwv3KtivEi1W0VOzFpgmuPZdZnjsvD0IolFFAY3AeezIxlrJcFhUctA2If51-ma_3yS6l1JxombwObHzpI0s1oXmbhJFLuuFtlR1m7iLEnB3_xSp97w_ViSjf_wsg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&mn_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-wDrNmjnZ_kikikXFCQ486XTGA0Rwv3KtivEi1W0VOzFpgmuPZdZnjsvD0IolFFAY3AeezIxlrJcFhUctA2If51-ma_3yS6l1JxombwObHzpI0s1oXmbhJFLuuFtlR1m7iLEnB3_xSp97w_ViSjf_wsg&gdpr=&gdpr_consent=
Request Chain 271
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAaxwKYqoEkZaJkthjKLaPk&google_cver=1&google_push=Aa02lx8ybdBE9TCwLGMZk-PC-GuDsM1_R41nf2YMbi1LFWVyY9ZZYgBYhpkFlgGhbba35YagnGJxRYwBbBcaC5_uxI4l6snYgcxcQFAbW5BvFLf2nTOacyoMp2387KbTv548YtaV2atqhLPx6aHfL1yZRXSc9QM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhrnCkqrL9zaFQiIfQw9Gr-W7sNJS0iie4A&google_push=Aa02lx8ybdBE9TCwLGMZk-PC-GuDsM1_R41nf2YMbi1LFWVyY9ZZYgBYhpkFlgGhbba35YagnGJxRYwBbBcaC5_uxI4l6snYgcxcQFAbW5BvFLf2nTOacyoMp2387KbTv548YtaV2atqhLPx6aHfL1yZRXSc9QM HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 273
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYpXZb4q9NguoF2Yd81s6M&google_cver=1&google_push=Aa02lx-M-GirUxG-1MMJ5rVIjt_S9W4fqQz1YdKep34o5ZQVPmdmlmjQyvdrfeQdhJcGvevgpzLORAG0UVV1noHCj1z5D77nuSXcsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx-M-GirUxG-1MMJ5rVIjt_S9W4fqQz1YdKep34o5ZQVPmdmlmjQyvdrfeQdhJcGvevgpzLORAG0UVV1noHCj1z5D77nuSXcsQ
Request Chain 274
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENnFw2MRgZEv3d18Yf-0xb0&google_cver=1&google_push=Aa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENnFw2MRgZEv3d18Yf-0xb0&google_cver=1&google_push=Aa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 275
  • https://um.simpli.fi/gp_match?google_gid=CAESED_FHeXItxMoFwqBkjfl96A&google_cver=1&google_push=Aa02lx8o_LKeSMBOaisatB_Psz_ipIQllkvru5z9ehRptpNfTN_SgChuiiB1EMxOBLlk98LlVbjI7QEj_pIpev6JWu-LrCRTWH9_BpU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD22282FBA147A5B2996D4BD8A4ABB1&google_push=Aa02lx8o_LKeSMBOaisatB_Psz_ipIQllkvru5z9ehRptpNfTN_SgChuiiB1EMxOBLlk98LlVbjI7QEj_pIpev6JWu-LrCRTWH9_BpU
Request Chain 276
  • https://a.c.appier.net/gcm?google_gid=CAESEJEo8LM9KpqpruJYb3cK9rY&google_cver=1&google_push=Aa02lx-w_iirYj1myAL-j0o55MXwMDUUVaz4n3_Xe4y1opX7UnLjvqhqz26w2OeaZO8CoTYxBlS4L2eYOLrj84T2zF6yTeDQMcoQzwY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0QxdDhSb01CcVNxMXIwLU5wZ0daQQ%3D%3D&google_push=Aa02lx-w_iirYj1myAL-j0o55MXwMDUUVaz4n3_Xe4y1opX7UnLjvqhqz26w2OeaZO8CoTYxBlS4L2eYOLrj84T2zF6yTeDQMcoQzwY
Request Chain 277
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP774jOwe_i4dC24Q-63kg4&google_cver=1&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2WmxpJE1Vu-i_SmEGdhOG5HIU_Kwbzgg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP774jOwe_i4dC24Q-63kg4&google_cver=1&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2WmxpJE1Vu-i_SmEGdhOG5HIU_Kwbzgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMzNjkzMzM0ODEwNzc5MzgyMQ&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2WmxpJE1Vu-i_SmEGdhOG5HIU_Kwbzgg
Request Chain 278
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBta_aTOGJjArtPVrfrgrdk&google_cver=1&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyqoQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBta_aTOGJjArtPVrfrgrdk&google_cver=1&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyqoQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyqoQ&google_hm=_3d7n1gTxKYYJA_A2Uts_w==
Request Chain 279
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJieX5dK16L0TZiVpUq4ktk&google_cver=1&google_push=Aa02lx_Y6FpngBKIlDdPF8MAAAFoWRSRT-C_a113x_HUXjLv29oCGBG14ZXCJWZHw_jepbf4-X1KNr4LpzI5ueAA5c-cyiiuxa6WRyPI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTQyZDhmNjEtYjYzYS00ODM4LThkYzAtODk3YmI5YTAyMDY5&google_push=Aa02lx_Y6FpngBKIlDdPF8MAAAFoWRSRT-C_a113x_HUXjLv29oCGBG14ZXCJWZHw_jepbf4-X1KNr4LpzI5ueAA5c-cyiiuxa6WRyPI
Request Chain 289
  • https://d.agkn.com/pixel/2175/?google_gid=CAESECoonTZVXczNcT-JW9dU8SM&google_cver=1&google_push=Aa02lx9n2ph1wSL2gONOo9uySlqGl5vxEiCRT8OaffuH0wHc1UoRdZDUbzH_-vS9N_gIt2xvn0eNSBIRhUZaBjOuFHZKiRUd2AOf1Cs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9n2ph1wSL2gONOo9uySlqGl5vxEiCRT8OaffuH0wHc1UoRdZDUbzH_-vS9N_gIt2xvn0eNSBIRhUZaBjOuFHZKiRUd2AOf1Cs&google_hm=Q0FFU0VDb29uVFpWWGN6TmNULUpXOWRVOFNN
Request Chain 290
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_99CeGdUK3KWU5XrCSRQ3JUTcb0GuFMChXVtx4SeofNwPnmoS3xpi4yI0NCrdwKAeWuZnhCkhNiqI9q9YKFtVv661bTBrueFM&google_gid=CAESEPCxY6rELTAtFEhLBj5Nh9I&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_99CeGdUK3KWU5XrCSRQ3JUTcb0GuFMChXVtx4SeofNwPnmoS3xpi4yI0NCrdwKAeWuZnhCkhNiqI9q9YKFtVv661bTBrueFM&google_gid=CAESEPCxY6rELTAtFEhLBj5Nh9I&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDcwMTQ5NDIwMDAxNzQ3OTExNzE1Nw%3D%3D&google_push=Aa02lx_99CeGdUK3KWU5XrCSRQ3JUTcb0GuFMChXVtx4SeofNwPnmoS3xpi4yI0NCrdwKAeWuZnhCkhNiqI9q9YKFtVv661bTBrueFM
Request Chain 291
  • https://aid.send.microad.jp/g/asr?google_gid=CAESEH9BEzo_Q3fSY5kSFcgt04w&google_cver=1&google_push=Aa02lx9b3EpKsFeDUyLmhymEoFdPfQirf_YgvrESEq2_EvDYktuM5ucCSIpJhy5FEJOFq4tGrGgo4oaf-m9d9WuoNbJYvd_6yKDfpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=KA6l7/6j4RJeNArhUkEVvw==
Request Chain 293
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEd1TSH6vuqQ3d9TrdW_Hmg&google_cver=1&google_push=Aa02lx9OZxMgprwXJEPlKpSjkixU8ftAWjGQDp3dckfl819d02YpgbwGbM-7MpMdipGNLqUdozCwvV9fvUkfQWiCeNJspJsfhXFpfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=zudpqTa7RwFiNkJ4Dwk_79_YTBs&google_push=Aa02lx9OZxMgprwXJEPlKpSjkixU8ftAWjGQDp3dckfl819d02YpgbwGbM-7MpMdipGNLqUdozCwvV9fvUkfQWiCeNJspJsfhXFpfw
Request Chain 294
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx8gchn6iavrpCkeCFZUOfozTKstPMzQZZFbf_5-s4ukVp7Uu3XUWnkQ6SUIxtOnP6geMo1kmrrTcPMT6td6lB9bAe9f8RWBVOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8gchn6iavrpCkeCFZUOfozTKstPMzQZZFbf_5-s4ukVp7Uu3XUWnkQ6SUIxtOnP6geMo1kmrrTcPMT6td6lB9bAe9f8RWBVOw&google_hm=WkFhWU5zQ281dWdBQUQyTU8xSUFBQUFB
Request Chain 301
  • https://um.simpli.fi/gp_match?google_gid=CAESED_FHeXItxMoFwqBkjfl96A&google_cver=1&google_push=Aa02lx8kqfwYnxkQQcvgkty9iUm4hmtThmr9nsmZBNQACM5ORLq2cvz6U5hzEFGBPkNRqZ2EhMxjwL9wo8IqBhCx5YvmAM_OlH-2o7Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEC3FB92D8444436858C19291E755CB3&google_push=Aa02lx8kqfwYnxkQQcvgkty9iUm4hmtThmr9nsmZBNQACM5ORLq2cvz6U5hzEFGBPkNRqZ2EhMxjwL9wo8IqBhCx5YvmAM_OlH-2o7Y
Request Chain 302
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK1OnQhdb02fLw-U5yIoBg4&google_cver=1&google_push=Aa02lx8Bh0d3-ZBzj3h3sNL4KmYIpOP_am7pm1OC5H9Bq_Cri73q1ha34Zgzm4PQ3io1fqoD-4GKpXGn-A1Q8rmZ_kq-vXyVeQHNma8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTFmMjI4YjUtMzVjMC00YTZmLWFiYTEtMGJjN2M5ZWQ4ZjMy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
Request Chain 303
  • https://a.c.appier.net/gcm?google_gid=CAESEJEo8LM9KpqpruJYb3cK9rY&google_cver=1&google_push=Aa02lx_EBPlVbaFHGpq6IsUfK7TeB52IwTc3wO7zNJl3NI9BBdxZDQiE9UwPX6-lOMNccIu3o47aw8nYI1fkpsQck_suuXHvQ_GLVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Nm0zUVFValdBcTZhMDFHME5wZ0daQQ%3D%3D&google_push=Aa02lx_EBPlVbaFHGpq6IsUfK7TeB52IwTc3wO7zNJl3NI9BBdxZDQiE9UwPX6-lOMNccIu3o47aw8nYI1fkpsQck_suuXHvQ_GLVA
Request Chain 304
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEMACEd174y3p0RazuFHG1Io&c_param1=Aa02lx8vWUSDqT5zUcARR5mDWAnMZS6NqbMfj8QpswEIYvuSs8eeA1llDFtSayE107RP_vfj2gDxhhwPbHJVgwuYjlU8tmntJvavYjs&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx8vWUSDqT5zUcARR5mDWAnMZS6NqbMfj8QpswEIYvuSs8eeA1llDFtSayE107RP_vfj2gDxhhwPbHJVgwuYjlU8tmntJvavYjs
Request Chain 305
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEd1TSH6vuqQ3d9TrdW_Hmg&google_cver=1&google_push=Aa02lx8-8qbPPxqL3ldUOSl2DttJTyUeJrNqbcWRY6cL0NRobrc_jM5JDOCAKpzQPLOraN_gR9Mh2njIRCCbG1Iry0xbXiu7ye0bCA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZFMzxREZQypKUCTAAX1W4t_YTBs&google_push=Aa02lx8-8qbPPxqL3ldUOSl2DttJTyUeJrNqbcWRY6cL0NRobrc_jM5JDOCAKpzQPLOraN_gR9Mh2njIRCCbG1Iry0xbXiu7ye0bCA
Request Chain 306
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx_afnFR7zg_DT2ErsYHnWlCPSJTLNtW7DZLFzuZNGHseNjE5cTOuiwV3VVH0ZPqh0f_2wbsFYGsFkly1gQIpPXLnaYiLP_MTYA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_afnFR7zg_DT2ErsYHnWlCPSJTLNtW7DZLFzuZNGHseNjE5cTOuiwV3VVH0ZPqh0f_2wbsFYGsFkly1gQIpPXLnaYiLP_MTYA&google_hm=WkFhWU5zQ281czBBQUNlbXJrc0FBQUFB
Request Chain 307
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDZ9sXx3irhdvLYkL-PXAZI&google_cver=1&google_push=Aa02lx8hYoo1ymRaA4Ioz2q3QDUb4ype2WLt5j94hGjlYXjsId_Uz9RMIhIS0F4v-6gjvWDHMnEEqX3VyhMg1p-kl6Ow0D4_Oc--f95a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8hYoo1ymRaA4Ioz2q3QDUb4ype2WLt5j94hGjlYXjsId_Uz9RMIhIS0F4v-6gjvWDHMnEEqX3VyhMg1p-kl6Ow0D4_Oc--f95a&google_hm=QlMuNWIxMC03ZTdjLTRhZTQtYmIyMA==
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&google_gid=CAESEN2xFpObl-mMRNWFJWQ_-9U&google_cver=1
Request Chain 325
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df246f68c-cb1b-42f4-8253-80e8a5885b75 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df246f68c-cb1b-42f4-8253-80e8a5885b75 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75
Request Chain 326
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dsp=TTD
Request Chain 327
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fwin2012r2.com%252F%26hn_ver%3D40%26fid%3Df246f68c-cb1b-42f4-8253-80e8a5885b75%26dsp%3Dpub_common%26dsp_uid%3Dfe4fb912-a987-4b9f-8457-550fd698c4b8 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=6358988783605550458&pid=12771&ref=&url=https%3A%2F%2Fwin2012r2.com%2F&hn_ver=40&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&dsp=pub_common&dsp_uid=fe4fb912-a987-4b9f-8457-550fd698c4b8
Request Chain 328
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj217uwozrZzwMof94T_5dxbb&google_gid=CAESEK-cLxJOSBgbAl2edcKBPFs&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj217uwozrZzwMof94T_5dxbb&google_gid=CAESEK-cLxJOSBgbAl2edcKBPFs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj217uwozrZzwMof94T_5dxbb&google_hm=AVeUWgNYz2uXks8AD1u-78hvm8A
Request Chain 329
  • https://fksnk.com/cs/google?google_gid=CAESEBK9uZtUmV-z8a_f1xkbHz8&google_cver=1&google_push=Aa02lx_L5gLpMvObceeq34fn9o3dOvGpv1JtuknugJI9btKPA47DmZiyC7t1_mO8rhW03GPWtAqVADqGzEhf9H2h-1Vq4_EO6HSGX0BMuu6HsqjbiBVKXo3z3y_5I6TCKXBehT7bEMjpRZfGUOrdWLPH6BdwOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUMyNENBQTdFMTU5MjJGMw==
Request Chain 330
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA8ZJIMRbIvJE3yz9pn-nRk&google_cver=1&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNjoxL6RK3_1m_szc_m662odAp1IwYsvAhTJW5TGa0CRyJknZ1RMEZ9V3ooFnCsA3d1PZWnOz_g HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEA8ZJIMRbIvJE3yz9pn-nRk&google_cver=1&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNjoxL6RK3_1m_szc_m662odAp1IwYsvAhTJW5TGa0CRyJknZ1RMEZ9V3ooFnCsA3d1PZWnOz_g HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e88aa6a0-c4f3-4f4f-9ec7-3293d82a96f2&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNjoxL6RK3_1m_szc_m662odAp1IwYsvAhTJW5TGa0CRyJknZ1RMEZ9V3ooFnCsA3d1PZWnOz_g&google_hm=EpmrRwa2RBOSaDbp_kxhjQ==
Request Chain 331
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP774jOwe_i4dC24Q-63kg4&google_cver=1&google_push=Aa02lx_c0NpLLauOPAY7W70Gcr-9DKeL93249_P2kVjbLj0mXCxS2r63LLKnuqozIf6xdGZ8T0SO_fEXcp-M__71W8ukze8BTbk1G97gNK_DbObrFEHLQEBx77SNAF3jvhNuXpSRTH-oplTrOammMibJxGV_kQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5Mjk5Njg3ODE5NzY2MjY4MA&google_push=Aa02lx_c0NpLLauOPAY7W70Gcr-9DKeL93249_P2kVjbLj0mXCxS2r63LLKnuqozIf6xdGZ8T0SO_fEXcp-M__71W8ukze8BTbk1G97gNK_DbObrFEHLQEBx77SNAF3jvhNuXpSRTH-oplTrOammMibJxGV_kQ
Request Chain 332
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECFIj6pxsdC1cKbVrefUvko&google_cver=1&google_push=Aa02lx_zIvQ4SdqR6-7nR82UfyGgGa4IFsWx_qjpwn7uVqdosu8Dtpadn3q_e2w8GqCa0UN8S1kAbcqtN2toyPdorc9Hd7jtPPNdlt8xm5JQtwRD1-rN6CkvJy6xRuxPA0UgAvUziJaH4DfpmUIV5WNilRF6lw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECFIj6pxsdC1cKbVrefUvko&google_cver=1&google_push=Aa02lx_zIvQ4SdqR6-7nR82UfyGgGa4IFsWx_qjpwn7uVqdosu8Dtpadn3q_e2w8GqCa0UN8S1kAbcqtN2toyPdorc9Hd7jtPPNdlt8xm5JQtwRD1-rN6CkvJy6xRuxPA0UgAvUziJaH4DfpmUIV5WNilRF6lw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Yyf-IyASHSwKNubADCM5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_zIvQ4SdqR6-7nR82UfyGgGa4IFsWx_qjpwn7uVqdosu8Dtpadn3q_e2w8GqCa0UN8S1kAbcqtN2toyPdorc9Hd7jtPPNdlt8xm5JQtwRD1-rN6CkvJy6xRuxPA0UgAvUziJaH4DfpmUIV5WNilRF6lw
Request Chain 333
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEPiyQi9HF0KO_MBS2FsvHk&google_cver=1&google_push=Aa02lx_AS-qX0FYy6Du_rOUXpLPbtPEWdHaZomSBttUFloIhPTLZ_gLPzJH1OL5EaPmqoB7KzWoH6P1RRWKxQ4iWH98KYtc4Iz6anJrUuh7KmeiaswBbpC1qi2j5qE_hYgFnHDPBWVfup-13fqXuiTpSeiFXWQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEPiyQi9HF0KO_MBS2FsvHk&google_hm=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB&google_nid=index&google_push=Aa02lx_AS-qX0FYy6Du_rOUXpLPbtPEWdHaZomSBttUFloIhPTLZ_gLPzJH1OL5EaPmqoB7KzWoH6P1RRWKxQ4iWH98KYtc4Iz6anJrUuh7KmeiaswBbpC1qi2j5qE_hYgFnHDPBWVfup-13fqXuiTpSeiFXWQ
Request Chain 334
  • https://an.yandex.ru/mapuid/google/CAESEPhSI6LFaBzF1NgowDRjwkY?ext-param=Aa02lx9awmyFyafVNsZ9CYJqQX-P_F904mo58X0H8MZqgCeik41IMQykC-a-ZZdJp1xrNzaaswrooXXgnJgNL9-ZP5Giw9cJTOtL6N4LlotlPqNVW_4O1YLeK8px9qcqbpx7hHBWRx0HljKEfQXjsXLDy2jA1g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEPhSI6LFaBzF1NgowDRjwkY?redir-setuniq=1&ext-param=Aa02lx9awmyFyafVNsZ9CYJqQX-P_F904mo58X0H8MZqgCeik41IMQykC-a-ZZdJp1xrNzaaswrooXXgnJgNL9-ZP5Giw9cJTOtL6N4LlotlPqNVW_4O1YLeK8px9qcqbpx7hHBWRx0HljKEfQXjsXLDy2jA1g&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPhSI6LFaBzF1NgowDRjwkY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 336
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 338
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdeaWxWwnu2Pks8AD1u-78hvq88AAAGGucKVhg
Request Chain 340
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Request Chain 341
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%2526piggybackCookie%253D%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=5b1d594c-ef04-419c-902e-63121be65e5a HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=1O6mHZp4hVj
Request Chain 342
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6358988783605550458&gdpr=0&gdpr_consent=
Request Chain 343
  • https://ds.uncn.jp/pm/0/sync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_f3c38330-d9e2-4b7c-8f45-d852843b1605
Request Chain 344
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZAaYNgAKc_wqmQBh HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZAaYNgAKc_wqmQBh&gdpr=1&gdpr_consent=&_test=ZAaYNgAKc_wqmQBh
Request Chain 345
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9hkzd49annu4
Request Chain 347
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6m3QQUjWAq6a01G0NpgGZA
Request Chain 349
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=72b43c5b52a64c8c818bfb2e0d02a3ad
Request Chain 350
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ooPZNzPWRThG0JJktx8E-9_YTBs&gdpr=0&gdpr_consent=
Request Chain 351
  • https://adsd-sync.amanad.adtdp.com/pubmaticsync?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ecfe6e23-f069-4e0c-8c82-ce1f8a80e94a
Request Chain 353
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq
Request Chain 354
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
Request Chain 355
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78A0BF4C71E042B3893EE7EC17849ACC&gdpr=0&gdpr_consent=
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Yyf-IyASHSwKNubADCM5A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 358
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FD8C9FF8-8C80-4874-B028-DB9B00308CE4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttd_puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae%2C%2C
Request Chain 359
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent=&ct=y
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkQ4QzlGRjgtOEM4MC00ODc0LUIwMjgtREI5QjAwMzA4Q0U0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECE_1AZHgJbjG94P1rPcib0&google_cver=1
Request Chain 364
  • https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZAaYNsCo5s0AACemrnkAAAAA
Request Chain 365
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
Request Chain 367
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5358275005561920827
Request Chain 369
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RphdAOBE2uVlWL_iDtZm3DeY3gzfWbQ-~A&gdpr=0
Request Chain 370
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7745423018836985897&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 371
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=59887ba7995f1b35&is_secure=true&networkId=17100&version=1&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhGv4L_lq8QNBAKsEAAAAAAA&expiration=1678240183&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 372
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 387
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Request Chain 388
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gD_0s1IaVVEeBAhKw3tAdw?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
Request Chain 389
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXLFK09-7-IR3B&gdpr=0
Request Chain 390
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ly63OGSrTbKiQeqky2KriA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ly63OGSrTbKiQeqky2KriA&gdpr=0
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
Request Chain 392
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFiODg4OGRjMmQxMDM1MDU5NGUxMWI0YWI5NDQ1MDg1OWZkNzRiNQ&gdpr=0
Request Chain 393
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYTEZLMDktNy1JUjNC&gdpr=0
Request Chain 394
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xB9e98txTReNYR4u3JhrAw&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xB9e98txTReNYR4u3JhrAw&gdpr=0
Request Chain 395
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
Request Chain 399
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB
Request Chain 406
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECaxC1LwvSmPCAJwWatwbtM&google_cver=1&google_push=Aa02lx_zkl4Bfp0pciGtwk1deBioKr_FhOgr11t4sfiPU6zYlB9VtDYrqz4v90SXIj7DzScAe1Ohcd3jIDBTncoGs2h9ZK0PJ-gm HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=761ce0e4cdc21b35&is_secure=true&networkId=14000&version=1&google_gid=CAESECaxC1LwvSmPCAJwWatwbtM&google_cver=1&google_push=Aa02lx_zkl4Bfp0pciGtwk1deBioKr_FhOgr11t4sfiPU6zYlB9VtDYrqz4v90SXIj7DzScAe1Ohcd3jIDBTncoGs2h9ZK0PJ-gm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqn1gU8TlrAM3mFssAAAAAAA&expiration=1678240183&google_cver=1&is_secure=true&google_gid=CAESECaxC1LwvSmPCAJwWatwbtM&google_push=Aa02lx_zkl4Bfp0pciGtwk1deBioKr_FhOgr11t4sfiPU6zYlB9VtDYrqz4v90SXIj7DzScAe1Ohcd3jIDBTncoGs2h9ZK0PJ-gm
Request Chain 407
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYpXZb4q9NguoF2Yd81s6M&google_cver=1&google_push=Aa02lx_OLf4MfemrLNcMtipUmgD62cO8wvZTjLmqz3xuJfNzVvAo0PufkGZguLfkDdyd2CuiWvlu9T4JGC51Gj-JW3vwrETcfMGi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx_OLf4MfemrLNcMtipUmgD62cO8wvZTjLmqz3xuJfNzVvAo0PufkGZguLfkDdyd2CuiWvlu9T4JGC51Gj-JW3vwrETcfMGi
Request Chain 408
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx8TkJb6nlffPt5Wvdu4WeQGlHA6ehGqBZjEEhjZOhPtidnLiBBRhXIlfrfRz_kBGvDAn_mYHnuupwD_fHJevKae9vsWNBJ_rw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODRkYjA2MzgtNDE3YS00OTdmLWI5NzUtZWY3NzAxZDUwNTIx&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx8TkJb6nlffPt5Wvdu4WeQGlHA6ehGqBZjEEhjZOhPtidnLiBBRhXIlfrfRz_kBGvDAn_mYHnuupwD_fHJevKae9vsWNBJ_rw
Request Chain 409
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFHYqzMY7waOxoHlNqSMfLA&google_cver=1&google_push=Aa02lx_HZppD4nEMc_HdgdN3AxHjUvReaKAcx9s4F9-qDaMhtk7ys8oMxI2te7FRUTRSr-ZC3HMV1MybITht9fiMDMWKF89m2TUJ4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx_HZppD4nEMc_HdgdN3AxHjUvReaKAcx9s4F9-qDaMhtk7ys8oMxI2te7FRUTRSr-ZC3HMV1MybITht9fiMDMWKF89m2TUJ4w&google_hm=NjQ5Njk4MDk3MDIwNDQ5OTMyOA%3D%3D
Request Chain 410
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx_ZlQBgW2fub2VxzLX9Hbj5HowvZ5yPXndByN-mxTY7CrI3yCGDhF_0kNCRN2nyhwj5ONUxeM4AybwLqIn0DNulQoY51fhvYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_ZlQBgW2fub2VxzLX9Hbj5HowvZ5yPXndByN-mxTY7CrI3yCGDhF_0kNCRN2nyhwj5ONUxeM4AybwLqIn0DNulQoY51fhvYg&google_hm=WkFhWU5zQ281dWdBQUQyTU8xSUFBQUFB
Request Chain 411
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAMfgjjVdo2f4UjyD-w5N5k&google_cver=1&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y58aR9Uv_b0y2uOZ6qXhv4hg HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEAMfgjjVdo2f4UjyD-w5N5k%26google_cver%3D1%26google_push%3DAa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y58aR9Uv_b0y2uOZ6qXhv4hg HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4266243696831783884&exchange=193&google_gid=CAESEAMfgjjVdo2f4UjyD-w5N5k&google_cver=1&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y58aR9Uv_b0y2uOZ6qXhv4hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyNjYyNDM2OTY4MzE3ODM4ODQ&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y58aR9Uv_b0y2uOZ6qXhv4hg
Request Chain 412
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDs02IYH36zWfRt3rIdkc68&google_cver=1&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9VBqJ4g_Msm59y8WInZSXJp8aug HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEDs02IYH36zWfRt3rIdkc68&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9VBqJ4g_Msm59y8WInZSXJp8aug&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9VBqJ4g_Msm59y8WInZSXJp8aug&google_hm=Uk1td083X2hhVzFiNkNvMDFsU00=
Request Chain 448
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 452
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
Request Chain 454
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=bzW3mEwcN2Ru0aydNQEB&pi=gumgum&tc=1
Request Chain 455
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZAaYNsCo5ugAAD2MO1IAAAAA
Request Chain 456
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZAaYNgAKc_wqmQBh&gdpr=0&gdpr_consent=
Request Chain 457
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Request Chain 462
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 303
  • https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=5358275005561920827
Request Chain 463
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6358988783605550458
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e1b36406-9833-4700-987f-7a2b103fd427&expires=30&ssp=vidoomy&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
Request Chain 465
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253D58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50
Request Chain 466
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
Request Chain 467
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DH5SXQY3IMFXGOZJ5OBZGKYTJMQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Request Chain 468
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dd27bb356-86ab-47b5-b718-4ea1dccfe68c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F213%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd27bb356-86ab-47b5-b718-4ea1dccfe68c%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kMjdiYjM1Ni04NmFiLTQ3YjUtYjcxOC00ZWExZGNjZmU2OGM%253D%26uid%3D%24UID
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=d27bb356-86ab-47b5-b718-4ea1dccfe68c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=d27bb356-86ab-47b5-b718-4ea1dccfe68c HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
Request Chain 471
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LEXLFK09-7-IR3B&gdpr=0&us_privacy=1---
Request Chain 474
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1299ab47-06b6-4413-9268-36e9fe4c618d HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1299ab47-06b6-4413-9268-36e9fe4c618d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a5658da7-0350-48b5-88d3-7e514c81a88f&user_group=1&ssp=between&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
Request Chain 475
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=UldjzdLUJN.AikABlGGucKpyw
Request Chain 476
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1rcmcwRXFWRTJ1RXFVc1hCR1FYSGFOejhEeGJEZTNvekZhNEVaWkktfkE%3D&gdpr=0
Request Chain 480
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
Request Chain 482
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Request Chain 483
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Request Chain 484
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Request Chain 485
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-gLp_2phE2pkR4qBMxzwpQjCtP1FRyjKuDPi4Pw--~A&expires=5&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 488
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=undefined&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D HTTP 302
  • https://sync.missena.io/improvedigital/d9e95577-1d4d-4c6a-9037-811ae54d6c81
Request Chain 489
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Request Chain 491
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=undefined&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D HTTP 302
  • https://sync.missena.io/smart/6496980970204499328
Request Chain 492
  • https://csync.smilewanted.com/getuid?gdpr=0&gdpr_consent=undefined&pubid=3924&redirect=https%3A%2F%2Fsync.missena.io%2Fsmilewanted%2F%24UID&source=openrtb-via-prebid-server HTTP 302
  • https://sync.missena.io/smilewanted/f79db6022e320fafa203ab9e5911702f
Request Chain 496
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/GRKNCBZHu6GmWJstQzOlNICU
Request Chain 497
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.missena.io%2Fxandr%2F%24UID HTTP 302
  • https://sync.missena.io/xandr/6358988783605550458
Request Chain 499
  • https://ups.analytics.yahoo.com/ups/58673/occ?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://sync.missena.io/yahoo/y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A?gdpr=0
Request Chain 500
  • https://sync.missena.io/adyoulike?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Request Chain 502
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/4522641d3eddd1ac5c18188ef798b9d0?gdpr_consent=&gdpr=0
Request Chain 507
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 508
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTA4NTAwMzY3ODIxNzYzNTk2MjEzMA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 509
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO-4DW_tU-IO6zJBI9WGyHE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 510
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTA4NTAwMzY3ODIxNzYzNTk2MjEzMA%3D%3D
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1085003678217635962130&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5358275005561920827&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 513
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1085003678217635962130?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CL6APvhE2oSySN2uaCM6dBrulCv6OKl3PvLaeOEWlA--~A&dongle=0883
Request Chain 516
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6358988783605550458&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 517
  • https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
Request Chain 518
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=missena&gdpr=0&gdpr_consent=undefined&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B HTTP 302
  • https://sync.missena.io/magnite/LEXLFK09-7-IR3B?gdpr=0&gdpr_consent=undefined
Request Chain 519
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/4c764463a5d4c91dddc9d5a9d11929175ec9ffdc33ee0ad6c1ad831e5e7d7f58
Request Chain 520
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/bzW3mEwcN2Ru0aydNQEB?pi=smilewanted&tc=1
Request Chain 526
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8a75893f6b215e8485c67c5d4fe6e31
Request Chain 528
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/6496980970204499328
Request Chain 530
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/d9e95577-1d4d-4c6a-9037-811ae54d6c81&partner_id=1010
Request Chain 532
  • https://gcdn.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/164F8F5BFC504363A15005F0CF1F739D34D6E48F.2467A5871CAAB8767BC79105E9073345E1577EF4/key/ck2/file/file.mp4?cpn=_HzJ0GiXfnE-Gaj0 HTTP 302
  • https://r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/201A7C4AFB0148AAD49E69BE0A25373FB8FE8BB0.2894ADCDAE52BC12C4034B7B55D991976FB769DA/key/cms1/cms_redirect/yes/mh/8v/mip/223.216.76.27/mm/42/mn/sn-3pm76nes/ms/onc/mt/1678153478/mv/m/mvi/4/pl/15?cpn=_HzJ0GiXfnE-Gaj0&file=file.mp4
Request Chain 533
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LEXLFK09-7-IR3B?gdpr=0
Request Chain 534
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6358988783605550458&gdpr=0&gdpr_consent=undefined HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6358988783605550458
Request Chain 535
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6358988783605550458&gdpr=0&gdpr_consent=undefined HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6358988783605550458
Request Chain 536
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5358275005561920827&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=1299ab47-06b6-4413-9268-36e9fe4c618d&name=BIDSWITCH&gdpr=&gdpr_consent= HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=&gdpr_consent=&name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=1299ab47-06b6-4413-9268-36e9fe4c618d
Request Chain 537
  • https://creativecdn.com/cm-notify?pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=f3nEWoZhxrOawts6P1fR&name=RTB_HOUSE&pi=adyoulike&tc=1 HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=f3nEWoZhxrOawts6P1fR
Request Chain 541
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&name=THE_TRADE_DESK HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=THE_TRADE_DESK&uid=8122fdac60517b1efe1389612f3dfb34&visitor=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
Request Chain 543
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TTFZRW63JPOZUXG2LUN5ZC643ZNZRT6ZLYMNUGC3THMU6WCZDZN52WY2LLMUTGOZDQOI6TAJTHMRYHEX3DN5XHGZLOOQ6XK3TEMVTGS3TFMQTG4YLNMU6VURKNIFHFIQK7JZAVISKWIVPTCXZSEZ2HI3B5G4ZDAJTVNFSD2ZRSMQ4TCMZWMNTDKM3EMVSGKN3GHAZWEYJRGYYTOMLBGM3WMZDEEZ3GS43JORXXEPKSJVWXOTZXL5UGCVZRMI3EG3ZQGFWFGTI&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TTFZRW63JPOZUXG2LUN5ZC643ZNZRT6ZLYMNUGC3THMU6WCZDZN52WY2LLMUTGOZDQOI6TAJTHMRYHEX3DN5XHGZLOOQ6XK3TEMVTGS3TFMQTG4YLNMU6VURKNIFHFIQK7JZAVISKWIVPTCXZSEZ2HI3B5G4ZDAJTVNFSD2ZRSMQ4TCMZWMNTDKM3EMVSGKN3GHAZWEYJRGYYTOMLBGM3WMZDEEZ3GS43JORXXEPKSJVWXOTZXL5UGCVZRMI3EG3ZQGFWFGTI HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=RMmwO7_haW1b6Co01lSM HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=RMmwO7_haW1b6Co01lSM
Request Chain 544
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TTFZRW63JPOZUXG2LUN5ZC643ZNZRT6ZLYMNUGC3THMU6WCZDZN52WY2LLMUTGOZDQOI6TAJTHMRYHEX3DN5XHGZLOOQ6XK3TEMVTGS3TFMQTG4YLNMU6VURKNIFHFIQK7IJAU4TSFKITHI5DMHU3TEMBGOVUWIPLCMRSWMNTCMQ4TKYRXGQ2TAYRUMU3DEYJTGJSGEODDG5SDQYZZMQTHM2LTNF2G64R5KJGW252PG5PWQYKXGFRDMQ3PGAYWYU2N&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TTFZRW63JPOZUXG2LUN5ZC643ZNZRT6ZLYMNUGC3THMU6WCZDZN52WY2LLMUTGOZDQOI6TAJTHMRYHEX3DN5XHGZLOOQ6XK3TEMVTGS3TFMQTG4YLNMU6VURKNIFHFIQK7IJAU4TSFKITHI5DMHU3TEMBGOVUWIPLCMRSWMNTCMQ4TKYRXGQ2TAYRUMU3DEYJTGJSGEODDG5SDQYZZMQTHM2LTNF2G64R5KJGW252PG5PWQYKXGFRDMQ3PGAYWYU2N HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=RMmwO7_haW1b6Co01lSM HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=RMmwO7_haW1b6Co01lSM
Request Chain 545
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Devolution&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9285c005-457f-4dae-912f-8d0b873c85f9&name=evolution HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9285c005-457f-4dae-912f-8d0b873c85f9
Request Chain 546
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08d02204203481a2ac2cf407&gdpr=0&gdprConsent=undefined HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=undefined&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08d02204203481a2ac2cf407
Request Chain 547
  • https://sync.srv.stackadapt.com/sync?nid=33 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-645333c5-1119-432a-4a50-24c0017d56e2$ip$223.216.76.27&name=STACKADAPT HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-645333c5-1119-432a-4a50-24c0017d56e2%24ip%24223.216.76.27
Request Chain 548
  • https://cs.admanmedia.com/4b8f8957881b0c14cfc1656ea578b9f9.gif?&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dac67699ebc4111389a3cf1998c4bd2dc%26name%3DACUITY%26visitor%3D%5BUID%5D&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=ac67699ebc4111389a3cf1998c4bd2dc&name=ACUITY&visitor=a3cf1e83-29af-4774-b174-6bcf5fc376dd HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=ACUITY&uid=ac67699ebc4111389a3cf1998c4bd2dc&visitor=a3cf1e83-29af-4774-b174-6bcf5fc376dd
Request Chain 549
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent=undefined HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GRKNCBZHu6GmWJstQzOlNICU HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GRKNCBZHu6GmWJstQzOlNICU
Request Chain 550
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D171e1b3d878c5443361586e41274318e%26name%3DADMIXER%26visitor%3D%24%24visitor_cookie%24%24&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
Request Chain 551
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=d43443fb-392d-5442-9fa1-7e87fba7e6b2&name=BETWEENX HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=d43443fb-392d-5442-9fa1-7e87fba7e6b2
Request Chain 552
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=32321738-2cdf-4b27-a930-00a7a70033c4&name=BIDTELLECT HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=BIDTELLECT&uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=32321738-2cdf-4b27-a930-00a7a70033c4
Request Chain 556
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 557
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 558
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 563
  • https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=FD8C9FF8-8C80-4874-B028-DB9B00308CE4 HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=PUBMATIC&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Request Chain 564
  • https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=6496980970204499328&name=SMARTADSERVER&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=6496980970204499328
Request Chain 565
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5KJGW252PG5PWQYKXGFRDMQ3PGAYWYU2N&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5KJGW252PG5PWQYKXGFRDMQ3PGAYWYU2N HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=RMmwO7_haW1b6Co01lSM
Request Chain 566
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fa95a31fe9d38e7279f1ac94b98aeaf9&gdpr=0&gdpr_consent=0
Request Chain 567
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4NE7IDTAAACCtMn4Psg&gdpr=0
Request Chain 568
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Request Chain 572
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LEXLFK09-7-IR3B&name=RUBICON&gdpr=0&gdpr_consent=undefined HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=RUBICON&uid=3496f2c9155784213a7b528f78bb441a&visitor=LEXLFK09-7-IR3B
Request Chain 575
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad
Request Chain 576
  • https://pixel.advertising.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
Request Chain 577
  • https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-Dhmc7DtE2uHt8uDNURDbEiWRS_hg4gHFxJtGQQA-~A&gdpr=0
Request Chain 578
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6358988783605550458
Request Chain 579
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=6004bbcb-7f27-4c95-94d2-0zz1678153781 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drichaudience%26bsw_param%3D1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e1b36406-9833-4700-987f-7a2b103fd427&expires=30&ssp=richaudience&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_ps=
Request Chain 580
  • https://sync.search.spotxchange.com/partner?source=202100&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.search.spotxchange.com/partner?source=202100&gdpr=0&gdpr_consent=&__user_check__=1&sync_id=5761c6e3-bc8a-11ed-a1a5-169d53a90107 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=&uid=CAESEMKQbwtbJaGXdEsA3ygGppQ&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&img=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZAaYNgAKc_wqmQBh&img=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=spotx HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8554&uid=ZAaYNsCo5ugAAD2MO1IAAAAA HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/spotx/5761c6a6-bc8a-11ed-a1a5-169d53a90107?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7283&uid=y-xs0foUVE2oPSSYosc9BTp3MHYC0CFV8UFjU-~A HTTP 302
  • https://x.bidswitch.net/sync?ssp=spotx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=spotx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=ZAaYNsCo5ugAAD2MO1IAAAAA&expires=30&ssp=spotx HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7310&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
Request Chain 581
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Request Chain 583
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=undefined&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Request Chain 584
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=undefined&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Request Chain 585
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Request Chain 586
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&google_hm=MTI5OWFiNDctMDZiNi00NDEzLTkyNjgtMzZlOWZlNGM2MThk HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEi_7H4xLc1qO4j8ELrPlsE&google_cver=1&ssp=onetag&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 587
  • https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=icbfG365vDW5ZH5az6icaWfXqnAX4eAzS1cOgAdofd4 HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=icbfG365vDW5ZH5az6icaWfXqnAX4eAzS1cOgAdofd4
Request Chain 590
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B HTTP 302
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Request Chain 595
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0& HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
Request Chain 596
  • https://um.simpli.fi/rb_match?gdpr=0& HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1B32369227AF48F1ABF9116409EA6EC6&expires=365
Request Chain 597
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
Request Chain 598
  • https://match.prod.bidr.io/cookie-sync/rp?gdpr=0&bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC4NE7IDTAAACCtMn4Psg&expires=30&gdpr=0
Request Chain 599
  • https://token.rubiconproject.com/token?gdpr=0&pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gD_0s1IaVVEeBAhKw3tAdw?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
Request Chain 601
  • https://sync.mathtag.com/sync/img?gdpr=0&mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e1b36406-9833-4700-987f-7a2b103fd427&expires=28
Request Chain 602
  • https://secure.adnxs.com/getuidnb?gdpr=0&https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://secure.adnxs.com/gdpr=0&https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6358988783605550458&expires=30
Request Chain 605
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjK2-8CEPme9PECGIaJ1-IBIAEwAQ&v=APEucNWXUTfSrArxOG9z3TmSOL3pszAgkZV5AqWFxVhbCB6AxET52UNhG-HGzytWtyqKVgs7cQsGCSVXd1VVvljMXIjfNWgSFgEmTNHNAJwhSRGKBnH-E5E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adingo_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://cs.adingo.jp/sync/?from=dbm&id=CAESEHhtvlAkzpfCnmtf35Rg4aY&google_cver=1&gdpr=0
Request Chain 619
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e1b36406-9833-4700-987f-7a2b103fd427&expires=30&ssp=between&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
Request Chain 622
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARi9sJqgBqIBEFi4WZa8ihHthuAAJZDAZHw* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=58b85996-bc8a-11ed-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=58b85996-bc8a-11ed-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=lYDBIytCbnUOcnCeKPvx3w& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/58b85996-bc8a-11ed-86e0-002590c0647c
Request Chain 625
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 626
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Request Chain 631
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D171e1b3d878c5443361586e41274318e%26name%3DADMIXER%26visitor%3D%24%24visitor_cookie%24%24&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
Request Chain 638
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
Request Chain 640
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
Request Chain 641
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1678153790691 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3010694811 HTTP 302
  • https://sync.1rx.io/usersync/turn/7529250236723202089?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-575679b3-c0d2-4e16-9483-d85e06d0731f-004 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
Request Chain 642
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
Request Chain 643
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
Request Chain 644
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a&name=OPENWEB HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a
Request Chain 646
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
Request Chain 647
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1678153790691 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=107356698 HTTP 302
  • https://sync.1rx.io/usersync/turn/7529250236723202089?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-575679b3-c0d2-4e16-9483-d85e06d0731f-004 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
Request Chain 649
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
Request Chain 651
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a&name=OPENWEB
Request Chain 652
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
Request Chain 653
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent%3D%24 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
Request Chain 655
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Request Chain 657
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=undefined&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Request Chain 658
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=undefined&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Request Chain 659
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Request Chain 660
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1299ab47-06b6-4413-9268-36e9fe4c618d&ssp=onetag&gdpr=0&gdpr_consent=undefined
Request Chain 663
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
Request Chain 664
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Request Chain 665
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Request Chain 666
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Request Chain 667
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-gLp_2phE2pkR4qBMxzwpQjCtP1FRyjKuDPi4Pw--~A&expires=5&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 671
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 673
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Request Chain 674
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/122028 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/122028
Request Chain 689
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d43443fb-392d-5442-9fa1-7e87fba7e6b2&expires=60 HTTP 302
  • https://sp.gmossp-sp.jp/ads/sync.ad?dsp=bidswitch&dspuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dsp_uuid=&dsp_id=&rd=0
Request Chain 694
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fd43443fb-392d-5442-9fa1-7e87fba7e6b2 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/d43443fb-392d-5442-9fa1-7e87fba7e6b2

686 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
win2012r2.com/
Redirect Chain
  • http://win2012r2.com/
  • https://win2012r2.com/
222 KB
223 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx / PHP/7.4.33
Resource Hash
0f31e2d59cceb2ccbcdd21a9a9c15a2b3c73b040c438262f251a679c124c0721

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://win2012r2.com/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
nginx
x-powered-by
PHP/7.4.33

Redirect headers

Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Tue, 07 Mar 2023 01:49:37 GMT
Location
https://win2012r2.com/
Server
nginx
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-49545071-4
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
841c464534a101e2244f222ad3ec34e68ab681bdf0a2f76d6e3f93cada280833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44765
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Mar 2023 01:49:38 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2G2FZZXW0F
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d7d0671c452bf0fde3ea053e6080c324d1f0a80d211434d821617cbbd2c0cf18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80783
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 01:49:38 GMT
icomoon.woff
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 		13 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa

Request headers

Referer
https://win2012r2.com/
Origin
https://win2012r2.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:46 GMT
server
nginx
etag
"32c8-5f35ac8e01e0a-gzip"
vary
Accept-Encoding
accept-ranges
bytes
content-length
7911
fontawesome-webfont.woff2
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://win2012r2.com/
Origin
https://win2012r2.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:45 GMT
server
nginx
accept-ranges
bytes
etag
"12d68-5f35ac8d2157e-gzip"
vary
Accept-Encoding
style.min.css
win2012r2.com/win2012r2/wp-includes/css/dist/block-library/ 		93 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1&fver=20221115074537
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 19:45:37 GMT
server
nginx
etag
"172a9-5ed8799a91e22-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
12518
expires
Tue, 14 Mar 2023 01:49:38 GMT
styles.css
win2012r2.com/win2012r2/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4&fver=20230219074523
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sun, 19 Feb 2023 07:45:23 GMT
server
nginx
etag
"b2b-5f508baa251a4-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
1004
expires
Tue, 14 Mar 2023 01:49:38 GMT
public.css
win2012r2.com/win2012r2/wp-content/plugins/stripe-payments/public/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/stripe-payments/public/assets/css/public.css?ver=2.0.73&fver=20230104075713
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
8cc63bbc0909c61913044fcb995664904cf4f4fdbd91853ea3a4c58a810d93bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 07:57:13 GMT
server
nginx
etag
"1228-5f16b88438651-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
1334
expires
Tue, 14 Mar 2023 01:49:38 GMT
passster-public.min.css
win2012r2.com/win2012r2/wp-content/plugins/content-protector/assets/public/ 		2 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/content-protector/assets/public/passster-public.min.css?ver=3.5.5.9&fver=20230104075708
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
fc88f460ed210bdc5f2535b36ba1a6aa3d84ed621dabab776abcb14ca3440753

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 07:57:08 GMT
server
nginx
etag
"82c-5f16b87f72552-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
669
expires
Tue, 14 Mar 2023 01:49:38 GMT
style.css
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/ 		220 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/style.css?ver=6.1.1&fver=20230128104846
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
249ac2aee2d3061e6a34afba8abda50425dcf2b0bc7692065bf6307d1c70d982

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:46 GMT
server
nginx
etag
"36ec4-5f35ac8e029e3-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
40432
expires
Tue, 14 Mar 2023 01:49:38 GMT
keyframes.css
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/ 		292 B
357 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/keyframes.css?ver=6.1.1&fver=20230128104846
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:46 GMT
server
nginx
etag
"124-5f35ac8e02563-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
124
expires
Tue, 14 Mar 2023 01:49:38 GMT
font-awesome.min.css
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.1.1&fver=20230128104845
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:45 GMT
server
nginx
etag
"792a-5f35ac8d1f3ba-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
7059
expires
Tue, 14 Mar 2023 01:49:38 GMT
style.css
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/icomoon/ 		3 KB
948 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.1.1&fver=20230128104846
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:46 GMT
server
nginx
etag
"add-5f35ac8e01feb-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
715
expires
Tue, 14 Mar 2023 01:49:38 GMT
style.css
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/skins/skin-colors-blue/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/skins/skin-colors-blue/style.css?ver=6.1.1&fver=20230128104845
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
ad0308a16fbf91edefc87db7433a9ee0016c453d0ab1a070fa657d86aab85396

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:45 GMT
server
nginx
etag
"12cf-5f35ac8d099de-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
1625
expires
Tue, 14 Mar 2023 01:49:38 GMT
choice.js
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-125.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:34 GMT
content-encoding
br
via
1.1 72711b2cc7430cc0fad0de77b6848988.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:53:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
16
x-amz-server-side-encryption
AES256
etag
W/"c53bd785b1ee57b613221019d7d72626"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
iqwm9FDeIeNyInvNgxvoXEmg7cNXasedMHKuv2E7F22ZrUtfHyBvaQ==
style.css
win2012r2.com/win2012r2/wp-content/themes/cocoon-child-master/ 		719 B
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-child-master/style.css?ver=6.1.1&fver=20200404011823
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
35407b5004309de20a4856ff8b037c17bca14d45d7be20283a12edef87496f46

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 04 Apr 2020 13:18:23 GMT
server
nginx
etag
"2cf-5a276de4d45c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
315
expires
Tue, 14 Mar 2023 01:49:38 GMT
keyframes.css
win2012r2.com/win2012r2/wp-content/themes/cocoon-child-master/ 		130 B
368 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.1.1&fver=20200404011823
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 04 Apr 2020 13:18:23 GMT
server
nginx
etag
"82-5a276de4d45c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
136
expires
Tue, 14 Mar 2023 01:49:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f10.1e100.net
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 02:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 02:09:02 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
944840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3718
last-modified
Wed, 18 Nov 2020 00:51:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb4701e-2c03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GW50X001vsKJvDt0ZMD2NntiWkIMSmWsciosldsab1onoCSl1YgcmObLtKoMshBjofkeUfpSkRtb2ZJ%2Bo%2BkuqfwOFRJZM%2By9JXtWr89654O5IJqrBZXuLyw67T241QBdcybnHTuH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a3f2edcbd328d16-KIX
expires
Sun, 25 Feb 2024 01:49:38 GMT
cookie.js
win2012r2.com/win2012r2/wp-content/plugins/content-protector/assets/public/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/content-protector/assets/public/cookie.js?ver=6.1.1&fver=20230104075708
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 07:57:08 GMT
server
nginx
etag
"691-5f16b87f72452-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
823
expires
Tue, 14 Mar 2023 01:49:38 GMT
passster-public.min.js
win2012r2.com/win2012r2/wp-content/plugins/content-protector/assets/public/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/content-protector/assets/public/passster-public.min.js?ver=3.5.5.9&fver=20230104075708
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
6793ad5b96a05b72150feb11769fcb49a92b244f92d37d666c253614041cb004

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 07:57:08 GMT
server
nginx
etag
"13f8-5f16b87f725bf-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1155
expires
Tue, 14 Mar 2023 01:49:38 GMT
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=11
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB3XJdz/0yMBAA
x-accel-expires
@1678683871
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5879329806643d2a5a3a
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74707
requestform.js
ads.themoneytizer.com/s/ 		144 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2ab29b642fc6d37e0112f8716d4c4ea067e2552c7698f10192ba7e5ac6ce67e3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB24GC3/ZyMBAA
x-accel-expires
@1678683979
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587932980664af7c613a
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74599
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=30
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB1nibH/0yMBAA
x-accel-expires
@1678683871
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587932980664edf87b3a
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74707
requestform.js
ads.themoneytizer.com/s/ 		142 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=30
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f00746dabe8d2f4aca525916be2108075d91d89346b8030ee3947561af90897d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB2pzI3/ZyMBAA
x-accel-expires
@1678683979
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587932980664711f813a
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74599
20220205_header_logo.png
win2012r2.com/win2012r2/wp-content/uploads/2022/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win2012r2.com/win2012r2/wp-content/uploads/2022/02/20220205_header_logo.png
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
46c7c6094145d8a096060898c054f2a3f14c712b577ca9401b34ccc07f8940ae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 13:44:59 GMT
server
nginx
etag
"3aa5-5d74592ca4cc0-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15000
expires
Thu, 06 Apr 2023 01:49:38 GMT
bgt
www28.a8.net/svt/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www28.a8.net/svt/bgt?aid=200926316600&wid=001&eno=01&mid=s00000017784002004000&mc=1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.19.194 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-19-194.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a28216b5a7d4691697d7bc0c97a8a4e5406e77422d6cb1370e92948ae70c108f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:39 GMT
Server
Apache
Connection
keep-alive
Content-Length
50842
Content-Type
image/gif
0.gif
www14.a8.net/ 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www14.a8.net/0.gif?a8mat=3BMJQK+9X83QQ+3T80+BXIYP
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.19.194 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-19-194.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:39 GMT
Server
Apache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB11bm7/0iMBAA
x-accel-expires
@1678683872
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587932980664c4d09b3a
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74706
requestform.js
ads.themoneytizer.com/s/ 		149 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=19
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
06667cae2685ec6e4631c9020e0e05b99539cf738d48328efe2e19911fbbc30a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB23h3L/ZyMBAA
x-accel-expires
@1678683979
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587932980664bf33a13a
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74599
51W3GJV1X-L._SL160_.jpg
m.media-amazon.com/images/I/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51W3GJV1X-L._SL160_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e6f29a4dd4eea310a6b1a206fa1228f50ed9bd2ea5fda3484bec68c16fe4ddbf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 12:40:24 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
9810555
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-641,/images/I/51W3GJV1X-L
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
5051
surrogate-key
x-cache-641 /images/I/51W3GJV1X-L
last-modified
Mon, 30 Nov 2020 07:20:24 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
f9996425-0dd1-4f40-9b02-9512e72652cb
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
YjrDVaHS8_-r1Dl0-G5i-zYML28p-PUbvbF2FFbjvUpTK9QEZ36edQ==
expires
Sat, 08 Nov 2042 12:40:24 GMT
51W3GJV1X-L._SL500_.jpg
m.media-amazon.com/images/I/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51W3GJV1X-L._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
64db10e0b7d69e7e09ff74743f0259a765585a8967531af4daeb40d258e5bd8b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 25 May 2022 23:08:56 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
24633642
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-941,/images/I/51W3GJV1X-L
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
37614
surrogate-key
x-cache-941 /images/I/51W3GJV1X-L
last-modified
Mon, 30 Nov 2020 07:20:24 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
634d6861-a08b-420a-ae6c-3eb9de2e51cd
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
p87LMl1wSNz_QT10omK-XKC3mriwtO7vLXzQkxupmfHBjY88TpU17g==
expires
Tue, 20 May 2042 23:08:56 GMT
1x1.gif
i.imgvc.com/vc/images/
Redirect Chain
  • https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3629984&pid=887600039
  • https://i.imgvc.com/vc/images/1x1.gif
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgvc.com/vc/images/1x1.gif
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
13.249.167.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-167-35.nrt12.r.cloudfront.net
Software
UploadServer /
Resource Hash
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:46:34 GMT
via
1.1 e72e0d477a3b173c0d7c54332be184a4.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C3
age
185
x-guploader-uploadid
ADPycdvuJzD1tcfuixLQc4KLYs0ijtaLh64i4DCXBNM69BGXcTHv8YYvUIcHQQvvc9R2lHOhnFpEeFkgXvzuiMl0qS3OrmCOsguV
x-cache
Hit from cloudfront
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Fri, 28 Aug 2020 01:48:04 GMT
server
UploadServer
etag
"4bd992dae2dbbe35b4ec51458103f729"
vary
Accept-Encoding
x-goog-hash
crc32c=HEvWxw==, md5=S9mS2uLbvjW07FFFgQP3KQ==
x-goog-generation
1598579284071645
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Content-Range,x-goog-resumable
cache-control
max-age=300
x-goog-stored-content-length
43
accept-ranges
bytes
x-amz-cf-id
ua_Vnb5sy53f5of0nVdQx6ySR-yCcSUAkRPbiGCWUcO7U2TYLIx2lg==
expires
Tue, 07 Mar 2023 01:51:34 GMT

Redirect headers

date
Tue, 07 Mar 2023 01:49:39 GMT
x-content-type-options
nosniff
server
nginx
front-end-https
on
p3p
CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin
*
location
//i.imgvc.com/vc/images/1x1.gif
content-type
text/html; charset=iso-8859-1
cache-control
private, max-age=0, no-cache
content-length
215
41GcGJkZ-6L._SL160_.jpg
m.media-amazon.com/images/I/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41GcGJkZ-6L._SL160_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
52f1d8b93a0db657486a481493bb1c0b6944e15f4b451692d3dbec042a419521

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 03:39:35 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16841404
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-649,/images/I/41GcGJkZ-6L
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
3345
surrogate-key
x-cache-649 /images/I/41GcGJkZ-6L
last-modified
Mon, 02 Dec 2019 09:01:09 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
2ebc8b7f-b60f-4a9f-81a2-885b7f474cbc
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
iIySVCu6Og3t5GGKlUiQjgikT383iScQXdquNvEOxBFmfVp0GsSQHQ==
expires
Tue, 19 Aug 2042 03:39:34 GMT
41GcGJkZ-6L._SL500_.jpg
m.media-amazon.com/images/I/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41GcGJkZ-6L._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e70ccc38bf898b1817805bd8def4cf0eae93857e93472955187168ba534d319e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:03:20 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
8790379
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-262,/images/I/41GcGJkZ-6L
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
17999
surrogate-key
x-cache-262 /images/I/41GcGJkZ-6L
last-modified
Mon, 02 Dec 2019 09:01:09 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
0541f253-d9f3-4654-8d3e-97ec1a33a362
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
gRsfjN_EfJE3lwzS04tcGCmTO2awq0q24BIX9_6TcYn21R97AtkyZA==
expires
Wed, 19 Nov 2042 19:46:57 GMT
51JHbWYwPdL._SL160_.jpg
m.media-amazon.com/images/I/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51JHbWYwPdL._SL160_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
d1c28684c1127f23c6f51ea550fc7878d6e39500ea959250df8247b6799222c2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:38:23 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
6019876
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-884,/images/I/51JHbWYwPdL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="NRT57-P1",cdn-rid;desc="-xI0Br5JjuGXnB-oUlEDvn7THo-tAEFeLvmH9z3-giXFtqI8EaQ-Ng==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3,provider;desc="cf"
content-length
6975
surrogate-key
x-cache-884 /images/I/51JHbWYwPdL
last-modified
Tue, 05 Dec 2017 05:16:33 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
1f860cc1-f271-4e04-8c5e-c74774c95d6d
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
-xI0Br5JjuGXnB-oUlEDvn7THo-tAEFeLvmH9z3-giXFtqI8EaQ-Ng==
expires
Mon, 22 Dec 2042 08:27:10 GMT
51JHbWYwPdL._SL500_.jpg
m.media-amazon.com/images/I/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51JHbWYwPdL._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
53f00ffa5708e1e6017271d794ee7dabe8f6cd21ff80392575af7895b0593271

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 19 May 2022 21:25:42 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
25158237
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-515,/images/I/51JHbWYwPdL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
59733
surrogate-key
x-cache-515 /images/I/51JHbWYwPdL
last-modified
Tue, 05 Dec 2017 05:16:33 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
c95abbd2-0c3d-44c7-bf42-89ee37329ad6
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
aA3AespBQNE9E6deBLWk5rnDzLIO000AfGT1ljWMTG9tF-h3zEtTyA==
expires
Wed, 14 May 2042 21:25:42 GMT
51MgH8Jmr3L._SL160_.jpg
m.media-amazon.com/images/I/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51MgH8Jmr3L._SL160_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
2ca1e6a629f1fccf27efc1dd88e8916ec11f43f5f7f48408ba56b3cbc5b3e682

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 09:30:27 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
5242751
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-845,/images/I/51MgH8Jmr3L
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
5398
surrogate-key
x-cache-845 /images/I/51MgH8Jmr3L
last-modified
Fri, 08 Jun 2012 11:23:00 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
21f6d6b8-9568-45f6-846f-6fa23c76f63d
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
Z5n3qFYferYVQ44kAjH7UssVhdwMXwuZ4tuPTT22Pr4ATkbljiP6Ng==
expires
Fri, 26 Dec 2042 12:56:59 GMT
51MgH8Jmr3L._SL500_.jpg
m.media-amazon.com/images/I/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51MgH8Jmr3L._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
66d6818017cedc0ba60ab4c12e31e9b4d3014e7989c4c4be89efaf5b0d6cd640

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 21 May 2022 16:02:35 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
25004824
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-847,/images/I/51MgH8Jmr3L
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
35429
surrogate-key
x-cache-847 /images/I/51MgH8Jmr3L
last-modified
Fri, 08 Jun 2012 11:23:00 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
500bad92-214d-4b7d-b569-77a807ec8d59
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
iv6gmFcAqhc4mqTJmp7p7DLXzZiaFJB8FO8hCSheCGCsMeKYJf03Kw==
expires
Fri, 16 May 2042 16:02:35 GMT
41MjTupTFrL._SL75_.jpg
m.media-amazon.com/images/I/ 		929 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41MjTupTFrL._SL75_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
6aac539047711f7990c266f2787c69ecbec346c7d8e7207d2d3c95d6deb45281

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 22:24:19 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
7529120
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-321,/images/I/41MjTupTFrL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
929
surrogate-key
x-cache-321 /images/I/41MjTupTFrL
last-modified
Tue, 03 Jul 2012 04:55:35 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
4fff2a17-4ae1-4b35-b787-cf68a441cabd
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
B6lx_cyubwAY5i9hZWEkjHA_iQ0qHi5-ApGGf_NOOV9eq-bW55pLRg==
expires
Thu, 04 Dec 2042 22:24:19 GMT
41MjTupTFrL._SL500_.jpg
m.media-amazon.com/images/I/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41MjTupTFrL._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
29f46eaa508c2dd91918388bebf8ccb6ebbfb7acefe4b83e1f1eaae02ec32838

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:32:45 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16035414
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-216,/images/I/41MjTupTFrL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
27906
surrogate-key
x-cache-216 /images/I/41MjTupTFrL
last-modified
Tue, 03 Jul 2012 04:55:35 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
a0c6eec4-e42d-4af6-964f-589989a856bc
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
mHV9l6Su2NP392HgpF-jf5Lr78A2jW9LpTjQDQx0zrhwXRTG4E-T4A==
expires
Sun, 24 Aug 2042 07:15:37 GMT
51xzvyKj6CL._SL75_.jpg
m.media-amazon.com/images/I/ 		978 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51xzvyKj6CL._SL75_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
d938b206ce5406bd4d7f8e0a3071e940ce46f8252fbdf935aacb0795cda147b0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:06:04 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16407815
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-227,/images/I/51xzvyKj6CL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
978
surrogate-key
x-cache-227 /images/I/51xzvyKj6CL
last-modified
Tue, 03 Jul 2012 04:55:55 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
06854295-924b-4eea-ac0a-b84cd4e8b057
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
zLdDfCmw-cjZEbJB1L3aPjb60SicM1ujAe6vxL4PxtpDpMapWM9_0g==
expires
Sun, 24 Aug 2042 04:06:04 GMT
51xzvyKj6CL._SL500_.jpg
m.media-amazon.com/images/I/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51xzvyKj6CL._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
e26414960308896fb2016762b5ef96f2e0647f74991d06ebdbd110dd5d857b68

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 07:03:23 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
17001976
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-498,/images/I/51xzvyKj6CL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
42298
surrogate-key
x-cache-498 /images/I/51xzvyKj6CL
last-modified
Tue, 03 Jul 2012 04:55:55 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
79f11347-d8f9-43d9-bc44-23f6351b2ec7
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
7FIFSKFcnaLBOTeYqIa46BSqKGv2HD9UCtNC4DUQ0DHfF96XfpzmiA==
expires
Sun, 17 Aug 2042 07:03:23 GMT
31IbgwvNCML._SL75_.jpg
m.media-amazon.com/images/I/ 		457 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/31IbgwvNCML._SL75_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
73607ffdbfe216ea8008cc8d16df159a6f6deafe568bc5d29ed1addfecba124a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:32:45 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16035414
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-851,/images/I/31IbgwvNCML
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
457
surrogate-key
x-cache-851 /images/I/31IbgwvNCML
last-modified
Tue, 03 Jul 2012 04:55:57 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
1cae1fe7-0901-4a54-aa2a-e3c8a11164b8
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
deR_045CTy3VM-9Rr9kwNhM3MUQdgRcyJUoJjckhOesgcDB78xk3Nw==
expires
Thu, 28 Aug 2042 11:32:45 GMT
31IbgwvNCML._SL500_.jpg
m.media-amazon.com/images/I/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/31IbgwvNCML._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
70cb3ad488703f463eac4a271284d7f3731a96ae478159149867a2ec1e5d7010

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:14:10 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
17890529
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-566,/images/I/31IbgwvNCML
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
9154
surrogate-key
x-cache-566 /images/I/31IbgwvNCML
last-modified
Tue, 03 Jul 2012 04:55:57 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
f4eb23be-764b-4435-805d-f6ceafed2bcd
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
SBz7ucJpdakrrq3NlTW1ipCfmEAuUXxsoHCA7XZYpk2qPs02xXIq0Q==
expires
Tue, 05 Aug 2042 19:49:26 GMT
41Y2tAewYCL._SL75_.jpg
m.media-amazon.com/images/I/ 		984 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41Y2tAewYCL._SL75_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
97323dde5928ff80853be723353d13adc90f6ce5fd0b28c0f9e7e58f9b997847

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:32:45 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16035414
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-688,/images/I/41Y2tAewYCL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
984
surrogate-key
x-cache-688 /images/I/41Y2tAewYCL
last-modified
Tue, 03 Jul 2012 04:56:46 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
fae7ba7d-ae53-4a19-a029-4f6132efe828
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
Sv87hmJFrChIs94YQan57hPqvk6YjPoUFJbNZObKG1-M7uoE4D-b3A==
expires
Thu, 28 Aug 2042 11:32:45 GMT
41Y2tAewYCL._SL500_.jpg
m.media-amazon.com/images/I/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41Y2tAewYCL._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
8839432fd7bbb63cd88e7a4e45ac8390ef47f88db106149a0e1ec13e71de2a8b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 03:24:43 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16669496
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-079,/images/I/41Y2tAewYCL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
23596
surrogate-key
x-cache-079 /images/I/41Y2tAewYCL
last-modified
Tue, 03 Jul 2012 04:56:46 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
8e2fe1ad-2d06-4b7e-a3d7-8fd210316e68
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
CkimCWbc35hCbc5hOTKxL37XcPbxnJ1ipBKIm3SneXtyc-6q1jAvsA==
expires
Thu, 21 Aug 2042 03:24:43 GMT
511jUNQR7XL._SL75_.jpg
m.media-amazon.com/images/I/ 		956 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/511jUNQR7XL._SL75_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
3671e6900c159955d63576b8a35ef0011b79382c9d5dcc539361d2659ba9e766

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:06:04 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16407815
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-057,/images/I/511jUNQR7XL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
956
surrogate-key
x-cache-057 /images/I/511jUNQR7XL
last-modified
Tue, 03 Jul 2012 04:56:53 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
72b52744-b17b-4d3a-b4ee-55e11b39d196
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
TiH-Bwg6imQHDHpUdt4MjBcLvIZHI9ytYa8GztoH4wnlfPYhcoZkTw==
expires
Sun, 24 Aug 2042 04:06:04 GMT
511jUNQR7XL._SL500_.jpg
m.media-amazon.com/images/I/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/511jUNQR7XL._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
87b2150756c72e799ce6743c4dccf66b16d7edc967a2e724c710c6f8d843c3cd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 11:32:45 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16035414
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-632,/images/I/511jUNQR7XL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
38581
surrogate-key
x-cache-632 /images/I/511jUNQR7XL
last-modified
Tue, 03 Jul 2012 04:56:53 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
0c510144-410e-44d6-b99f-53657d369034
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
sG8IAQp-U12s6uR_8a4VTn4PvPpK_ddiR4g8C90rin2kVJNky7-5jg==
expires
Thu, 28 Aug 2042 11:32:45 GMT
51-9K4G3M9L._SL75_.jpg
m.media-amazon.com/images/I/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51-9K4G3M9L._SL75_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
4287f33176bce35e77b81e3a822b410dfa99490380a0d034b57383445cdf56b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 09:52:01 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16819058
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-002,/images/I/51-9K4G3M9L
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
1039
surrogate-key
x-cache-002 /images/I/51-9K4G3M9L
last-modified
Tue, 03 Jul 2012 04:56:58 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
c626aad7-4d5c-4e31-9258-4dcc3dbf5e11
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
TiF8TiuBmr5OrKRmQ-WKKrbTk_8J5Bf8i42H1WNemq4j9MIactJ4eQ==
expires
Tue, 19 Aug 2042 09:52:01 GMT
51-9K4G3M9L._SL500_.jpg
m.media-amazon.com/images/I/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51-9K4G3M9L._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
2717805b5508a66115f7cca94821e386db439668fd909b6fd3318a8829c09978

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:06:04 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
16407815
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-754,/images/I/51-9K4G3M9L
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
40074
surrogate-key
x-cache-754 /images/I/51-9K4G3M9L
last-modified
Tue, 03 Jul 2012 04:56:58 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
c5951385-838e-4e47-8572-451a676fab72
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
Nn9wXbXHCpcsNGlbbIVdV1XWQXJzvKYdXcsG0uFQF-U4oegdhSFSaA==
expires
Sun, 24 Aug 2042 04:06:04 GMT
51h26W2HOPS._SL160_.jpg
m.media-amazon.com/images/I/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51h26W2HOPS._SL160_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
5f3ce4cf85e75c13da918e05577691c3e3d971f273c5b4f3648d7f2878925951

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 00:39:09 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
12964230
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-492,/images/I/51h26W2HOPS
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
6951
surrogate-key
x-cache-492 /images/I/51h26W2HOPS
last-modified
Mon, 10 May 2021 06:45:33 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
ac93591c-9b7f-4ee3-9740-85a3f2f7380d
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
BGvjNjtvv_Pz7T-gJnXatvy0HmuMW3yzJH0ow7SF1EXV2KhUBRQCGA==
expires
Fri, 03 Oct 2042 00:39:09 GMT
51h26W2HOPS._SL500_.jpg
m.media-amazon.com/images/I/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51h26W2HOPS._SL500_.jpg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.178.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-178-128.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
ba24954758e0a0f6aabe8e5953882fd731597f1bd7fd24912f4bd1f2f2ac7151

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 11:25:09 GMT
via
1.1 800e0748dc16727a805e7ddcd7fc524e.cloudfront.net (CloudFront)
age
12666270
x-amz-cf-pop
NRT57-P1
edge-cache-tag
x-cache-849,/images/I/51h26W2HOPS
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
47870
surrogate-key
x-cache-849 /images/I/51h26W2HOPS
last-modified
Mon, 10 May 2021 06:45:33 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
f2d07a8e-482b-43e4-8e69-b4afe902ebe5
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
W_WQxfMBOSNLFtixiiRCryOgZdl520sAswLK0CXt35DgbtQYHpHAxw==
expires
Mon, 06 Oct 2042 11:19:44 GMT
refresh.png
win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/images/ 		460 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/images/refresh.png
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
56f998f58e88c1ff0617c4f0dbca8df3199540d7a7fc4814d9080d59033c1aae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:49:28 GMT
server
nginx
etag
"1cc-5f35acb65c7be-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
483
expires
Thu, 06 Apr 2023 01:49:38 GMT
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB2r5vX/0yMBAA
x-accel-expires
@1678683871
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587932980664256e473b
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74707
requestform.js
ads.themoneytizer.com/s/ 		150 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=6
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d3af9980d9ee91744cc9f2499d8e6410ee7ccde0d79b6a9e8e626b0897ecac7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AVm7oB0q+/L/ZyMBAA
x-accel-expires
@1678683979
date
Tue, 07 Mar 2023 01:49:38 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5879329806642a0f4d3b
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
74599
jquery-ui.min.css.php
win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/css/themes/smoothness/ 		47 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/css/themes/smoothness/jquery-ui.min.css.php?ver=6.1.1&fver=20230128104928
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx / PHP/7.4.33
Resource Hash
5e717a37350f710e86b733cad36803b13ff9625ab65523bb8a295482c6e86602

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
no-store, no-cache, must-revalidate
content-length
7415
expires
Thu, 19 Nov 1981 08:52:00 GMT
style.css.php
win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/css/ 		661 B
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/css/style.css.php?ver=1.1.12&fver=20230128104928
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx / PHP/7.4.33
Resource Hash
f335bf00b9909be022423d5feb6fb1963c940802e6afb3a6e4a3b1ddd29e4abb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
no-store, no-cache, must-revalidate
content-length
331
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.js
win2012r2.com/win2012r2/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4&fver=20230219074523
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sun, 19 Feb 2023 07:45:23 GMT
server
nginx
etag
"2945-5f508baa26362-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
3040
expires
Tue, 14 Mar 2023 01:49:38 GMT
index.js
win2012r2.com/win2012r2/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4&fver=20230219074523
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sun, 19 Feb 2023 07:45:23 GMT
server
nginx
etag
"3294-5f508baa25fd6-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
4184
expires
Tue, 14 Mar 2023 01:49:38 GMT
core.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"53c0-5ecb5fbaae533-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
7097
expires
Tue, 14 Mar 2023 01:49:38 GMT
mouse.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"d4a-5ecb5fbaaf2fc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1085
expires
Tue, 14 Mar 2023 01:49:38 GMT
resizable.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
706e4d8669d29a9e13cfb13a59b6c1341ec80a08c9c10eaa465756366006f327

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"4911-5ecb5fbaae92e-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
5316
expires
Tue, 14 Mar 2023 01:49:38 GMT
draggable.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
f7cea32499cc55e5232ec287c438644afef28297f4248958ee32906dd34ae5f8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"4794-5ecb5fbaae9df-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
4840
expires
Tue, 14 Mar 2023 01:49:38 GMT
controlgroup.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"1126-5ecb5fbaaed46-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1595
expires
Tue, 14 Mar 2023 01:49:38 GMT
checkboxradio.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"10d5-5ecb5fbaae10f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1403
expires
Tue, 14 Mar 2023 01:49:38 GMT
button.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/button.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
2793a7736c4421efb5ec1f639c9b19a081a6b7a91097d4459149fab67c47b9ae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"17fa-5ecb5fbaaeae9-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1967
expires
Tue, 14 Mar 2023 01:49:38 GMT
dialog.min.js
win2012r2.com/win2012r2/wp-includes/js/jquery/ui/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.2&fver=20221105094039
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
afa9c32be463f8f904da58a52ffdd8e60d68273959cae633bd89efbb27fa5b64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 05 Nov 2022 09:40:39 GMT
server
nginx
etag
"329f-5ecb5fbaae35d-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
3786
expires
Tue, 14 Mar 2023 01:49:38 GMT
custom.js
win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/js/custom.js?ver=1.1.12&fver=20230128104928
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
ebd85d60de17217f4afb39147b4979cf5ae69f3d9be4725e112b19dd23422e64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:49:28 GMT
server
nginx
etag
"33ca-5f35acb65c92f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
3491
expires
Tue, 14 Mar 2023 01:49:38 GMT
stripe-handler-ng.js
win2012r2.com/win2012r2/wp-content/plugins/stripe-payments/public/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js?ver=2.0.73&fver=20230104075713
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
a372b676d0bff01d23b5dc12a7967d08eb423598a69e5253364c58792adfe2af

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 07:57:13 GMT
server
nginx
etag
"201a-5f16b88438bec-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
2554
expires
Tue, 14 Mar 2023 01:49:38 GMT
js.cookie.min.js
win2012r2.com/win2012r2/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0&fver=20220405074515
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 19:45:15 GMT
server
nginx
etag
"5dc-5dbed7bd768c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
726
expires
Tue, 14 Mar 2023 01:49:38 GMT
jquery.iframetracker.min.js
win2012r2.com/win2012r2/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0&fver=20220405074515
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 19:45:15 GMT
server
nginx
etag
"c72-5dbed7bd768c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1249
expires
Tue, 14 Mar 2023 01:49:38 GMT
aicp.min.js
win2012r2.com/win2012r2/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		777 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0&fver=20220405074515
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 19:45:15 GMT
server
nginx
etag
"309-5dbed7bd768c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
429
expires
Tue, 14 Mar 2023 01:49:38 GMT
stickyfill.min.js
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.1.1&fver=20230128104845
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:45 GMT
server
nginx
etag
"17fb-5f35ac8cf6234-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
2212
expires
Tue, 14 Mar 2023 01:49:38 GMT
javascript.js
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/javascript.js?ver=6.1.1&fver=20230128104846
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
b8252beb593c6165be399c340b5f424fa731f3c671037b3c2a5bb9490ef0235a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 22:48:46 GMT
server
nginx
etag
"1d92-5f35ac8e0251c-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
2649
expires
Tue, 14 Mar 2023 01:49:38 GMT
javascript.js
win2012r2.com/win2012r2/wp-content/themes/cocoon-master/skins/skin-colors-blue/ 		61 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-master/skins/skin-colors-blue/javascript.js?ver=6.1.1&fver=20230128104845
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
dce792814c67bc03cf20b5bb4bf6d317f052add475115e305f0c0924df4ad9f0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
last-modified
Sat, 28 Jan 2023 22:48:45 GMT
server
nginx
etag
"3d-5f35ac8d0993e"
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
61
expires
Tue, 14 Mar 2023 01:49:38 GMT
javascript.js
win2012r2.com/win2012r2/wp-content/themes/cocoon-child-master/ 		298 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win2012r2.com/win2012r2/wp-content/themes/cocoon-child-master/javascript.js?ver=6.1.1&fver=20200404011823
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
gzip
last-modified
Sat, 04 Apr 2020 13:18:23 GMT
server
nginx
etag
"12a-5a276de4d45c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
212
expires
Tue, 14 Mar 2023 01:49:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7278989100934226
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
2b554cebbc01cc56c2a989ba67a4b2def1bf38195d98ce2cecf5b58e92d376dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Origin
https://win2012r2.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48601
x-xss-protection
0
server
cafe
etag
4358350731753909346
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:39 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49545071-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 01:44:43 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
296
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 07 Mar 2023 03:44:43 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2G2FZZXW0F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49545071-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ee0d4548f200c2385c845b851da278c193f3cf90a8ce63f7ee8483fb8f79959e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80767
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 01:49:38 GMT
collect
www.google-analytics.com/g/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2G2FZZXW0F&gtm=45je3310&_p=660623554&cid=1991005425.1678153779&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678153778&sct=1&seg=0&dl=https%3A%2F%2Fwin2012r2.com%2F&dt=Windows%20%E5%AE%9F%E8%B7%B5%E3%82%AC%E3%82%A4%E3%83%89&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2G2FZZXW0F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:39 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
74708
x-77-nzt
AVm7oB1Dpkr/1CMBAA
pragma
public
x-accel-expires
@1678165471
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587933980664166c9a01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 07 Mar 2023 05:04:30 GMT
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=102378&f=11&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:40 GMT
server
nginx
x-iplb-request-id
DFD84C1B:DB82_36264064:01BB_64069833_3DED841:0B19
x-iplb-instance
24858
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.250.88 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-250-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0d4c99d9d9de256fa5e7c72831cead0398bd7599e3669a013a158fd29ed20b0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
33530
Expires
Tue, 07 Mar 2023 03:49:39 GMT
sync
gum.criteo.com/ 		49 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
306765
expires
60
mapper.js
spl.zeotap.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
456
cf-polished
origSize=62056
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 01:42:03 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://new-neta.com
cache-control
public, max-age=3600
access-control-allow-credentials
true
cf-ray
7a3f2ee40a5d8d10-KIX
access-control-allow-headers
*
expires
Tue, 07 Mar 2023 02:42:03 GMT
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:42 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.20.1
X-IPLB-Request-ID
DFD84C1B:DC17_91EFC133:01BB_64069836_8312BBAD:10556
ETag
"6167dbf8-15ab"
X-IPLB-Instance
29923
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame A9AD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
41420ef7a3ade6dc6163bc626053ca69ebf46d390e77b6dae0b911b9ff7fd9db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1374
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2a6419cb380a2538694df6c3d119c8324bab120b62f4c340adfa5adf9b32fc37

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
content-encoding
gzip
etag
"5bNt6a5+fUUQPgb0DNix1w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 14 Mar 2023 01:49:40 GMT
px.js
p.cpx.to/p/12771/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12771/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.230.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-230-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
cache-control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
content-type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.54.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-54-58.nrt57.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 06:12:32 GMT
Via
1.1 e42c4e94fd6d4f30c6167aa48ead9ff4.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
X-Amz-Cf-Pop
NRT57-C1
Age
70627
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
Gdy1Or0Bm_6Q9vSkWTe1O3r0UbU0EN_VWugCOcNkV55E70vEAB6bOw==
prebid.js
ads.themoneytizer.com/moneybid7_35/build/dist/ 		587 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:39 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
74707
x-77-nzt
AVm7oB1nSsX/0yMBAA
pragma
public
x-accel-expires
@1678165472
last-modified
Mon, 06 Feb 2023 22:21:08 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5879339806648385c202
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 07 Mar 2023 05:04:32 GMT
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=102378&f=30&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=30
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:39 GMT
server
nginx
x-iplb-request-id
DFD84C1B:DB85_36264064:01BB_64069833_3DE7246:24D1B
x-iplb-instance
38436
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
moneyinimage.js
ads.themoneytizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyinimage.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
59c7d9f6411c0c9b8393724d683dd526523bc8c7beabfa3db2504604faecb508

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:39 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
74705
x-77-nzt
AVm7oB10u7D/0SMBAA
pragma
public
x-accel-expires
@1678165474
last-modified
Tue, 21 Dec 2021 17:13:49 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587933980664cc90f003
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 07 Mar 2023 05:04:34 GMT
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=102378&f=19&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:39 GMT
server
nginx
x-iplb-request-id
DFD84C1B:DB84_36264064:01BB_64069833_3DE38FA:24D22
x-iplb-instance
38436
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=102378&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:39 GMT
server
nginx
x-iplb-request-id
DFD84C1B:DB83_36264064:01BB_64069833_3DE0D57:1809B
x-iplb-instance
38431
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/ 		667 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:39 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
74707
x-77-nzt
AVm7oB3Ku2//0yMBAA
pragma
public
x-accel-expires
@1678165472
last-modified
Thu, 19 Jan 2023 15:05:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587933980664d9a01805
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 07 Mar 2023 05:04:32 GMT
20220205_profile_icon.png
win2012r2.com/win2012r2/wp-content/uploads/2022/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win2012r2.com/win2012r2/wp-content/uploads/2022/02/20220205_profile_icon.png
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
49.212.180.105 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www2695.sakura.ne.jp
Software
nginx /
Resource Hash
00fa6120b93d9ccea850096a871bb3cc7ce0555297b2a5819ae1902e5c87041b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:39 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 13:49:56 GMT
server
nginx
etag
"1531-5d745a47e2900-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4637
expires
Thu, 06 Apr 2023 01:49:39 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/win2012r2/wp-content/plugins/eazy-ad-unblocker/js/custom.js?ver=1.1.12&fver=20230128104928
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48691
x-xss-protection
0
server
cafe
etag
9789112823392854168
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:39 GMT
cmp2.js
cmp.quantcast.com/tcfv2/42/ 		177 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.140.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-140-125.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 05:24:03 GMT
content-encoding
gzip
via
1.1 72711b2cc7430cc0fad0de77b6848988.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C3
age
159937
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Tue, 05 Jul 2022 18:40:23 GMT
server
AmazonS3
etag
W/"a18627a302da47ec97015f587007f1a6"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
GyJI8331fvXk5ik06rI4B7ZaRFGQbFe23ibQLr9IHc-tIxRTAw982Q==
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=660623554&t=pageview&_s=1&dl=https%3A%2F%2Fwin2012r2.com%2F&ul=en-us&de=UTF-8&dt=Windows%20%E5%AE%9F%E8%B7%B5%E3%82%AC%E3%82%A4%E3%83%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=599448681&gjid=484093422&cid=1991005425.1678153779&tid=UA-49545071-4&_gid=1288256490.1678153780&_r=1&gtm=457e3310&z=1450302238
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 		362 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7278989100934226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
af8dbcefbaace4d4a2cda5ef51061d1c07cdcfe5114eaeedc8be6b5a5175b91c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121997
x-xss-protection
0
server
cafe
etag
14714434760458556337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/ Frame A2C5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7278989100934226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
8420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 23:29:20 GMT
etag
2378337311435320485
expires
Mon, 20 Mar 2023 23:29:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f10.1e100.net
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 07:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 07:02:36 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-49545071-4&cid=1991005425.1678153779&jid=599448681&gjid=484093422&_gid=1288256490.1678153780&_u=YADAAUAAAAAAACAAI~&z=733537321
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 07 Mar 2023 01:49:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame A9AD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Tue, 07 Mar 2023 01:49:39 GMT
Server
MT3 569 46451a0 master nrt-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Mar 2023 01:49:38 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A9AD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
deb9f124eecce7a554c70ca983265c95
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame A9AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6358988783605550458
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6358988783605550458
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Tue, 07 Mar 2023 01:49:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5bb1c25a-3329-4b1a-984c-4745d68f0d6a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6358988783605550458
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A9AD 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=As3vSR1NfOhGspBYZN8AlYTbG4XVnPC_66cAc7HupG0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A9AD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhrnCiwApWuZ8hsNgBW_RTiSglBZ3N9KhbA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhrnCiwApWuZ8hsNgBW_RTiSglBZ3N9KhbA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhrnCiwApWuZ8hsNgBW_RTiSglBZ3N9KhbA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame A9AD 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:39 GMT
content-length
0
/
onetag-sys.com/match/ Frame A9AD
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLSwmqAGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Tue, 07 Mar 2023 01:49:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame A9AD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=As3vSR1NfOhGspBYZN8AlYTbG4XVnPC_66cAc7HupG0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=As3vSR1NfOhGspBYZN8AlYTbG4XVnPC_66cAc7HupG0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V020MCG3PDYBT3X2KAH2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=As3vSR1NfOhGspBYZN8AlYTbG4XVnPC_66cAc7HupG0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame A9AD 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.242 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:39 GMT
content-length
0
/
onetag-sys.com/match/ Frame A9AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAaxwKYqoEkZaJkthjKLaPk&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAaxwKYqoEkZaJkthjKLaPk&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAaxwKYqoEkZaJkthjKLaPk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame A9AD 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame A9AD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame A9AD 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678153779020
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwin2012r2.com%2F&domain=win2012r2.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 07 Mar 2023 01:49:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
263535
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		365 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwin2012r2.com%2F&domain=win2012r2.com&cw=1&lsw=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
70f486d0e03fb30957afc787b028bffb4429c8f37153314ed1a3e2ea716b226e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
587354
expires
0
prebid
id5-sync.com/api/config/ 		134 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
localstore.js
script.4dex.io/ 		483 B
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1567638
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LFZQuFic6HKq%2BWDBrrsFKpCawR1CGHtdcOHegmkHFJH2yezfPFO6qkcorh7n2HG0%2F1DQH%2FgZDPbas%2F9EpcDVQsUbjSN2hhLBHWy3MySS%2Bh4FAz68v5fABL7%2BiAUaaJ2"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7a3f2ee6df131a35-KIX
match
c1.adform.net/serving/cookie/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdp...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttl=%%TTL%%
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-80b0tZo2ZH1GuEBWzXMShG9DAka295oejI9R2BPRSA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
  • https://id5-sync.com/c/12/3/6/4.gif?puid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/12/2/5/5.gif?puid=6358988783605550458&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/4/6.gif?puid=196EA5A50FC48E61&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/12/19/3/7.gif?puid=bf954e9859c420674d8c0186ee097e5a&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC4NE7IDTAAACCtMn4Psg
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F1%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/12/163/1/9.gif?puid=Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F0%2F10.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
0
0
notifyme.php
adtrack.adleadevent.com/ 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.197.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-197-119.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2023 01:49:41 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://win2012r2.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
spl.zeotap.com/ 		0
0
s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwin2012r2.com%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
b82aafb909b90e68b153d39f27ec02f3c0b23ef6a625c1473daa906b367e07e1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 07 Mar 2023 01:49:40 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://win2012r2.com
Cache-Control
private, max-age=60
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type
102.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
9e9716667eaad14aac31c6e12d94b20670f91df23c3b0b84dfbbea00124eb3ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://win2012r2.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-11.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:38:01 GMT
content-encoding
gzip
via
1.1 d8e9b6af48fa5d844b0f68fc85959592.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
age
700
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
hPSL_mALNM81IUsiQPusiXCNq8vE90zm_AaO-RXAfOOnCPQ7ZjKseA==
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:40 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9F58AGNHG5DT55CH
Age
1007396
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
QbeW4Vdf/ErPPhNWwZf6z7Q9dufQhEZ9V0TKyjONPVSAKaHyWI3PKWrIkkqAiKmjFxLrark43bY=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi%2B9KvYGBxuc%2Fjfy7Y26E4RXu%2BNqIxscd%2FEz%2FT5OWMHy%2BQJeeDp0FxpFZAUdLx0c0am08PYaXrySmdyI3y29h%2FOIM6edqHkOG0CYPMOFt%2FGPxdsWnd8%2FhNJqAkAPKCS9"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
7a3f2ee97db61a06-KIX
cookie.js
partner.googleadservices.com/gampad/ 		393 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=win2012r2.com&callback=_gfp_s_&client=ca-pub-7278989100934226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
cafe /
Resource Hash
a527db552c44a4b096b0bfc58532bfcecafcb6e3959e70b51933eeb969d19066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=win2012r2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=win2012r2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 395C 		100 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&adk=1812271804&adf=3025194257&lmt=1678153780&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwin2012r2.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779805&bpp=2&bdt=1572&idt=696&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1312555354233&frm=20&pv=2&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=722
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
aef69fbc22d6dee0de5f316a0107336a346fc0c15fbdf2c00752d37d177bc7b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
37268
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3F9B 		93 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d852f288928e0405b356ad46aca6b9d48f2dbe9634b78aa19f7c83487f9f6849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
34667
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8206 		104 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
1d12c59a2e66479798c665a383be7a0e7dd03637ea4fad4011286cf822c0d40b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
36971
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 88F2 		104 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e21e901c6a122ee597bd8c9c7c91596e7b8091d4632e41faadcc13c9ecb16aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
36970
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 30D4 		101 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d66d1e18d22f12f43a47d8a64ac6d0d67b1f735a9fd3a2ba1216a5602850ed64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
37313
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E79 		29 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
32c95f6742b44027bd8115dc199b6131d8a938e1be10abbb7ac8bdb0f25f03c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11689
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=883658929;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwin2012r2.com%2F;uht=2;fpan=1;fpa=P0-172796927-1678153780258;pbc=;ns=0;ce=1;qjs=1;qv=8a139892-202...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=883658929;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwin2012r2.com%2F;uht=2;fpan=1;fpa=P0-172796927-1678153780258;pbc=;ns=0;ce=1;qjs=1;qv=8a139892-20230306152629;cm=;gdpr=0;us_privacy=1---;ref=;d=win2012r2.com;dst=0;et=1678153780705;tzo=0;ogl=type.website%2Cdescription.%2Ctitle.Windows%20%E5%AE%9F%E8%B7%B5%E3%82%AC%E3%82%A4%E3%83%89%2Curl.https%3A%2F%2Fwin2012r2%252Ecom%2Cimage.http%3A%2F%2Fwin2012r2%252Ecom%2Fwin2012r2%2Fwp-content%2Fthemes%2Fcocoon-master%2Fscreenshot%252Ejpg%2Csite_name.Windows%20%E5%AE%9F%E8%B7%B5%E3%82%AC%E3%82%A4%E3%83%89%2Clocale.ja_JP;ses=89be36d9-2f26-4e18-80ca-2412a717aec2
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
9.gif
id5-sync.com/c/102/163/0/
Redirect Chain
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*eNcXMvR-IZca4Za4dPGoOVstNGkMpyzq0cYC_xV6knI9QYgSI6IEiXuS8hD99fPi&o=api&gdpr_consent=undefined&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-f66f6p8AwwQAt-xqEIltRcwVPRJGDb7PJyOrC5uzJg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6496980970204499328&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/6/3.gif?puid=6358988783605550458&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-80b0tZo2ZH1GuEBWzXMShG9DAka295oejI9R2BPRSA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/102/3/5/4.gif?puid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttl=%%TTL%%
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/123/3/6.gif?puid=186b9c2995a-5dec0000010e5d96&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC4NE7IDTAAACCtMn4Psg
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F1%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/112/1/8.gif?puid=196EA5A50FC48E61&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F0%2F9.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/163/0/9.gif?puid=Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/102/163/0/9.gif?puid=Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 07 Mar 2023 01:49:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-002b15eadf69dc4b3@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://id5-sync.com/c/102/163/0/9.gif?puid=Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
84bc77202880b6c1adfd8768115613e76ea262daedfd2b3faffd386f02904f7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://win2012r2.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 07 Mar 2023 01:49:41 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://win2012r2.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 07 Mar 2023 01:49:41 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://win2012r2.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 07 Mar 2023 01:49:41 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://win2012r2.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 07 Mar 2023 01:49:41 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://win2012r2.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 07 Mar 2023 01:49:41 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://win2012r2.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 07 Mar 2023 01:49:41 GMT
server
ATS/9.1.10.25
prebid-request
onetag-sys.com/ 		15 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://win2012r2.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://win2012r2.com
Access-Control-Allow-Credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=41470878533&lsavail=1&bundle=a_c3JV9FUVlROFN5QWZrNUxoaEpOWmxCYWk2UzE2bnRmcTRoS0lCMndoVnRKWTA0dW93TVZ1aFEySk5CZkEzRlBVZ2pHJTJGSlRKV21pUlcwNWhWUFBueUJDcGRyOTBtcDZDVDROMmNXTUhaaGJxNk5hcmRZcXRJbyUyQiUyQmZwNnQyUTJDUDNwQw
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
adjson
ads.betweendigital.com/ 		2 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwin2012r2.com%2F&tmax=3000&gdpr=false
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.58.46 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-58-46.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=23134198885&lsavail=1&bundle=a_c3JV9FUVlROFN5QWZrNUxoaEpOWmxCYWk2UzE2bnRmcTRoS0lCMndoVnRKWTA0dW93TVZ1aFEySk5CZkEzRlBVZ2pHJTJGSlRKV21pUlcwNWhWUFBueUJDcGRyOTBtcDZDVDROMmNXTUhaaGJxNk5hcmRZcXRJbyUyQiUyQmZwNnQyUTJDUDNwQw
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=48326&adtype=banner&auc=26328&w=1&h=1&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=385a81d99daf655&schain=%5Bobject%20Object%5D&bidfloor=0&d=win2012r2.com&sp=https%253A%252F%252Fwin2012r2.com%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=48328&adtype=banner&auc=35757&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=39354e99ef63b3e&schain=%5Bobject%20Object%5D&bidfloor=0&d=win2012r2.com&sp=https%253A%252F%252Fwin2012r2.com%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=48330&adtype=banner&auc=26322&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=4095e469f4563cd&schain=%5Bobject%20Object%5D&bidfloor=0&d=win2012r2.com&sp=https%253A%252F%252Fwin2012r2.com%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=48337&adtype=banner&auc=26711&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=41a6bcf00c2ca0c&schain=%5Bobject%20Object%5D&bidfloor=0&d=win2012r2.com&sp=https%253A%252F%252Fwin2012r2.com%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=48337&adtype=banner&auc=26711&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&l=en&dt=1&pid=62169&requestId=42ba420f12351ed&schain=%5Bobject%20Object%5D&bidfloor=0&d=win2012r2.com&sp=https%253A%252F%252Fwin2012r2.com%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
moneybid.js
ads.themoneytizer.com/bidder1/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102378&adid=11&formatid=video&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7oB3icz7/oyMBAA
x-accel-expires
@1678683922
date
Tue, 07 Mar 2023 01:49:41 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5f963598066454c9a114
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
74659
moneybid.js
ads.themoneytizer.com/bidder1/ 		339 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102378&adid=6&formatid=26328&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7oB3qO/r/oyMBAA
x-accel-expires
@1678683922
date
Tue, 07 Mar 2023 01:49:41 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5f96359806648210a914
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
74659
moneybid.js
ads.themoneytizer.com/bidder1/ 		339 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102378&adid=30&formatid=35757&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e51eae5200b5dfba264665a40880e4c2063984f002d00942c77b1b16a718bd3f

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7oB37tgb/oyMBAA
x-accel-expires
@1678683922
date
Tue, 07 Mar 2023 01:49:41 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5f9635980664bda0a514
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
74659
moneybid.js
ads.themoneytizer.com/bidder1/ 		339 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102378&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
bccf82d43a087f44f18f52a191ab456f4186e4477617fdf09c6b66e3d4470d57

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7oB1UF77/oyMBAA
x-accel-expires
@1678683922
date
Tue, 07 Mar 2023 01:49:41 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5f96359806648701b114
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
74659
moneybid.js
ads.themoneytizer.com/bidder1/ 		343 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102378&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
00c52bee8e18843fc615f12e24cfa15a163e9534f26cb2b1937028018de1d96c

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7oB1Ox9f/oyMBAA
x-accel-expires
@1678683922
date
Tue, 07 Mar 2023 01:49:41 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5f9635980664ac51ad14
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
74659
moneybid.js
ads.themoneytizer.com/bidder1/ 		343 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=102378&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
00c52bee8e18843fc615f12e24cfa15a163e9534f26cb2b1937028018de1d96c

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AVm7oB3gJmL/oyMBAA
x-accel-expires
@1678683922
date
Tue, 07 Mar 2023 01:49:41 GMT
x-77-pop
tokyoJP
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5f9635980664023db414
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
74659
/
prebid.smilewanted.com/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3f2eeb697e838a-KIX
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3f2eeb697f838a-KIX
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3f2eeb6981838a-KIX
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3f2eeb6984838a-KIX
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3f2eeb6986838a-KIX
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a3f2eeb6987838a-KIX
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid
ap.lijit.com/rtb/ 		25 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
1b5e9755b9547326c6bf45e3bc2407bdc27d1939ef96a8d37ade52bde364a273

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 07 Mar 2023 01:49:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://win2012r2.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
pb
ad.360yield.com/1602/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1602/pb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.24.162 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-24-162.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
c
prebid.a-mo.net/a/ 		584 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
930a0e92737bce95c64ab5f3a1c87ae3652e434e609f09b0f63c2df96f0ae046

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:40 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
93
content-length
299
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		890 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwin2012r2.com%2F&PageUrl=https%3A%2F%2Fwin2012r2.com%2F&PageReferrer=https%3A%2F%2Fwin2012r2.com%2F&CanonicalUrl=https%3A%2F%2Fwin2012r2.com%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1d9d67e6333d7eaf791aee73c45d90ebd213f75a7f835bc1fcddc15cca956c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.3
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
84
pragma
no-cache
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
bid.missena.io/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.missena.io/?t=PA-25261242
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
505b274087b2e56ea346ddb01f869049b6601ca0f5638891ef824158351523f3

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 07 Mar 2023 01:49:41 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://win2012r2.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
fastlane.json
fastlane.rubiconproject.com/a/api/ 		750 B
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=38332&zone_id=1124648%3B1078246%3B1078332%3B1078332&size_id=15%3B2%3B15%3B15&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B%3B&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,94609,1,,,&eid_pubcid.org=42423dc4-feb4-493b-a722-53bc9a70ea42%5E1&rf=https%3A%2F%2Fwin2012r2.com&kw=102378&tg_i.page=https%3A%2F%2Fwin2012r2.com%2F&tg_i.domain=win2012r2.com&tg_i.name=win2012r2.com&tg_i.siteid=102378&tg_i.pbadslot=%2F102378%2Fwin2012r2.com%2Fdesktop%2F26328%3B%2F102378%2Fwin2012r2.com%2Fdesktop%2F26322%3B%2F102378%2Fwin2012r2.com%2Fdesktop%2F26711%3B%2F102378%2Fwin2012r2.com%2Fdesktop%2F26711&tk_flint=pbjs_lite_v7.35.0&x_source.tid=2ec4756a-bd2e-466a-95aa-9ba99e71b707%3Be5df1cec-b88a-4200-ad68-bf1aecd3c547%3B22ebdebf-fe6c-47bc-801c-2299dc2bf375%3B1c368a31-8b71-4d1b-a47a-7b7a06afadeb&l_pb_bid_id=84a7583a3636757%3B8585e2c9cdba2f3%3B869f8db77a6eabf%3B877eefaec901bad&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F102378%2Fwin2012r2.com%2Fdesktop%2F26328%3B%2F102378%2Fwin2012r2.com%2Fdesktop%2F26322%3B%2F102378%2Fwin2012r2.com%2Fdesktop%2F26711%3B%2F102378%2Fwin2012r2.com%2Fdesktop%2F26711&slots=4&rand=0.3220040327977718
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
472bc60688b40262aec022e2a5b9fe8bcf6b7052a77d78326cd99aacb0377a98

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://win2012r2.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
750
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c5a988db9f5c8819dfc6d28a01b5172c18ee1638dbfedfde0964e538cd0a9a84

Request headers

Referer
https://win2012r2.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3b62c3a6ddf8c5ca6ec5b65e859577d6298ff1eb69eeec422113cc3e714415af

Request headers

Referer
https://win2012r2.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b24263ada9e275545cc5f8774cd5b9463c1fc0d001be524364294a55958f21d1

Request headers

Referer
https://win2012r2.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2f244986cbced340b386f365a382f0d41f1dd2753b22a3e93dd98af34d8e1551

Request headers

Referer
https://win2012r2.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3041703924c90e1bed8f34144d43e86bb374609a0e746ace3fa4c4a946b3e787

Request headers

Referer
https://win2012r2.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8e6aa90d8bdfba8c5215ef961567b68841fce33ca8c9937ee092bf07bd388635

Request headers

Referer
https://win2012r2.com/
x-openrtb-version
2.5
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
content-length
84
prebid
mp.4dex.io/ 		999 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
993d56622689e36785bbd1ede682348e885732874d3ec16ed637829bb8370983

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-tyo
date
Tue, 07 Mar 2023 01:49:41 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Duplicate adUnitCode: 26711, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26711, Process Seats Booster. unable to get the seat booster engine for organization: 1015
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7a3f2eed7a071a09-KIX
expires
0
prebid
ib.adnxs.com/ut/v3/ 		48 B
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:41 GMT
AN-X-Request-Uuid
998ca455-423b-4539-b7a5-895cc3aa5fc2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://win2012r2.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
48
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
shb.richaudience.com/hb/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:41 GMT
access-control-allow-credentials
true
server
nginx/1.14.2
access-control-max-age
86400
/
shb.richaudience.com/hb/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1678153780949&to=0&aun=26328&pubcid=42423dc4-feb4-493b-a722-53bc9a70ea42&gpid=%2F102378%2Fwin2012r2.com%2Fdesktop%2F26328&t=iikzq9xw&pi=2&gdprApplies=0&schain=1.0%2C1!themoneytizer.com%2C94609%2C1%2C37dddec9-c145-4098-b569-ae6b6241df82%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwin2012r2.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.35.0%22%7D&ogu=https%3A%2F%2Fwin2012r2.com&ns=10240
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.33.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-33-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
11aa7183f02f41e189acb90aed9cf3d3758513016b3779be9661244dcf0a3981

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://win2012r2.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
openrtb
adx.adform.net/adx/ 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fire.js
s.cpx.to/ 		717 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fwin2012r2.com%2F&hn_ver=40&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&dsp=pub_common&dsp_uid=fe4fb912-a987-4b9f-8457-550fd698c4b8
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.157.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-157-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bd232a4b3fec5ca53ecf012406703896fa19f06940a64e4e3fd6728194bb198d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
application/javascript; charset=UTF-8
p3p
CP="NOI DEV ADM"
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
717
expires
Mon, 30 Jan 2023 11:25:31 UTC
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 30D4 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 30D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Co7JrNJgGZP3bJeyFs8IPp-mtuASA7YOMb_q6t-aPEbisifuwDxABIOeDuyBgibPPhJwUoAHfl4-iAsgBAakCI-ZmeCGWPz6oAwHIA8sEqgTfAU_Qc0KIvryT_WVAULdSQhCtwiDmtUnfXU-VzBWfcTBV_shUReWYzfNvDcyz_3h7D2fYy8bpE7mmi6zse-W7TWqHseByV6E18p3FI-3DKa_aZgwMNGn1kYaWAVpIq59IZvkyfgR0yW0x-4BMbDg0F136oxOwAg2tCHyAnWDOKm6e0tsb864EeZD_EaqmWeqCDH9CrS1MJ5mZKSrZF_2Ufw2iM-Xa9TUVugtYGjwwai4LvPygem2D7Wks8JQKHrgCbCsrn1HI-2n3UvWeYmXeJnhJn5cPYzpvBxJnKbSJn9zABPGUtcibBJIFBAgEGAGSBQQIBRgEoAYCgAeJ6PDdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJf_FtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi03Mjc4OTg5MTAwOTM0MjI2GAA&sigh=SbiSUo8kjOE&uach_m=[UACH]&cid=CAQSKQDUE5ym5DI6SaAk4T2Vw3OnhQ2g5kZey5hOCpmEkqwzuROrFPVHaDf0GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14900877604874251141
tpc.googlesyndication.com/daca_images/simgad/ Frame 30D4 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14900877604874251141?w=600&h=500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
f257cafc900365b71fadba8fc7df0544a501a135b711e2b5d0c74b8689a6757e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 03:16:32 GMT
x-content-type-options
nosniff
age
426789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33929
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 22:08:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 09 Mar 2023 03:16:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 30D4 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 30D4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 30D4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
l
www.google.com/ads/measurement/ Frame 30D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIZvdGdAiuYl6l5YxWopARn9XzJni9RWVsxBARC8z2smuFIJ1oN3BQhj0qi-pYg-xK-x3njaKVtqbctxObzXt3BbabNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30D4 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:41 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame 30D4 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:10:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 133F 		469 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNXzLe3Fg0_HAmZiWacJ5Ytj83Zmsp4qz83io9FyR9wVbpad-qZVSWypJsL7VGgg_acGwWli-G97f9LZISE3jd--JnD2mQBcLKW-o_NEzSq-MMf4Wk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
199
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 989D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:41 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 989D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j9T4DcnGX2xOTIU-JxvK8M&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=467642225278&turl=https://win2012r2.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.106.35 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-106-35.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:41 GMT
X-GUploader-UploadID
ADPycdtx0EU58FviKToj8eX-ghAEB9u0K9fAusrUcugF2w9achTJGSplYiXp9WaaUDQKIWcVB0pVUomqX6e0VjN2A89o2g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
1922
Last-Modified
Tue, 10 Jan 2023 11:02:09 GMT
Server
UploadServer
x-goog-meta-previous-generation-number
1673253614982549
ETag
"87b6182d03ee779aa68e37632f67656e"
x-goog-generation
1673348529482061
Content-Type
application/javascript
x-goog-hash
crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
Cache-Control
max-age=86400
x-goog-stored-content-length
1922
Accept-Ranges
bytes
x-goog-meta-pipeline-id
742670731
Expires
Wed, 18 Jan 2023 18:58:17 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 989D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j9T4DcnGX2xOTIU-JxvK8M&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=467642225278&turl=https://win2012r2.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.106.35 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-106-35.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
03d9196c5bb20ddd14f858687cc827133dfb110401d678b90fbacf02c9e26f9a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Mar 2023 14:02:25 GMT
Server
Microsoft-IIS/10.0
ETag
"802ef41c6b4fd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3337
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 989D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 989D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
l
www.google.com/ads/measurement/ Frame 989D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBQqfC778b2rMO_y-2PfdHOsM24xChEHlQk970yJH6uUIzOl3UE9wI1mMe3vPlmivk6g5V9FDC9cIWp6DsDKBUxCA05w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 989D 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 989D 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AMbnDDXUByboQIQg_ALD-GXPgAXs_tZiO1izeB6O-cg7gI80Ej5hT0VUluKp8q14Hn3nZ9598xspBJdh6AA2qQ1B1lZA1Rwk-hiSxdq2ic-wkMotg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 989D 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4514126447019834325&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3F9B 		614 B
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E3%81%93%E5%91%88%E3%83%AA%E3%81%AE%E3%81%8A%E5%88%86%E3%82%AF%E7%94%B3%E3%81%A75%E3%81%BF%E5%91%8A%E3%83%83%E5%86%86%E5%BA%83%E3%81%97%E8%BE%BC%E5%8D%83%E9%80%B2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f10.1e100.net
Software
ESF /
Resource Hash
568bc60ae6c219c8ff470add5993d417fe35eceb6d3ee839389257b4c911f307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 01:49:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 01:49:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 3F9B 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3F9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoSsJNJgGZOG9JOGIs8IPteSfkA6A7YOMb6K7t-aPEbisifuwDxABIOeDuyBgibPPhJwUoAHfl4-iAsgBCakClqdNcDaYPz6oAwHIA8sEqgTeAU_Q3PKwXum4grDNJxod1oyYXRcjvxb4feD_Vy59AQiKsfXOZd28LlnIcmmSROBKC6QHLg1TsUhS-e7k9nUodKnTCPfuUr-qYubiTWMb6wr5a0jOoobTEnMwg9RgrQYqJcvl-9gDnHj0bRhAR0oijYhnC7bF3OhjF0ztw1I4J_gXj_MHSzo9bbr4kcBa39sh9EKN7Mscnj56zj_gMf09un5lEtwAe0ck7xg85hZ7hyMMM_tk9dIOwj-kXUkDlk3x_EiNPWFx_S2s8qADyZLWbS2-vsBqhrBCtbtJIBCkz8AE8ZS1yJsEkgUECAQYAZIFBAgFGASgBi6AB4no8N0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ27kd0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi03Mjc4OTg5MTAwOTM0MjI2GAA&sigh=LiPecfoouGQ&uach_m=[UACH]&cid=CAQSKQDUE5ymupaGnlluOeOlnFJntwxhghZRJZN3GkXaEYS50KuOOel_ZIhbGAE&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 3F9B 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 3F9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 3F9B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
l
www.google.com/ads/measurement/ Frame 3F9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQElnaoZg7O5hxCPREe0_Tt4H-5kCLm1S4WCsvbjXMHSy7LkeQmzfamLbBXOB53JiGaIqsm5Gs4lb4bo0fAtgyk2ov0Qw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F9B 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:41 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame 3F9B 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:10:23 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/12506484927167086964/ Frame 3F9B 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12506484927167086964/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
495998a2923b3907c04b4ae9ad1c088badf029104c91dbb40bbfa48e0c520a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 23:37:05 GMT
x-content-type-options
nosniff
age
353556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47161
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 09:58:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 23:37:05 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5476215347548676219/ Frame 3F9B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5476215347548676219/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
8e396e2669726bd2ad9e08c1728ec4dae1f1eaa31a8adbf85efe8015367dc2a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 15:02:46 GMT
x-content-type-options
nosniff
age
298015
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1479
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 09:45:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Mar 2024 15:02:46 GMT
pixel
cm.g.doubleclick.net/ Frame 133F
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNXzLe3Fg0_HAmZiWacJ5Ytj83Zmsp4qz83io9FyR9wVbpad-qZVSWypJsL7VGgg_acGwWli-G97f9LZISE3jd--JnD2mQBcLKW-o_NEzSq-MMf4Wk0
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Mar 2023 01:49:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 133F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1&gdpr=0&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNXzLe3Fg0_HAmZiWacJ5Ytj83Zmsp4qz83io9FyR9wVbpad-qZVSWypJsL7VGgg_acGwWli-G97f9LZISE3jd--JnD2mQBcLKW-o_NEzSq-MMf4Wk0
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1&gdpr=0&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 133F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAaYNYOJJ4ARKje1WrpskAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYjvn9vAEwAQ&v=APEucNXzLe3Fg0_HAmZiWacJ5Ytj83Zmsp4qz83io9FyR9wVbpad-qZVSWypJsL7VGgg_acGwWli-G97f9LZISE3jd--JnD2mQBcLKW-o_NEzSq-MMf4Wk0
Protocol
HTTP/1.1
Server
23.90.68.235 , India, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENOpne6gWR1TojtOKjCp6RY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 8206 		922 B
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%9C%88%E7%B4%84%E5%88%86%E6%9C%AC2%E3%83%BC%E9%82%A6%E3%81%AB%EF%BC%81%E6%96%BD%E5%BE%97%E3%83%83%E8%BE%BC%E5%9F%BA%E5%AE%9F0%E4%B8%AD%E3%81%97%E7%94%B35%E5%B9%B4%E3%83%B6%E5%86%86%E3%82%AC%E9%9B%BB%E3%81%BF%2C%E3%81%8A%E9%A1%8D%E9%80%B2%E3%81%93%E5%91%88%E5%BA%83%E6%9D%B1%E3%81%AA%E5%91%8A%E6%B0%97%E9%96%93%E3%82%B9%E3%81%A7%E3%82%828%E3%82%AF%E6%96%99%E9%87%91%E5%8D%8A%E3%82%AD%E3%83%AA%E3%81%AE%E3%82%89%E5%8D%83%E3%83%A3%E3%83%B3%E3%83%9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f10.1e100.net
Software
ESF /
Resource Hash
4f54637ce1614d87f3454a8f1fcb352391468f2271efe8ccc18cd553465d0e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 01:49:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 01:49:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8206 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8206 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkUApNJgGZNTGJczXgAPQypqYA4Dtg4xv-rq35o8RuKyJ-7APEAEg54O7IGCJs8-EnBSgAd-Xj6ICyAEJqQIXBa5ykJI_PqgDAcgDywSqBN4BT9CrnsrLAiRkUHMXTcms6pxcqwhPzSXjFXO9qh12gZoheaz5YPisz3MPFeD-iVinFBu-9Y9qLWTFYIPJlbiNFXKop2nCG6lPeKJZvACu8o9C5_fkzHjxjpj1IZVEVDtYjZx9WC9tUsrbn99hCOtYplN0ShWOlmm3L7-k94OYwcVuIQg3_UV06Cu_xs4xUpoIieSCH-si1h6c5hDPU3NfDW7rCfZhn9LR-_rH856UhVm1hl8pRt5K2yYTuiwxnzpt5Jp2zydC5liwvC3QDbY8vzZEIb2Ea73sDI-HqiNdwATxlLXImwSSBQQIBBgBkgUECAUYBKAGLoAHiejw3QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDhsRTSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItNzI3ODk4OTEwMDkzNDIyNhgA&sigh=P_LFgm-KppI&uach_m=[UACH]&cid=CAQSKQDUE5ym-rgKQzEV3a-V6QZZ0zD8VGBvk4YGQQoP8ozuH0X-o5cr7x6aGAE&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 8206 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8206 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 8206 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
l
www.google.com/ads/measurement/ Frame 8206 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeN0lmn2xm3QcTwMcFPfLvnnjfaHrbW-eGk4_WIkGpar5QTPAJyYKRaxJCE3nVND6Tb6tXkk_E2WMj3WvevjNtxMENog
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8206 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:41 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame 8206 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:10:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 989D 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=12158608339&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 989D 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=12158608339&version=m202301230201&ct=77&x=1&cor=4514126447019834400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 989D 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DO8NFcc1XCMPZ2aclqullm1BMoYWZE1QzTPt7JUtkPguHgUhSOp9jIOeDSk8B85J9DBb32i0P8KlcTv3-4drIJoBAIAVA211x-N7Y_1Z2RXCsxOvu8hXQFbopxciB2cWLh7rcGgo5TCDXjdsxbaxAH7cne7y-LYX84aWbYOECT7HWsfsw&cry=1&dbm_d=AKAmf-CiZn6BJTk4DvK8BijW1vUK8Jvm41FaFsj_53PbpGXSlnF_OUWvQ2nCXvWa84oeZKfkAfqhcbjeLG6k557sPdxAcaIdJka28Mj18j28GLdYGpbJWYOtdoLe5ojiyNrEiNA9BEratcOMsoUxK758J5HBacj_qYlvm1FKXgEiGl2IbMfbqmTg1iyaxFBYUl1svkjc4ZbEOGXDKbkUpqnXRARAmTfgOPtE2-vj2Lan8782E5bp8A-NwD4DDmrMZdxA1pEcLK_KyGlRAVjo6OkEKfzaBbFFFZ0k1foc_6zLabEd6N8BwXzAyrJBDpeWA0mqWe7mu3JLUkEc52z03tD6fXyDG3rkeU8nGqCIj7T2KaKkWeoKLH_VmNsXAxxSt0iXd6LhXOpALZM5J8X5cmCX_KS4plfKrao2KsLtkNJGgET8hdzzlf9n5pAFibmY2EXfdTI_-KWvxM2qLBnrNg26HKDbx5UYD4zYVxAkjkZlhLHmy1A_ms8QFZyFRWOivZaRjmSAChvuX7q9CO4nLOLNAlXM__5QA7K56S35NmZLZb67fw8NnSq4H8v2tkRt9xClkWGEhgfehyTGhm3FDTBy_erSdnFiq0qmqApRMtNxBNLcmX2IbiwklXcwVg5k1gNKqZ6LfIsMP9661DRYIr6PRp6LeC_VmiAfj6YoG-ySjUPRaVzPQeUa_EJEuPv2xT75XmwVjDjJASmYy9a9WgrOfMUNxdEbII5-pu5HBsDx2uRvL3hVD3Ymzn8CcCfBUBq-aT2U7KqT-ege7eix5d5gzlgjp67JPsmAIXHZB5wEg1trf2Jo_PJpbm40T2uNLFRJIPlI0_vqalrqA5Ovv4VAUEA2ObQKPRmpSrskTBDxIGQOwK1eia5IKVBMnJvWHhPE4XKSQ_-4vPkF79S3hbRx4yax4EG-B2xIWg5z2KVtFCBmBZSAbESpOJ3j6fvCpH9e6lrSDRIdZHdNTgP1maZObcWXpcqoIgT8iYkpis3cYA0KCO56KO3SAk_ONIzEf2yDy_l26MTTgNqm4rPliJvOXwmlZ0w1DvHI1uk1kkE_XNKVUGatZsev4_d5KFI6R0-E87NENOi-lPWLJ95TL2Vb_QnNyHNvMwQJj-M4o_vvImoDn4T5lfu3GmeBTtNIuadqyKTWQiV8WHpan4swKF8AhQcagdXIf3I0_Nk_Uv4W873gNzNyLb78JGFtSN_puE74Lf7swLJgxB7Jozd97e69s7rMAx5CuHs7UTeJ9wBkaLG9x69brBkcRIfnFo5nIzHlv_R3MzzOOQ4jTwyrb7NsWp5wfAcvwYz7JZnSehNlfsGbMMysg1VsfGARins7a6UcsKS25NPoWSRhSPcD5uq30XWQ69P7kGkXAX37HgBASPKfrA0mdkPIsB54iGJQ8Q8kKz-wu-teHdhRhtbttRQm95q0zPOSKZrVUEEVbNkv3SXiAh2dlHKCKSTUCN35ufqa9VjfdMkrsqsYNYbQGOjhQrUge5m4ujLXgNcaszxjysO729fFkay5TZyGDoxjAXnKbqRC-IIwopLyFwHsANTjpll5syREAdhRYuRZw2nAuasXfIopDpn2l10PLXhbTqjYU-CLdP_efJMGwb8mwl2qlhw9Ln5oqKm_ojeuQbvk0NdUvZgavy8-yS6wJ5ok1K7gZE_cDzQVgpWuAX3Ldqog4vpwDw2UgMIED9Xf6yWYs5X4cOl8fvW9PGdBxQX2_Y4IJkcIyE0vJeTd7aAUw-3rDiO2Tqj70wCkOyjpxiE5rT-6pvmBluj5efPCFylpCuIJb1SMjJXbJM8kWCGUepQwG4UTp51tquJukQHMFqrJYrqfzxqDbl5ET5EmEK1pKCJQQDosWBuEWSNYDutq0Cn5KVFimG35FVLA5J8WC3abqJz484VLN_7qp3E9-r5LwMYBPz3MBbejmlQX9aSJ1Xc4oIclnYLGrEvbnPlAUMD5fYwKW2wSeIFDepfJMHxd64v3gYpV3I36jSKW--Z62vx0LHQlhaHopf-Awi0CfpoiljrXXHESKzq2JqnK2dOd6NKMQ4Xey8Ef9Clr10Sin1xMX9PUGQ6s8cf276PGPO1LRQe_haaRacNwd-Y27l-_TCV59iHhKlegch7tLtraQOb-__WGVz5PijeIUFnXwCt2dbTKpvotJAAn9lw5AM1htvof4R1vH-EB2h3sdhgCnFtdBvNj5DcFS2AvCtsbF4ayPGyC8WKUDR75M7qGd5k4igslWL3Uugp_vmGyf20ERtzQkn0lUkrTYwd9dyeHWemC2-WU71e19UF6J0BCkK6aoGWBStzblNkR4_EcbqoDnOBXaBnQmq549peWx9M2zIhhkFV6lYSheREE8lrHFA-NFdctgMwRqs0qGryaNXH0eIGvWQDzHOC3M_TAXWpEYhThSh-qvUKGLtimp1MWSwEpNSH1othQSfum27iE7BKz0PId0e2zbuXQC1GTK13F7lr4ClYaMIuhb8bpQFLUYaY_-Zvif3uF3AqipyNGd1urGD3B-H1KYjw53ahxhNmS6mE9Hrzocx44rXp_mEXE0DAHtlAi1a8fLdHlL69lElkxt-QZHmg4nknzvVKjaLUyZDybvNfA1VeKn9j4P-cwS4aqHle4uCioOOPHtYxOv3gHPbRtKCwFXziQ5yTTGThUX5PykpxYvDAkKoMFCn77mIfjg6DvMpP5PljDxsL-AyuGiLIpfxCv-YGm0GkZ6asm-GqPnuyrRhdzQCMtlwvpGyjjYodmpyxTTxR19FNvdL9TAqGNKu-C8ZfxRq-SM8t9Q3GjRMLNNV7LUS4SIU3HZQB_djioIcRukh3Tw5mvTFe36kx_dffbfCBFdI_B4qCLiBTtenLfXeyOmFzFjwNcm0F7BBR0OGG2UGaelt0b3GvTi-DJX7wHksU4U-ea2hG9xmYPA_Ri3GJs37T2-dswfpPpwg7w-hZNXUCMuCi__w_Vmt1KpNw6s1Kv3Pb_ij5sp3YKEJ-s7P1_GOHYsSfdfq1xk8NSv2_YuwrdnwUhO6U-YQldcfrHcVcOiysAiCg2Cf0I1Zk-Pkyr2-3Tj6_hOmxQ3OKlUMjoQVz90Yrwuds3dkEKQgzvxKeiGSjFmCvKjfGeSKwZTCMwBzzteMHPzOkcpn5Qd0-PRNZQTlTxMg6FB_omrqihGRC7dhqqBK6h0nsm9zCzl6Bs0XZq5udU4y121-LVxRFb-V3bricoHT0kf95PfvHwoic7zO0JjbP_TQUsQ_ie6w4KEOmhMp3-B66jMd_Zf2Z1MtS4KHAVnWvdEOL_NURVmv8yLC6Jc7FpaR2mSt-WErbekb-Jy5Abw1ZSTiLc95nWR892tyCr59BrTJHqJzPkcPi8EecNpwvm5yfrHNW7wE0p6rhkoyaBKom8PmW3hgYRZtORBgB3tf446AfFv-RT1EZJER_eoVqvejEY7wIfh_dvuz-dc2vpr15zQ7UTGhF6VqzXy-Ygw7YljkK3P2veVU9kHhB0LdtktpJnLEmqzzpNz8RomHTUp7MVRyzamuhHaEG_&cid=CAQSKQDUE5ymPZZDsdGYO3b25bVKdYabbCczWdcVz1nJyXgyQg__lxD8STUyGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwin2012r2.com%2F&ds=l&xdt=1&iif=1&cor=4514126447019834400&adk=929882891&idt=119&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
269f504a8f26cc349d532f359af4fe6ccf8788963f2c902ced82755dca743543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11407
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7005910415433649222/ Frame 8206 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7005910415433649222/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
8ce1372a09486ff8cbba844e8f1f973a8783b5d36c20c5bcdd5a0c7ba95f1e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:02:54 GMT
x-content-type-options
nosniff
age
366407
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26412
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 09:45:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 20:02:54 GMT
truncated
/ Frame 8206 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8206 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 88F2 		862 B
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%87%E3%81%8B%E6%AD%A3%E6%97%A5%E7%A2%BA%E7%9C%A0%E5%81%A5%E7%9D%A1%E3%83%BB%E5%88%86%E3%81%8D%E5%B0%8F%E5%8F%96%E5%BE%97%E5%9E%8B%E5%88%9D%E5%A0%B4%E8%B6%85%E3%81%AB%E3%83%9E%E6%9E%90%E3%82%92%E3%82%89%E3%81%AE%E3%83%BC%E3%83%AA%E3%83%B3%E3%80%82%E3%82%8B%E3%81%A7%E5%BF%83%E3%81%8C%E3%83%88%E3%82%BF%E9%96%8B%E3%81%8F%E6%85%8B%E7%99%BB%E3%82%B9%E3%82%B0%E8%BA%AB%E3%81%BE%E5%BA%B7%E6%9C%AC%E7%8A%B6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f10.1e100.net
Software
ESF /
Resource Hash
b31e8bf31360e5a600e94f60971045ba72dc970a440d23d68b6f1942961ec4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 01:49:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 01:49:41 GMT
css
fonts.googleapis.com/ Frame 88F2 		4 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f10.1e100.net
Software
ESF /
Resource Hash
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 01:23:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 01:49:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 88F2 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 88F2 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 88F2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 88F2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
l
www.google.com/ads/measurement/ Frame 88F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3qb2wrELasQ2-BS__0dWvYwqEpWjpdAbpASHgZUCAhwiP--2H5vDc2E5I9Bb0n2G1E8x5DAv9nkWDJnIllCa8zW5WAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 88F2 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:41 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame 88F2 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:10:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 88F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDeX8NJgGZIGWJaKNs8IP7q-YiA_QxdGDb-PexLSOEbCQHxABIOeDuyBgibPPhJwUoAG_4cK3KMgBCakCI-ZmeCGWPz6oAwHIA8sEqgTeAU_QxGG0W2q6ofCZgypd8Zx7kY3xtlj89E6TSLgH5TcF65TmdhhPCLGLbpJWfKYCAKTFy4Q2yD8ZMYO1e51eX0Agx9cLKmoYagzzRQVTs2eM82hfwviNqCYzvHUenn4Rgw7ZkZC3i5w5oq1E0QiMfYAHNyjPwicHlO_TSICXnpzi9mRLaOZ4vbhTzSoju8TUwDatQSzsRFYbmbndKK7nLWof4KR8siCx2yWFinCO1lO0FFi79-jisMND-Q77AYSjNjiiniFl9hNAIAxb4fcNrj-ITimi3s22yAVF0PpK7sAE65jivKAEkgUECAQYAZIFBAgFGASgBi6AB7-Zk5cDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqeIC0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTcyNzg5ODkxMDA5MzQyMjYYAA&sigh=di5m_udcZJM&uach_m=[UACH]&cid=CAQSKQDUE5ymNNGTHFX6hGBFCipnx1FgLkpVeau-Nr-XhK72fs4gV0Gr7TH1GAE&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 01:49:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/4307465623384854458/ Frame 88F2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4307465623384854458/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
ef6e0a0c832bb6478bcc7857dbb9c656f7ea8bcc894f427d6edede91e7b6dd6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 17:33:47 GMT
x-content-type-options
nosniff
age
375354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12280
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 09:17:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 17:33:47 GMT
truncated
/ Frame 88F2 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 88F2 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2DA8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144885
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Mar 2023 01:49:41 GMT
expires
Wed, 08 Mar 2023 18:04:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 989D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DO8NFcc1XCMPZ2aclqullm1BMoYWZE1QzTPt7JUtkPguHgUhSOp9jIOeDSk8B85J9DBb32i0P8KlcTv3-4drIJoBAIAVA211x-N7Y_1Z2RXCsxOvu8hXQFbopxciB2cWLh7rcGgo5TCDXjdsxbaxAH7cne7y-LYX84aWbYOECT7HWsfsw&cry=1&dbm_d=AKAmf-CiZn6BJTk4DvK8BijW1vUK8Jvm41FaFsj_53PbpGXSlnF_OUWvQ2nCXvWa84oeZKfkAfqhcbjeLG6k557sPdxAcaIdJka28Mj18j28GLdYGpbJWYOtdoLe5ojiyNrEiNA9BEratcOMsoUxK758J5HBacj_qYlvm1FKXgEiGl2IbMfbqmTg1iyaxFBYUl1svkjc4ZbEOGXDKbkUpqnXRARAmTfgOPtE2-vj2Lan8782E5bp8A-NwD4DDmrMZdxA1pEcLK_KyGlRAVjo6OkEKfzaBbFFFZ0k1foc_6zLabEd6N8BwXzAyrJBDpeWA0mqWe7mu3JLUkEc52z03tD6fXyDG3rkeU8nGqCIj7T2KaKkWeoKLH_VmNsXAxxSt0iXd6LhXOpALZM5J8X5cmCX_KS4plfKrao2KsLtkNJGgET8hdzzlf9n5pAFibmY2EXfdTI_-KWvxM2qLBnrNg26HKDbx5UYD4zYVxAkjkZlhLHmy1A_ms8QFZyFRWOivZaRjmSAChvuX7q9CO4nLOLNAlXM__5QA7K56S35NmZLZb67fw8NnSq4H8v2tkRt9xClkWGEhgfehyTGhm3FDTBy_erSdnFiq0qmqApRMtNxBNLcmX2IbiwklXcwVg5k1gNKqZ6LfIsMP9661DRYIr6PRp6LeC_VmiAfj6YoG-ySjUPRaVzPQeUa_EJEuPv2xT75XmwVjDjJASmYy9a9WgrOfMUNxdEbII5-pu5HBsDx2uRvL3hVD3Ymzn8CcCfBUBq-aT2U7KqT-ege7eix5d5gzlgjp67JPsmAIXHZB5wEg1trf2Jo_PJpbm40T2uNLFRJIPlI0_vqalrqA5Ovv4VAUEA2ObQKPRmpSrskTBDxIGQOwK1eia5IKVBMnJvWHhPE4XKSQ_-4vPkF79S3hbRx4yax4EG-B2xIWg5z2KVtFCBmBZSAbESpOJ3j6fvCpH9e6lrSDRIdZHdNTgP1maZObcWXpcqoIgT8iYkpis3cYA0KCO56KO3SAk_ONIzEf2yDy_l26MTTgNqm4rPliJvOXwmlZ0w1DvHI1uk1kkE_XNKVUGatZsev4_d5KFI6R0-E87NENOi-lPWLJ95TL2Vb_QnNyHNvMwQJj-M4o_vvImoDn4T5lfu3GmeBTtNIuadqyKTWQiV8WHpan4swKF8AhQcagdXIf3I0_Nk_Uv4W873gNzNyLb78JGFtSN_puE74Lf7swLJgxB7Jozd97e69s7rMAx5CuHs7UTeJ9wBkaLG9x69brBkcRIfnFo5nIzHlv_R3MzzOOQ4jTwyrb7NsWp5wfAcvwYz7JZnSehNlfsGbMMysg1VsfGARins7a6UcsKS25NPoWSRhSPcD5uq30XWQ69P7kGkXAX37HgBASPKfrA0mdkPIsB54iGJQ8Q8kKz-wu-teHdhRhtbttRQm95q0zPOSKZrVUEEVbNkv3SXiAh2dlHKCKSTUCN35ufqa9VjfdMkrsqsYNYbQGOjhQrUge5m4ujLXgNcaszxjysO729fFkay5TZyGDoxjAXnKbqRC-IIwopLyFwHsANTjpll5syREAdhRYuRZw2nAuasXfIopDpn2l10PLXhbTqjYU-CLdP_efJMGwb8mwl2qlhw9Ln5oqKm_ojeuQbvk0NdUvZgavy8-yS6wJ5ok1K7gZE_cDzQVgpWuAX3Ldqog4vpwDw2UgMIED9Xf6yWYs5X4cOl8fvW9PGdBxQX2_Y4IJkcIyE0vJeTd7aAUw-3rDiO2Tqj70wCkOyjpxiE5rT-6pvmBluj5efPCFylpCuIJb1SMjJXbJM8kWCGUepQwG4UTp51tquJukQHMFqrJYrqfzxqDbl5ET5EmEK1pKCJQQDosWBuEWSNYDutq0Cn5KVFimG35FVLA5J8WC3abqJz484VLN_7qp3E9-r5LwMYBPz3MBbejmlQX9aSJ1Xc4oIclnYLGrEvbnPlAUMD5fYwKW2wSeIFDepfJMHxd64v3gYpV3I36jSKW--Z62vx0LHQlhaHopf-Awi0CfpoiljrXXHESKzq2JqnK2dOd6NKMQ4Xey8Ef9Clr10Sin1xMX9PUGQ6s8cf276PGPO1LRQe_haaRacNwd-Y27l-_TCV59iHhKlegch7tLtraQOb-__WGVz5PijeIUFnXwCt2dbTKpvotJAAn9lw5AM1htvof4R1vH-EB2h3sdhgCnFtdBvNj5DcFS2AvCtsbF4ayPGyC8WKUDR75M7qGd5k4igslWL3Uugp_vmGyf20ERtzQkn0lUkrTYwd9dyeHWemC2-WU71e19UF6J0BCkK6aoGWBStzblNkR4_EcbqoDnOBXaBnQmq549peWx9M2zIhhkFV6lYSheREE8lrHFA-NFdctgMwRqs0qGryaNXH0eIGvWQDzHOC3M_TAXWpEYhThSh-qvUKGLtimp1MWSwEpNSH1othQSfum27iE7BKz0PId0e2zbuXQC1GTK13F7lr4ClYaMIuhb8bpQFLUYaY_-Zvif3uF3AqipyNGd1urGD3B-H1KYjw53ahxhNmS6mE9Hrzocx44rXp_mEXE0DAHtlAi1a8fLdHlL69lElkxt-QZHmg4nknzvVKjaLUyZDybvNfA1VeKn9j4P-cwS4aqHle4uCioOOPHtYxOv3gHPbRtKCwFXziQ5yTTGThUX5PykpxYvDAkKoMFCn77mIfjg6DvMpP5PljDxsL-AyuGiLIpfxCv-YGm0GkZ6asm-GqPnuyrRhdzQCMtlwvpGyjjYodmpyxTTxR19FNvdL9TAqGNKu-C8ZfxRq-SM8t9Q3GjRMLNNV7LUS4SIU3HZQB_djioIcRukh3Tw5mvTFe36kx_dffbfCBFdI_B4qCLiBTtenLfXeyOmFzFjwNcm0F7BBR0OGG2UGaelt0b3GvTi-DJX7wHksU4U-ea2hG9xmYPA_Ri3GJs37T2-dswfpPpwg7w-hZNXUCMuCi__w_Vmt1KpNw6s1Kv3Pb_ij5sp3YKEJ-s7P1_GOHYsSfdfq1xk8NSv2_YuwrdnwUhO6U-YQldcfrHcVcOiysAiCg2Cf0I1Zk-Pkyr2-3Tj6_hOmxQ3OKlUMjoQVz90Yrwuds3dkEKQgzvxKeiGSjFmCvKjfGeSKwZTCMwBzzteMHPzOkcpn5Qd0-PRNZQTlTxMg6FB_omrqihGRC7dhqqBK6h0nsm9zCzl6Bs0XZq5udU4y121-LVxRFb-V3bricoHT0kf95PfvHwoic7zO0JjbP_TQUsQ_ie6w4KEOmhMp3-B66jMd_Zf2Z1MtS4KHAVnWvdEOL_NURVmv8yLC6Jc7FpaR2mSt-WErbekb-Jy5Abw1ZSTiLc95nWR892tyCr59BrTJHqJzPkcPi8EecNpwvm5yfrHNW7wE0p6rhkoyaBKom8PmW3hgYRZtORBgB3tf446AfFv-RT1EZJER_eoVqvejEY7wIfh_dvuz-dc2vpr15zQ7UTGhF6VqzXy-Ygw7YljkK3P2veVU9kHhB0LdtktpJnLEmqzzpNz8RomHTUp7MVRyzamuhHaEG_&cid=CAQSKQDUE5ymPZZDsdGYO3b25bVKdYabbCczWdcVz1nJyXgyQg__lxD8STUyGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwin2012r2.com%2F&ds=l&xdt=1&iif=1&cor=4514126447019834400&adk=929882891&idt=119&cac=0&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 01:30:15 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/reactive_library_fy2021.js?bust=31072787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
0e2ef69c9890adc07dc34b84ec44ba641bf9e4c3256b3d2857ffe3f465e3f9fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52364
x-xss-protection
0
server
cafe
etag
8287581024206013188
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4C83 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
82864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 02:48:37 GMT
etag
48472445140208031
expires
Tue, 07 Mar 2023 02:48:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8B25 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
82864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 02:48:37 GMT
etag
48472445140208031
expires
Tue, 07 Mar 2023 02:48:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CB4A 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
82864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 02:48:37 GMT
etag
48472445140208031
expires
Tue, 07 Mar 2023 02:48:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3F9B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd6e129e512ddd32dadd6ba493c955d0dd21c2656b469ac1b22bc6eda71754ff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
12.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
193d037de227652528ba8abf818aadb6c4f6ec44399af44f67bd12e914b43d64
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://win2012r2.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
truncated
/ Frame 8206 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d90eeab1a8e295fbabf39a603f4508f0646ebd427ab37aed367fa91d1c32e21f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F70B 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
82864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 02:48:37 GMT
etag
48472445140208031
expires
Tue, 07 Mar 2023 02:48:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 88F2 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64c4300bf46d8bb268ae4fe8026d464ffdf7e175cfa487250f234aca7faa174c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 30D4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9553c27c85509d3367c6988288eeda65d2dee38656f5345ef4bb8a492f977312

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4507 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
89525
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 00:57:36 GMT
expires
Tue, 05 Mar 2024 00:57:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4C83
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAJXZ31bVQRt0D3tzlGZAc4&google_cver=1&google_push=Aa02lx8LXaUCYovpfF2SV95Fn5UbQkA75hNpcYMV_YWGdQwfDdSgS6cos07dWrClmhAf4NAWDSzWSh_wvwE-Qio-Q74yhbnBzR4Pc...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUyOTI1MDIzNjcyMzIwMjA4OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJXZ31bVQRt0D3tzlGZAc4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJXZ31bVQRt0D3tzlGZAc4&google_cver=1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAJXZ31bVQRt0D3tzlGZAc4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C83
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEEbJ4oyXrv2IHsHDVR8HiP8&google_cver=1&google_push=Aa02lx9X59e1pxZJ_V78swFodhNbmJRkpuGjdMwuZ2s9oiNs61A_1qWizxDJlm1VhgXBPRG09zWie...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9X59e1pxZJ_V78swFodhNbmJRkpuGjdMwuZ2s9oiNs61A_1qWizxDJlm1VhgXBPRG09zWiezdYUkbdjKLBFIjlauf_rl4-SeeU8kL8tmS_yjqswAEXrmnD6xAvbQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9X59e1pxZJ_V78swFodhNbmJRkpuGjdMwuZ2s9oiNs61A_1qWizxDJlm1VhgXBPRG09zWiezdYUkbdjKLBFIjlauf_rl4-SeeU8kL8tmS_yjqswAEXrmnD6xAvbQaErJapSm-IW-6suUwnZEg_AGa3
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Mar 2023 01:49:42 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 60EE9451883B4F9BA549DC34057C6780 Ref B: OSA30EDGE0407 Ref C: 2023-03-07T01:49:42Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx9X59e1pxZJ_V78swFodhNbmJRkpuGjdMwuZ2s9oiNs61A_1qWizxDJlm1VhgXBPRG09zWiezdYUkbdjKLBFIjlauf_rl4-SeeU8kL8tmS_yjqswAEXrmnD6xAvbQaErJapSm-IW-6suUwnZEg_AGa3
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2RaAXY9PGobTKnrc6kA==
pixel
cm.g.doubleclick.net/ Frame 4C83
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9DhrG3GNDMeBtBK...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9DhrG3G...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9DhrG3GNDMeBtBKsmoTpp3FDCaA&google_hm=AVeUWgNYz2uXks8AD1u-78hvm8A
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
via
1.1 c951e19d4b5948f3bf888af72c1a5f9c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-EEgLsqyl-f_kSZENo5YRfM-0Y8XjbaA7K_GqqOmh6goL1nrw6dZL_ONAWxEXhkuyHwY2k9R-5b9clT_bfLbTrz9gtcC0P_-6b8VYbSHVR3csSDeYtlpHoqBUIoEo9DhrG3GNDMeBtBKsmoTpp3FDCaA&google_hm=AVeUWgNYz2uXks8AD1u-78hvm8A
cache-control
no-cache
content-length
0
x-amz-cf-id
96Jys4cBvlrGG-YCVl4gfIZbBI-2uZJfGBMpB5J3NTAZT4IEBQG-jg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4C83
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODFjYTU0ODUtOTg4OS00ODhiLWFhOWItNzA5MDZmNjhiNDUw&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx_u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODFjYTU0ODUtOTg4OS00ODhiLWFhOWItNzA5MDZmNjhiNDUw&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx_ugHzZLGLmVOJM3Hdc199gjm2KH8PqA8hWXt9pNCVCMq6ehBvi6PHpb9NqVsyEmoyCTzFHCxr7QuyHvJ06Hzcd9pbzgVyakcfDvI5Uic0sfa3QpTMVaeiHqUUY6bnbzxtivIuZtoFvTNQyQex3LvYhXQ
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODFjYTU0ODUtOTg4OS00ODhiLWFhOWItNzA5MDZmNjhiNDUw&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx_ugHzZLGLmVOJM3Hdc199gjm2KH8PqA8hWXt9pNCVCMq6ehBvi6PHpb9NqVsyEmoyCTzFHCxr7QuyHvJ06Hzcd9pbzgVyakcfDvI5Uic0sfa3QpTMVaeiHqUUY6bnbzxtivIuZtoFvTNQyQex3LvYhXQ
date
Tue, 07 Mar 2023 01:49:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C83
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHMPGc4frW99ucCPf-Gd120&google_cver=1&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQ...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHMPGc4frW99ucCPf-Gd120&google_cver=1&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQD94hqFs5z6Pbr5NalHjSicufZQM6RHf-eh9YKrN8yOyfqji4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQD94hqFs5z6Pbr5NalHjSicufZQM6RHf-eh9YKrN8yOyfqji4BDKxINfq0rmYrn0KyFrtWgPzo1qA&google_hm=MDMwMTAwMDVfNjQwNjk4MzZiZjFlYQ%3D%3D
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Mar 2023 01:49:43 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8hD_yx9YqXxA7u2CN5YzvtgCLGXsO1xRtWLZHGOEm86uo80fIerxO0Ms1bRE1Bgm6KoieAsHIHWQD94hqFs5z6Pbr5NalHjSicufZQM6RHf-eh9YKrN8yOyfqji4BDKxINfq0rmYrn0KyFrtWgPzo1qA&google_hm=MDMwMTAwMDVfNjQwNjk4MzZiZjFlYQ%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame 4C83
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECmnZ1eNwg6HOJ4sPF14rR4&google_cver=1&google_push=Aa02lx-wDrNmjnZ_kikikXFCQ486XTGA0Rwv3KtivEi1W0VOzFpgmuPZdZnjsvD0IolFFAY3AeezIxlrJcFhUctA2If51-ma_...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&mn_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-wDrNmjnZ_kikikXFCQ486XTG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&mn_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-wDrNmjnZ_kikikXFCQ486XTGA0Rwv3KtivEi1W0VOzFpgmuPZdZnjsvD0IolFFAY3AeezIxlrJcFhUctA2If51-ma_3yS6l1JxombwObHzpI0s1oXmbhJFLuuFtlR1m7iLEnB3_xSp97w_ViSjf_wsg&gdpr=&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:42 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&mn_hm=MzIxMTU1MzgyOTQ0MjczMjAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-wDrNmjnZ_kikikXFCQ486XTGA0Rwv3KtivEi1W0VOzFpgmuPZdZnjsvD0IolFFAY3AeezIxlrJcFhUctA2If51-ma_3yS6l1JxombwObHzpI0s1oXmbhJFLuuFtlR1m7iLEnB3_xSp97w_ViSjf_wsg&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Tue, 07 Mar 2023 01:49:42 GMT
/
onetag-sys.com/match/ Frame 4C83
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAaxwKYqoEkZaJkthjKLaPk&google_cver=1&google_push=Aa02lx8ybdBE9TCwLGMZk-PC-GuDsM1_R41nf2YMbi1LFWVyY9ZZYgBYhpkFlgGhbba35YagnGJxRYwBbBc...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhrnCkqrL9zaFQiIfQw9Gr-W7sNJS0iie4A&google_push=Aa02lx8ybdBE9TCwLGMZk-PC-GuDsM1_R41nf2YMbi1LFWVyY9ZZYgBYhpkFlgGhbba35YagnGJxRYwBbB...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4C83 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ig_YB8gdwsY9qAOSmCHqSIRWEbu458v1wsid5X5wxEO1hbwsu1DHhNjM1Udtmy-uznfwyZUQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 8B25
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYpXZb4q9NguoF2Yd81s6M&google_cver=1&google_push=Aa02lx-M-GirUxG-1MMJ5rVIjt_S9W4fqQz1YdKep34o5ZQVPmdmlmjQyvdrfeQdhJcGvevgpzLORAG0UVV1noHC...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx-M-GirUxG-1MMJ5rVIjt_S9W4fqQz1YdKep34o5ZQVPmdmlmjQyvdrfeQdhJcGvevgpzLORAG0UVV1noHCj1z5D77n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx-M-GirUxG-1MMJ5rVIjt_S9W4fqQz1YdKep34o5ZQVPmdmlmjQyvdrfeQdhJcGvevgpzLORAG0UVV1noHCj1z5D77nuSXcsQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Mar 2023 01:49:41 GMT
Server
MT3 569 46451a0 master nrt-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx-M-GirUxG-1MMJ5rVIjt_S9W4fqQz1YdKep34o5ZQVPmdmlmjQyvdrfeQdhJcGvevgpzLORAG0UVV1noHCj1z5D77nuSXcsQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Mar 2023 01:49:40 GMT
i.match
s.tribalfusion.com/z/ Frame 8B25
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENnFw2MRgZEv3d18Yf-0xb0&google_cver=1&google_push=Aa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMS...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENnFw2MRgZEv3d18Yf-0xb0&google_cver=1&google_push=Aa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6Y...
43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENnFw2MRgZEv3d18Yf-0xb0&google_cver=1&google_push=Aa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a3f2ef6185e1a2e-KIX
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
122
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENnFw2MRgZEv3d18Yf-0xb0&google_cver=1&google_push=Aa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-5qRUlZ8G6VtnIYnC-wG7w6xHTm7WssbCoF5j2L5olY6h41yyoGiruDk71Tz65hhchHMNQiKyNyZWhpC8Wl98UG6TCt6YMSQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a3f2ef4df651a2e-KIX
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B25
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESED_FHeXItxMoFwqBkjfl96A&google_cver=1&google_push=Aa02lx8o_LKeSMBOaisatB_Psz_ipIQllkvru5z9ehRptpNfTN_SgChuiiB1EMxOBLlk98LlVbjI7QEj_pIpev6JWu-LrCRTWH9_BpU
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD22282FBA147A5B2996D4BD8A4ABB1&google_push=Aa02lx8o_LKeSMBOaisatB_Psz_ipIQllkvru5z9ehRptpNfTN_SgChuiiB1EMxOBLlk98LlVbjI7QEj_pIpev6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD22282FBA147A5B2996D4BD8A4ABB1&google_push=Aa02lx8o_LKeSMBOaisatB_Psz_ipIQllkvru5z9ehRptpNfTN_SgChuiiB1EMxOBLlk98LlVbjI7QEj_pIpev6JWu-LrCRTWH9_BpU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2CD22282FBA147A5B2996D4BD8A4ABB1&google_push=Aa02lx8o_LKeSMBOaisatB_Psz_ipIQllkvru5z9ehRptpNfTN_SgChuiiB1EMxOBLlk98LlVbjI7QEj_pIpev6JWu-LrCRTWH9_BpU
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Mar 2023 01:49:42 GMT
pixel
cm.g.doubleclick.net/ Frame 8B25
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEJEo8LM9KpqpruJYb3cK9rY&google_cver=1&google_push=Aa02lx-w_iirYj1myAL-j0o55MXwMDUUVaz4n3_Xe4y1opX7UnLjvqhqz26w2OeaZO8CoTYxBlS4L2eYOLrj84T2zF6yTeDQMcoQzwY
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0QxdDhSb01CcVNxMXIwLU5wZ0daQQ%3D%3D&google_push=Aa02lx-w_iirYj1myAL-j0o55MXwMDUUVaz4n3_Xe4y1opX7UnLjvqhqz26w2OeaZO8CoTYxBlS4L2eYOLrj8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0QxdDhSb01CcVNxMXIwLU5wZ0daQQ%3D%3D&google_push=Aa02lx-w_iirYj1myAL-j0o55MXwMDUUVaz4n3_Xe4y1opX7UnLjvqhqz26w2OeaZO8CoTYxBlS4L2eYOLrj84T2zF6yTeDQMcoQzwY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0QxdDhSb01CcVNxMXIwLU5wZ0daQQ%3D%3D&google_push=Aa02lx-w_iirYj1myAL-j0o55MXwMDUUVaz4n3_Xe4y1opX7UnLjvqhqz26w2OeaZO8CoTYxBlS4L2eYOLrj84T2zF6yTeDQMcoQzwY
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
246
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 8B25
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP774jOwe_i4dC24Q-63kg4&google_cver=1&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2WmxpJE1V...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP774jOwe_i4dC24Q-63kg4&google_cver=1&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2Wmx...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMzNjkzMzM0ODEwNzc5MzgyMQ&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2WmxpJE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMzNjkzMzM0ODEwNzc5MzgyMQ&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2WmxpJE1Vu-i_SmEGdhOG5HIU_Kwbzgg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTMzNjkzMzM0ODEwNzc5MzgyMQ&google_push=Aa02lx_mr2Y7Wkul-DAXFav5DBL1Z4k8h3emkFaph0Ew2oYa5PevDOHIKTJSrIBEtZgFl9l2WmxpJE1Vu-i_SmEGdhOG5HIU_Kwbzgg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8B25
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBta_aTOGJjArtPVrfrgrdk&google_cver=1&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyqoQ
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBta_aTOGJjArtPVrfrgrdk&google_cver=1&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyq...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyqoQ&google_hm=_3d7n1gTxKYYJA_A2Uts...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyqoQ&google_hm=_3d7n1gTxKYYJA_A2Uts_w==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aa02lx8F5YGfBsgxGHJXYZ1BeAia7uQzKKfjiIUKgTb47e3FX-ewN-7HTADgY8l7ut7XqPIHyyss68tdZLnFDHFHe2OU4I_4w7lyqoQ&google_hm=_3d7n1gTxKYYJA_A2Uts_w==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
n701ra3cgas6h78as22k7nrecdgm7ti0
pixel
cm.g.doubleclick.net/ Frame 8B25
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJieX5dK16L0TZiVpUq4ktk&google_cver=1&google_push=Aa02lx_Y6FpngBKIlDdPF8MAAAFoWRSRT-C_a113x_HUXjLv29oCGBG14ZXCJWZHw_jepbf4-X1KNr4LpzI5ueAA5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTQyZDhmNjEtYjYzYS00ODM4LThkYzAtODk3YmI5YTAyMDY5&google_push=Aa02lx_Y6FpngBKIlDdPF8MAAAFoWRSRT-C_a113x_HUXjLv29oCGBG14ZXCJWZH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTQyZDhmNjEtYjYzYS00ODM4LThkYzAtODk3YmI5YTAyMDY5&google_push=Aa02lx_Y6FpngBKIlDdPF8MAAAFoWRSRT-C_a113x_HUXjLv29oCGBG14ZXCJWZHw_jepbf4-X1KNr4LpzI5ueAA5c-cyiiuxa6WRyPI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTQyZDhmNjEtYjYzYS00ODM4LThkYzAtODk3YmI5YTAyMDY5&google_push=Aa02lx_Y6FpngBKIlDdPF8MAAAFoWRSRT-C_a113x_HUXjLv29oCGBG14ZXCJWZHw_jepbf4-X1KNr4LpzI5ueAA5c-cyiiuxa6WRyPI
date
Tue, 07 Mar 2023 01:49:42 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8B25 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFEdqw-HFahsroqtV7Mqd5bOzHauHj9qFT4hAHdAlF5txcv8jsMnKUS6kCiTi8-TOzX5GQrg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
font
fonts.gstatic.com/l/ Frame 3F9B 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12UjsgmUnjrhXHhzQle-LyMW-V3n40TMh7-R8o_PQpiiXiLuoFzkDr7oiTrr_3ZFyK4gKBg_OFRWksUD9qCZbJQ3jrNF_TDP4w&skey=b1468649b9c42538&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E3%81%93%E5%91%88%E3%83%AA%E3%81%AE%E3%81%8A%E5%88%86%E3%82%AF%E7%94%B3%E3%81%A75%E3%81%BF%E5%91%8A%E3%83%83%E5%86%86%E5%BA%83%E3%81%97%E8%BE%BC%E5%8D%83%E9%80%B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
ESF /
Resource Hash
39d0503278a91ab7a2e95178c369dbdee5918ffdc1c0a292b15c364c23366676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 03:48:38 GMT
x-content-type-options
nosniff
age
79264
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7912
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Mar 2023 03:48:38 GMT
font
fonts.gstatic.com/l/ Frame 3F9B 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpM57TkDQmUhzrhW3hzQVe-ICMWx13n4kTMjr-R44_MZJiiaCLuv1zlPb7ooDzu03ZLyK4lLRgjM1RWkMUo_6K3XJsdgbJ78w&skey=72472b0eb8793570&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E3%81%93%E5%91%88%E3%83%AA%E3%81%AE%E3%81%8A%E5%88%86%E3%82%AF%E7%94%B3%E3%81%A75%E3%81%BF%E5%91%8A%E3%83%83%E5%86%86%E5%BA%83%E3%81%97%E8%BE%BC%E5%8D%83%E9%80%B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
ESF /
Resource Hash
f79678e49957fc03ab94f8c95eaa240ad2fc3ff9235f1d78837b287d219f57dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 03:42:11 GMT
x-content-type-options
nosniff
age
79651
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7540
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Mar 2023 03:42:11 GMT
font
fonts.gstatic.com/l/ Frame 8206 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12XchsYlJuxYLBp4NTWsW0EDgj_xpibVw922v-3pHvqKJEDH7D7IXdzU6VvqthFKrckxTX8oWDNs-aI-n8eODPEN3tlUolv_shheoZVHpm7N4p4S_-8em_5wAkZzUaFWxbp-h97EXh0f-jJuCVJi5LgH-8VLVbvDxqdmHs6RPKcp9N5z0ClefhomQmeLzBla-qJ-6vHikhyogvLbaRDLZjt9MRKag3wSBa64dDaYOObzahutkjjyx9QH3gM5&skey=fbc48de1c6e1b00c&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%9C%88%E7%B4%84%E5%88%86%E6%9C%AC2%E3%83%BC%E9%82%A6%E3%81%AB%EF%BC%81%E6%96%BD%E5%BE%97%E3%83%83%E8%BE%BC%E5%9F%BA%E5%AE%9F0%E4%B8%AD%E3%81%97%E7%94%B35%E5%B9%B4%E3%83%B6%E5%86%86%E3%82%AC%E9%9B%BB%E3%81%BF%2C%E3%81%8A%E9%A1%8D%E9%80%B2%E3%81%93%E5%91%88%E5%BA%83%E6%9D%B1%E3%81%AA%E5%91%8A%E6%B0%97%E9%96%93%E3%82%B9%E3%81%A7%E3%82%828%E3%82%AF%E6%96%99%E9%87%91%E5%8D%8A%E3%82%AD%E3%83%AA%E3%81%AE%E3%82%89%E5%8D%83%E3%83%A3%E3%83%B3%E3%83%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
ESF /
Resource Hash
0c0187c14496be0a2d576250a28683921ce699e78fd4f19c7dd3fbfcd5df4fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:47:46 GMT
x-content-type-options
nosniff
age
75716
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18936
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Mar 2023 04:47:46 GMT
font
fonts.gstatic.com/l/ Frame 8206 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqz03tVtd8t91jqLBphNTWrW0EAgj_-pibrw923v-3kHvqLJEDC7D7ZXd_p6VvhthFarckyTX8ZWDNr-aI_n8eNDPEM3tlLolv2shhdoZR-pm7W4p4T_-8dm_5JAkZ6UaFPxbp7h97OWSYO-wxFCVxi5L0C-8VCVafBxqdkHsChPJYM9MlY0Cppfh4yQU-FzBl--qhL6vHGkh21gt_9aDTvZhtKPhiigkIcBaysdDOvOPfxahaFkgLEwckL&skey=72472b0eb8793570&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%9C%88%E7%B4%84%E5%88%86%E6%9C%AC2%E3%83%BC%E9%82%A6%E3%81%AB%EF%BC%81%E6%96%BD%E5%BE%97%E3%83%83%E8%BE%BC%E5%9F%BA%E5%AE%9F0%E4%B8%AD%E3%81%97%E7%94%B35%E5%B9%B4%E3%83%B6%E5%86%86%E3%82%AC%E9%9B%BB%E3%81%BF%2C%E3%81%8A%E9%A1%8D%E9%80%B2%E3%81%93%E5%91%88%E5%BA%83%E6%9D%B1%E3%81%AA%E5%91%8A%E6%B0%97%E9%96%93%E3%82%B9%E3%81%A7%E3%82%828%E3%82%AF%E6%96%99%E9%87%91%E5%8D%8A%E3%82%AD%E3%83%AA%E3%81%AE%E3%82%89%E5%8D%83%E3%83%A3%E3%83%B3%E3%83%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
ESF /
Resource Hash
c4e60cd83cedbdbb28a508563eced58dfd9090488180396eeeb0aacaa5131866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 04:47:46 GMT
x-content-type-options
nosniff
age
75716
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18980
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Mar 2023 04:47:46 GMT
font
fonts.gstatic.com/l/ Frame 88F2 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12XHhgmVljrhRHhzWle-NSMW713nykTMsL-R-o_PWpihbCLtoVznAL7pgzrq3nBB3KgqNx4wFFJFqsMQxaahVZAhgrh4wTrM13lkxfR-zQ7NiP4Jgo8E0p5pUiZTCcF_mtxMwbj6O3srg29MejF6itUhqq14P9PzlNNQbLqkWt4WmpZ7kHZ2N0Y7Nz-xiWhJqtNat4r21GeZxYjINUjqBEd0fU-I4A&skey=fbc48de1c6e1b00c&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%87%E3%81%8B%E6%AD%A3%E6%97%A5%E7%A2%BA%E7%9C%A0%E5%81%A5%E7%9D%A1%E3%83%BB%E5%88%86%E3%81%8D%E5%B0%8F%E5%8F%96%E5%BE%97%E5%9E%8B%E5%88%9D%E5%A0%B4%E8%B6%85%E3%81%AB%E3%83%9E%E6%9E%90%E3%82%92%E3%82%89%E3%81%AE%E3%83%BC%E3%83%AA%E3%83%B3%E3%80%82%E3%82%8B%E3%81%A7%E5%BF%83%E3%81%8C%E3%83%88%E3%82%BF%E9%96%8B%E3%81%8F%E6%85%8B%E7%99%BB%E3%82%B9%E3%82%B0%E8%BA%AB%E3%81%BE%E5%BA%B7%E6%9C%AC%E7%8A%B6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
ESF /
Resource Hash
8b837d9bb2a8d5a7120a626dfc4ad7cab059d34747a102ec0948a3fabc349b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:18:43 GMT
x-content-type-options
nosniff
age
63059
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16136
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Mar 2023 08:18:43 GMT
font
fonts.gstatic.com/l/ Frame 88F2 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqo07TlBQmUnzrhQ3hzW1e-NiMW7l3n1UTMhr-R-4_PVpihaSLtsVzkN77pgTrqx3BB16gqAR4wC1JFo8MQxqahUJAgvbh4xzrM1nlkyvR-zA7Nn_4Jto8Ey55pWiZTDsd9g9xF4rj6IHssiG9dZzFEtdUxka1yB9P3tNNReLmeUt4EtJZwmXZ0C0YIBD6WnGhap9NfrIr31Wem3ofcCkjmKkZYXQ&skey=72472b0eb8793570&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%87%E3%81%8B%E6%AD%A3%E6%97%A5%E7%A2%BA%E7%9C%A0%E5%81%A5%E7%9D%A1%E3%83%BB%E5%88%86%E3%81%8D%E5%B0%8F%E5%8F%96%E5%BE%97%E5%9E%8B%E5%88%9D%E5%A0%B4%E8%B6%85%E3%81%AB%E3%83%9E%E6%9E%90%E3%82%92%E3%82%89%E3%81%AE%E3%83%BC%E3%83%AA%E3%83%B3%E3%80%82%E3%82%8B%E3%81%A7%E5%BF%83%E3%81%8C%E3%83%88%E3%82%BF%E9%96%8B%E3%81%8F%E6%85%8B%E7%99%BB%E3%82%B9%E3%82%B0%E8%BA%AB%E3%81%BE%E5%BA%B7%E6%9C%AC%E7%8A%B6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
ESF /
Resource Hash
df5ac756e2d00b540041f43b21b1849ef6bbb8fff0a0713f3d916f7fe34537be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 01:53:54 GMT
x-content-type-options
nosniff
age
86148
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16024
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Mar 2023 01:53:54 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 88F2 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
sffe /
Resource Hash
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 08:02:16 GMT
x-content-type-options
nosniff
age
409646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17204
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:04:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 08:02:16 GMT
dpixel
cms.quantserve.com/ Frame CB4A 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG4cm1TXqG-HCcBJ9O1nvkM&google_cver=1&google_push=Aa02lx_rTUy41SsVeJlwffRl4sG-fs9oInrnFX6rQb38YuI815MlHlFvdZX1o9WTxm7n60wGQQCoCrTp3JYcQaKyNlUf5JWdTOz36-8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB4A
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESECoonTZVXczNcT-JW9dU8SM&google_cver=1&google_push=Aa02lx9n2ph1wSL2gONOo9uySlqGl5vxEiCRT8OaffuH0wHc1UoRdZDUbzH_-vS9N_gIt2xvn0eNSBIRhUZaBjOuFHZKiRUd2AOf1Cs
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9n2ph1wSL2gONOo9uySlqGl5vxEiCRT8OaffuH0wHc1UoRdZDUbzH_-vS9N_gIt2xvn0eNSBIRhUZaBjOuFHZKiRUd2AOf1Cs&google_hm=Q0FFU0VDb29uVFpWWG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9n2ph1wSL2gONOo9uySlqGl5vxEiCRT8OaffuH0wHc1UoRdZDUbzH_-vS9N_gIt2xvn0eNSBIRhUZaBjOuFHZKiRUd2AOf1Cs&google_hm=Q0FFU0VDb29uVFpWWGN6TmNULUpXOWRVOFNN
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
via
1.1 880e379e1a56b21426587959131bb422.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx9n2ph1wSL2gONOo9uySlqGl5vxEiCRT8OaffuH0wHc1UoRdZDUbzH_-vS9N_gIt2xvn0eNSBIRhUZaBjOuFHZKiRUd2AOf1Cs&google_hm=Q0FFU0VDb29uVFpWWGN6TmNULUpXOWRVOFNN
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
K9bPvvljTn-Lmo19v48jjWRurX3ejJTie_ioyxnuv87Bs7h9xqAQSA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB4A
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_99CeG...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx_99CeG...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDcwMTQ5NDIwMDAxNzQ3OTExNzE1Nw%3D%3D&google_push=Aa02lx_99CeGdUK3KWU5XrCSRQ3JUTcb0GuFMChXVtx4SeofNwPnmoS3xpi4yI0NCrdwKA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDcwMTQ5NDIwMDAxNzQ3OTExNzE1Nw%3D%3D&google_push=Aa02lx_99CeGdUK3KWU5XrCSRQ3JUTcb0GuFMChXVtx4SeofNwPnmoS3xpi4yI0NCrdwKAeWuZnhCkhNiqI9q9YKFtVv661bTBrueFM
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDcwMTQ5NDIwMDAxNzQ3OTExNzE1Nw%3D%3D&google_push=Aa02lx_99CeGdUK3KWU5XrCSRQ3JUTcb0GuFMChXVtx4SeofNwPnmoS3xpi4yI0NCrdwKAeWuZnhCkhNiqI9q9YKFtVv661bTBrueFM
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 07 Mar 2023 01:49:42 GMT
pixel
cm.g.doubleclick.net/ Frame CB4A
Redirect Chain
  • https://aid.send.microad.jp/g/asr?google_gid=CAESEH9BEzo_Q3fSY5kSFcgt04w&google_cver=1&google_push=Aa02lx9b3EpKsFeDUyLmhymEoFdPfQirf_YgvrESEq2_EvDYktuM5ucCSIpJhy5FEJOFq4tGrGgo4oaf-m9d9WuoNbJYvd_6yK...
  • https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=KA6l7/6j4RJeNArhUkEVvw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=KA6l7/6j4RJeNArhUkEVvw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Mar 2023 01:49:42 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Location
//cm.g.doubleclick.net/pixel?google_nid=MiAd&google_hm=KA6l7/6j4RJeNArhUkEVvw==
Access-Control-Allow-Origin
*
Content-Type
cache-control
no-cache
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
0
sync
odr.mookie1.com/t/v2/ Frame CB4A 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEE88JWMU1tUdcHE4Qr0yGBs&google_cver=1&google_push=Aa02lx9TXVQ4pb9VKNW-2GPkyChHby_fnL2uOkqzkbdzTJaO7VCvcbTwsrz67G_dkLfKuq1MNTnickzy1rzeDk4RcEQbdUqu4EIsmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.79.111.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame CB4A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEd1TSH6vuqQ3d9TrdW_Hmg&google_cver=1&google_push=Aa02lx9OZxMgprwXJEPlKpSjkixU8ftAWjGQDp3dckfl819d02YpgbwGbM-7MpMdipGNLqUdozCwvV9fvUkfQWi...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=zudpqTa7RwFiNkJ4Dwk_79_YTBs&google_push=Aa02lx9OZxMgprwXJEPlKpSjkixU8ftAWjGQDp3dckfl819d02YpgbwGbM-7MpMdipGNLqUdozCwvV9fvUkfQW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=zudpqTa7RwFiNkJ4Dwk_79_YTBs&google_push=Aa02lx9OZxMgprwXJEPlKpSjkixU8ftAWjGQDp3dckfl819d02YpgbwGbM-7MpMdipGNLqUdozCwvV9fvUkfQWiCeNJspJsfhXFpfw
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=zudpqTa7RwFiNkJ4Dwk_79_YTBs&google_push=Aa02lx9OZxMgprwXJEPlKpSjkixU8ftAWjGQDp3dckfl819d02YpgbwGbM-7MpMdipGNLqUdozCwvV9fvUkfQWiCeNJspJsfhXFpfw
Date
Tue, 07 Mar 2023 01:49:42 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame CB4A
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx8gchn6iavrpCkeCFZUOfozTKstPMzQZZFbf_5-s4ukVp7Uu3XUWnkQ6SUIxtOnP6geMo1km...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8gchn6iavrpCkeCFZUOfozTKstPMzQZZFbf_5-s4ukVp7Uu3XUWnkQ6SUIxtOnP6geMo1kmrrTcPMT6td6lB9bAe9f8RWBVOw&google_hm=WkFhWU5z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8gchn6iavrpCkeCFZUOfozTKstPMzQZZFbf_5-s4ukVp7Uu3XUWnkQ6SUIxtOnP6geMo1kmrrTcPMT6td6lB9bAe9f8RWBVOw&google_hm=WkFhWU5zQ281dWdBQUQyTU8xSUFBQUFB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 07 Mar 2023 01:49:42 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx8gchn6iavrpCkeCFZUOfozTKstPMzQZZFbf_5-s4ukVp7Uu3XUWnkQ6SUIxtOnP6geMo1kmrrTcPMT6td6lB9bAe9f8RWBVOw","cluster_id":0,"gdpr":false,"ipv4":"223.216.76.27","key":"ZAaYNsCo5ugAAD2MO1IAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad151"}
X-SO-Key
ZAaYNsCo5ugAAD2MO1IAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad151
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx8gchn6iavrpCkeCFZUOfozTKstPMzQZZFbf_5-s4ukVp7Uu3XUWnkQ6SUIxtOnP6geMo1kmrrTcPMT6td6lB9bAe9f8RWBVOw&google_hm=WkFhWU5zQ281dWdBQUQyTU8xSUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad151.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
X-SO-IP
223.216.76.27
attr
cm.g.doubleclick.net/pixel/ Frame CB4A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmzrJUtcEgDr6_evkThLq9ZjjuVVgjQXO2X8xMYiLoSjrNnhFp8DFU4jlyEuD39FuLzX4I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.co.jp/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=win2012r2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=win2012r2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame 0594 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
5447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 00:18:54 GMT
etag
2378337311435320485
expires
Tue, 21 Mar 2023 00:18:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame 989D 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115752&plc=4398657&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j9T4DcnGX2xOTIU-JxvK8M&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=467642225278&turl=https://win2012r2.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.106.35 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-106-35.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame 9CCC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=1812098411&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=747&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=1eZdPVv0mX&p=https%3A//win2012r2.com&dtd=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
pixel
cm.g.doubleclick.net/ Frame F70B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESED_FHeXItxMoFwqBkjfl96A&google_cver=1&google_push=Aa02lx8kqfwYnxkQQcvgkty9iUm4hmtThmr9nsmZBNQACM5ORLq2cvz6U5hzEFGBPkNRqZ2EhMxjwL9wo8IqBhCx5YvmAM_OlH-2o7Y
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEC3FB92D8444436858C19291E755CB3&google_push=Aa02lx8kqfwYnxkQQcvgkty9iUm4hmtThmr9nsmZBNQACM5ORLq2cvz6U5hzEFGBPkNRqZ2EhMxjwL9wo8IqBhC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEC3FB92D8444436858C19291E755CB3&google_push=Aa02lx8kqfwYnxkQQcvgkty9iUm4hmtThmr9nsmZBNQACM5ORLq2cvz6U5hzEFGBPkNRqZ2EhMxjwL9wo8IqBhCx5YvmAM_OlH-2o7Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEC3FB92D8444436858C19291E755CB3&google_push=Aa02lx8kqfwYnxkQQcvgkty9iUm4hmtThmr9nsmZBNQACM5ORLq2cvz6U5hzEFGBPkNRqZ2EhMxjwL9wo8IqBhCx5YvmAM_OlH-2o7Y
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Mar 2023 01:49:42 GMT
pixel
cm.g.doubleclick.net/ Frame F70B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK1OnQhdb02fLw-U5yIoBg4&google_cver=1&google_push=Aa02lx8Bh0d3-ZBzj3h3sNL4KmYIpOP_am7pm1OC5H9Bq_Cri73q1ha34Zgzm4PQ3io1fqoD-4GKpXGn-A1Q8rmZ_k...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTFmMjI4YjUtMzVjMC00YTZmLWFiYTEtMGJjN2M5ZWQ4ZjMy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTFmMjI4YjUtMzVjMC00YTZmLWFiYTEtMGJjN2M5ZWQ4ZjMy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTFmMjI4YjUtMzVjMC00YTZmLWFiYTEtMGJjN2M5ZWQ4ZjMy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame F70B
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEJEo8LM9KpqpruJYb3cK9rY&google_cver=1&google_push=Aa02lx_EBPlVbaFHGpq6IsUfK7TeB52IwTc3wO7zNJl3NI9BBdxZDQiE9UwPX6-lOMNccIu3o47aw8nYI1fkpsQck_suuXHvQ_GLVA
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Nm0zUVFValdBcTZhMDFHME5wZ0daQQ%3D%3D&google_push=Aa02lx_EBPlVbaFHGpq6IsUfK7TeB52IwTc3wO7zNJl3NI9BBdxZDQiE9UwPX6-lOMNccIu3o47aw8nYI1fkp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Nm0zUVFValdBcTZhMDFHME5wZ0daQQ%3D%3D&google_push=Aa02lx_EBPlVbaFHGpq6IsUfK7TeB52IwTc3wO7zNJl3NI9BBdxZDQiE9UwPX6-lOMNccIu3o47aw8nYI1fkpsQck_suuXHvQ_GLVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Nm0zUVFValdBcTZhMDFHME5wZ0daQQ%3D%3D&google_push=Aa02lx_EBPlVbaFHGpq6IsUfK7TeB52IwTc3wO7zNJl3NI9BBdxZDQiE9UwPX6-lOMNccIu3o47aw8nYI1fkpsQck_suuXHvQ_GLVA
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
245
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame F70B
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEMACEd174y3p0RazuFHG1Io&c_param1=Aa02lx8vWUSDqT5zUcARR5mDWAnMZS6NqbMfj8QpswEIYvuSs8eeA1llDFtSayE107RP_vfj2gDxhhwPbHJVgwuYjlU8tmntJvavYjs&gdpr=%%GDPR...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx8vWUSDqT5zUcARR5mDWAnMZS6NqbMfj8QpswEIYvuSs8eeA1llDFtSayE107RP_vfj2gDxhhwPbHJVgwuYjlU8tmntJvavYjs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx8vWUSDqT5zUcARR5mDWAnMZS6NqbMfj8QpswEIYvuSs8eeA1llDFtSayE107RP_vfj2gDxhhwPbHJVgwuYjlU8tmntJvavYjs
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx8vWUSDqT5zUcARR5mDWAnMZS6NqbMfj8QpswEIYvuSs8eeA1llDFtSayE107RP_vfj2gDxhhwPbHJVgwuYjlU8tmntJvavYjs
date
Tue, 07 Mar 2023 01:49:42 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame F70B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEd1TSH6vuqQ3d9TrdW_Hmg&google_cver=1&google_push=Aa02lx8-8qbPPxqL3ldUOSl2DttJTyUeJrNqbcWRY6cL0NRobrc_jM5JDOCAKpzQPLOraN_gR9Mh2njIRCCbG1I...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZFMzxREZQypKUCTAAX1W4t_YTBs&google_push=Aa02lx8-8qbPPxqL3ldUOSl2DttJTyUeJrNqbcWRY6cL0NRobrc_jM5JDOCAKpzQPLOraN_gR9Mh2njIRCCbG1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZFMzxREZQypKUCTAAX1W4t_YTBs&google_push=Aa02lx8-8qbPPxqL3ldUOSl2DttJTyUeJrNqbcWRY6cL0NRobrc_jM5JDOCAKpzQPLOraN_gR9Mh2njIRCCbG1Iry0xbXiu7ye0bCA
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZFMzxREZQypKUCTAAX1W4t_YTBs&google_push=Aa02lx8-8qbPPxqL3ldUOSl2DttJTyUeJrNqbcWRY6cL0NRobrc_jM5JDOCAKpzQPLOraN_gR9Mh2njIRCCbG1Iry0xbXiu7ye0bCA
Date
Tue, 07 Mar 2023 01:49:43 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame F70B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx_afnFR7zg_DT2ErsYHnWlCPSJTLNtW7DZLFzuZNGHseNjE5cTOuiwV3VVH0ZPqh0f_2wbsF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_afnFR7zg_DT2ErsYHnWlCPSJTLNtW7DZLFzuZNGHseNjE5cTOuiwV3VVH0ZPqh0f_2wbsFYGsFkly1gQIpPXLnaYiLP_MTYA&google_hm=WkFhWU5z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_afnFR7zg_DT2ErsYHnWlCPSJTLNtW7DZLFzuZNGHseNjE5cTOuiwV3VVH0ZPqh0f_2wbsFYGsFkly1gQIpPXLnaYiLP_MTYA&google_hm=WkFhWU5zQ281czBBQUNlbXJrc0FBQUFB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 07 Mar 2023 01:49:42 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx_afnFR7zg_DT2ErsYHnWlCPSJTLNtW7DZLFzuZNGHseNjE5cTOuiwV3VVH0ZPqh0f_2wbsFYGsFkly1gQIpPXLnaYiLP_MTYA","cluster_id":0,"gdpr":false,"ipv4":"223.216.76.27","key":"ZAaYNsCo5s0AACemrksAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40172"}
X-SO-Key
ZAaYNsCo5s0AACemrksAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40172
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_afnFR7zg_DT2ErsYHnWlCPSJTLNtW7DZLFzuZNGHseNjE5cTOuiwV3VVH0ZPqh0f_2wbsFYGsFkly1gQIpPXLnaYiLP_MTYA&google_hm=WkFhWU5zQ281czBBQUNlbXJrc0FBQUFB
Cache-Control
private
X-SO-HostName
a-ad40172.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
4
Content-Length
0
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-IP
223.216.76.27
pixel
cm.g.doubleclick.net/ Frame F70B
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDZ9sXx3irhdvLYkL-PXAZI&google_cver=1&google_push=Aa02lx8hYoo1ymRaA4Ioz2q3QDUb4ype2WLt5j94hGjlYXjsId_Uz9RMI...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8hYoo1ymRaA4Ioz2q3QDUb4ype2WLt5j94hGjlYXjsId_Uz9RMIhIS0F4v-6gjvWDHMnEEqX3VyhMg1p-kl6Ow0D4_Oc--f95a&google_hm=QlMuNWIxMC03ZT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8hYoo1ymRaA4Ioz2q3QDUb4ype2WLt5j94hGjlYXjsId_Uz9RMIhIS0F4v-6gjvWDHMnEEqX3VyhMg1p-kl6Ow0D4_Oc--f95a&google_hm=QlMuNWIxMC03ZTdjLTRhZTQtYmIyMA==
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8hYoo1ymRaA4Ioz2q3QDUb4ype2WLt5j94hGjlYXjsId_Uz9RMIhIS0F4v-6gjvWDHMnEEqX3VyhMg1p-kl6Ow0D4_Oc--f95a&google_hm=QlMuNWIxMC03ZTdjLTRhZTQtYmIyMA==
Date
Tue, 07 Mar 2023 01:49:42 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame F70B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J05qdSfhq8Sv6zMHcuFdwij7QORewI6S8mLpp4BJoEGiVyE7WLDT7_rUSbcF8JOVDKlV90Tg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 2DA8 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2556628&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4ee5f61a0845e09676082f22f3b51bee949ac1b7bb36f8151e8ea086edf16fb4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame 4507 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0594 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmWm-NJgGZN_jI7K4igaDip64Au3C5rdjg4-V0rUJ2tkeEAEg54O7IGCJs8-EnBSgAcjA7P4DyAECqQIj5mZ4IZY_PqgDAcgDyQSqBNcBT9BdJm4O3KKSrIIOveDvv7oHZAqpRaDi2aSwPgko8axdiLUlZPCtr1LwfjOZuB1w4Fj1hpaYSDEhM6kJWzdvaBPZED59P9yhfMqf-JYaM5JFQsJ-8x2s8m8IoxNd8Y9vw0iI5Z4RGarlo0nvrRjVY6QCENn2iI0HqBQ8eT2zVV9FxOMf3-jk1VfNOSEFuRgevmHmuf297xy4RLMxx4JWPF-xzmZLMOtxMZk2_anGCcyeNoHRLaAlffBWjU49NL74YhdEDdnxH-tBLcuhCRfYOk4V2squlNfABJfD2_WCApIFBAgEGAGSBQQIBRgEoAYCgAegv5MBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQhaEu0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTcyNzg5ODkxMDA5MzQyMjYYAA&sigh=ddA8mLfVYhU&uach_m=[UACH]&cid=CAQSKQDUE5ymmoNr4vmhl4a28r1oZ1El9Ej3Lm7nhvf3JY7hwXGovg79FSm4GAE
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 01:49:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 0594 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
17831352739330587571
tpc.googlesyndication.com/simgad/ Frame 0594 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17831352739330587571?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmfYpvkGiJm5fmuX_L4UjfjElUkOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
1c738080dd48220771209cda973d4c909a055e3e2006691a5581d1325f81c614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:00:06 GMT
x-content-type-options
nosniff
age
92976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17510
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 06:46:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Mar 2024 00:00:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 0594 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 0594 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:52:18 GMT
l
www.google.com/ads/measurement/ Frame 0594 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8rTNwWh09E4J6qL7BDSZ1q3yr_d1ot_SEBgdkK986AUK-1KQv6oFZF5VAoGHfaxBzB_JT2B0XVNKS5I3qY7PCDizgKw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0594 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 01:49:42 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 0594 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
cafe /
Resource Hash
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 22:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
11626
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13717
x-xss-protection
0
server
cafe
etag
17409078185802295553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 22:35:56 GMT
verify.js
rtb0.doubleverify.com/ Frame 989D 		441 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_31081309619&jsTagObjCallback=__tagObject_callback_31081309619&num=6&ctx=1828362&cmp=115752&plc=4398657&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=31081309619&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=110&bridua=3&dup=null&turl=https://win2012r2.com/&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0j9T4DcnGX2xOTIU-JxvK8M&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=467642225278&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauH%3A%3Fa_%60aCa%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauH%3A%3Fa_%60aCa%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=10.10&callbackName=__verify_callback_31081309619
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.108 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ee2abe6878264e506bff65fdaf8c2432def2440141d783fec3366529650647cd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:43 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Expires
03/06/2023 01:49:43
s
googleads.g.doubleclick.net/pagead/drt/ Frame B46E 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
1719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:21:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 79DD 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
82865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 02:48:37 GMT
etag
48472445140208031
expires
Tue, 07 Mar 2023 02:48:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0594 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
135b3a640261ceafd61a259c1d282dfafb41ab8f81e7dd6b81b578b69aa09efc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4507 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeLdoNZgGZL79E5OR29gPmrGp0AEAAAAAOAHgBAI&bg=!GBulG0_NAAbv3-2Ez987ADkAdvg8Wj3xh62IRSnivg_CXE967K0wvqxveux61gJYzJlNoBWzoOrvnud8CydW66vwxwTGaAF1OCUCAAAAWlIAAAABaAEHmQLu90tAxIOP6fK_ad6EzBb6A05hcrfRjh25drjrYugEdYPzKs1YapwIeg4Mx5q0ZXGz89wOhHzTwCY4yg_LmInBCc2XfVX26awcMIaSQso62kLs9MTHCan2qs1heBi-K7Au7UJujnmGRsjDP4wYfJTJIlazy1RKEv_WEGM1bcQx8UnDhb9RybY1J_VZS17PUO3DBkgwD9PUSZRZg6ODPvuPYDYUELY-w6Plg4H3RAVRmrEd0aICp3mk2pMliQtpEpoym3Zxu3C-WkEKJWbwi4po3pj1PkxxlFprppZO79FnTFqogxCyCdMmQ-vmpHHzCs0yfgoMwMopf1ONC1i-TNxccJVAKJcy-Lz5-xd0XSVucGRyrha9CFb3Bb7wkF6jJqwBXHW4T04J6pZ3Vk_61WTjOct6yHTP1jULwfpAIYEViWHBrWYxMlm-nRdSEP-_wujPSJIU-4Ra30LDjlQK_C3Pxl_SUJsXAP-0jakjY4YkvuuQ1A52qiYS3lZhUkIrHhnC4e58LrsSqT0mxrCU8RMI3R95YGiDaWEZFkV4bVYLm9cHWdr3kRiwRP2uMT9brfxSkEmf_4dmzAo-D99UjKgxW9pSzPAgOroMwPZaEbhHVKhlLB7LyCeN9BzwjeLS4DDA-JFfbSvhyo1YmVrxe4jy8dIQlhw-klTt2zZPlc3CydKsYxxhD5AL1AftEgULQ_0A1RS8rXqa-WGn1kp4ssrKfh_7EXuZ6p_ShMiD5ux1iInSc60Rd586NVgBDKYQOcFSHM5VajNQMo4JXFR97ZPqFslbYNwKxJ35rTiCysMcoVVOOYb32abWRb9R3DzMEMgqwOSjs5vvYL_8jYbJoSjU6HBfgX6Fdju4_Skoq3ex4P47D-M4Ki4_CeyRZ1Zmdbnr8iQz9tUxoBnhLfTM7GfvsPcfu26GQy0PvX3nAubN293CZZHPYWqG7bnImUYBtncUssbdgaWwDt1ra2jrxHS8IY6S7COox6uvqvit9XYG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&google_gid=CAESEN2xFpObl-mMRNWFJWQ_-9U&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&google_gid=CAESEN2xFpObl-mMRNWFJWQ_-9U&google_cver=1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
54.170.157.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-157-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/ca.png?dsp=dbm&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&google_gid=CAESEN2xFpObl-mMRNWFJWQ_-9U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df246f68c-cb1b-42f4-8253-80e8a5885b75
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df246f68c-cb1b-42f4-8253-80e8a5885b75
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75
95 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
54.170.157.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-157-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Tue, 07 Mar 2023 01:49:43 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Tue, 07 Mar 2023 01:49:43 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
s.cpx.to/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dsp=TTD
95 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dsp=TTD
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
54.170.157.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-157-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Tue, 07 Mar 2023 01:49:42 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Tue, 07 Mar 2023 01:49:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dsp=TTD
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
179
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fwin2012r2.com%252F%26hn_ver%3D40%26fid%3Df246f68c-cb1b-4...
  • https://s.cpx.to/an_fire?app_nexus_uid=6358988783605550458&pid=12771&ref=&url=https%3A%2F%2Fwin2012r2.com%2F&hn_ver=40&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&dsp=pub_common&dsp_uid=fe4fb912-a987-...
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=6358988783605550458&pid=12771&ref=&url=https%3A%2F%2Fwin2012r2.com%2F&hn_ver=40&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&dsp=pub_common&dsp_uid=fe4fb912-a987-4b9f-8457-550fd698c4b8
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
54.170.157.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-157-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
p3p
CP="NOI DEV ADM"
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
expires
Tue, 07 Mar 2023 01:49:43 UTC

Redirect headers

Date
Tue, 07 Mar 2023 01:49:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8191cdb4-23a3-48da-abb1-a599b3599165
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s.cpx.to/an_fire?app_nexus_uid=6358988783605550458&pid=12771&ref=&url=https%3A%2F%2Fwin2012r2.com%2F&hn_ver=40&fid=f246f68c-cb1b-42f4-8253-80e8a5885b75&dsp=pub_common&dsp_uid=fe4fb912-a987-4b9f-8457-550fd698c4b8
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 79DD
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj217uwozrZzwMo...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj217uw...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj217uwozrZzwMof94T_5dxbb&google_hm=AVeUWgNYz2uXks8AD1u-78hvm8A
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
via
1.1 c951e19d4b5948f3bf888af72c1a5f9c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=Aa02lx-GT-dVtJhd4D6x-MeISLV7P22XzQUeY0Wg5ULdGemAEJN_pIHFlCZcVn8E3TKWkyghwUGdDfI9MxFOdzMfBI8KuJl0o9h8CMXtHPiG91F-N15xblyr1ptXc2-UxePuj217uwozrZzwMof94T_5dxbb&google_hm=AVeUWgNYz2uXks8AD1u-78hvm8A
cache-control
no-cache
content-length
0
x-amz-cf-id
Urgu4fDWOP8mawY4TeN_TrsoC0QgUSFAwjEVuHcjcLbEyV2vNiPNYQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 79DD
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEBK9uZtUmV-z8a_f1xkbHz8&google_cver=1&google_push=Aa02lx_L5gLpMvObceeq34fn9o3dOvGpv1JtuknugJI9btKPA47DmZiyC7t1_mO8rhW03GPWtAqVADqGzEhf9H2h-1Vq4_EO6HSGX0BM...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUMyNENBQTdFMTU5MjJGMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUMyNENBQTdFMTU5MjJGMw==
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QUMyNENBQTdFMTU5MjJGMw==
date
Tue, 07 Mar 2023 01:49:42 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 79DD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA8ZJIMRbIvJE3yz9pn-nRk&google_cver=1&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNjoxL6RK...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEA8ZJIMRbIvJE3yz9pn-nRk&google_cver=1&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNj...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e88aa6a0-c4f3-4f4f-9ec7-3293d82a96f2&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNjoxL6RK3_1m_szc_m662odAp1IwYsvAhTJW5TGa0CRyJknZ1R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNjoxL6RK3_1m_szc_m662odAp1IwYsvAhTJW5TGa0CRyJknZ1RMEZ9V3ooFnCsA3d1PZWnOz_g&google_hm=EpmrRwa2RBOSaDbp_kxhjQ==
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_pEjp66ptsj5u-JXWI7yUXkP7dz8odZOdVWFrNA0VrBB8tZJS6yYZe0U2jUu10js0P4aZRU76YZQIhNjoxL6RK3_1m_szc_m662odAp1IwYsvAhTJW5TGa0CRyJknZ1RMEZ9V3ooFnCsA3d1PZWnOz_g&google_hm=EpmrRwa2RBOSaDbp_kxhjQ==
Date
Tue, 07 Mar 2023 01:49:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 79DD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP774jOwe_i4dC24Q-63kg4&google_cver=1&google_push=Aa02lx_c0NpLLauOPAY7W70Gcr-9DKeL93249_P2kVjbLj0mXCxS2r63LLKnuqozIf6xdGZ8T0SO_fEX...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5Mjk5Njg3ODE5NzY2MjY4MA&google_push=Aa02lx_c0NpLLauOPAY7W70Gcr-9DKeL93249_P2kVjbLj0mXCxS2r63LLKnuqozIf6xdGZ8T0SO_f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5Mjk5Njg3ODE5NzY2MjY4MA&google_push=Aa02lx_c0NpLLauOPAY7W70Gcr-9DKeL93249_P2kVjbLj0mXCxS2r63LLKnuqozIf6xdGZ8T0SO_fEXcp-M__71W8ukze8BTbk1G97gNK_DbObrFEHLQEBx77SNAF3jvhNuXpSRTH-oplTrOammMibJxGV_kQ
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5Mjk5Njg3ODE5NzY2MjY4MA&google_push=Aa02lx_c0NpLLauOPAY7W70Gcr-9DKeL93249_P2kVjbLj0mXCxS2r63LLKnuqozIf6xdGZ8T0SO_fEXcp-M__71W8ukze8BTbk1G97gNK_DbObrFEHLQEBx77SNAF3jvhNuXpSRTH-oplTrOammMibJxGV_kQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 79DD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Yyf-IyASHSwKNubADCM5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Yyf-IyASHSwKNubADCM5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_zIvQ4SdqR6-7nR82UfyGgGa4IFsWx_qjpwn7uVqdosu8Dtpadn3q_e2w8GqCa0UN8S1kAbcqtN2toyPdorc9Hd7jtPPNdlt8xm5JQtwRD1-rN6CkvJy6xRuxPA0UgAvUziJaH4DfpmUIV5WNilRF6lw
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Yyf-IyASHSwKNubADCM5A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_zIvQ4SdqR6-7nR82UfyGgGa4IFsWx_qjpwn7uVqdosu8Dtpadn3q_e2w8GqCa0UN8S1kAbcqtN2toyPdorc9Hd7jtPPNdlt8xm5JQtwRD1-rN6CkvJy6xRuxPA0UgAvUziJaH4DfpmUIV5WNilRF6lw
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 79DD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEPiyQi9HF0KO_MBS2FsvHk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEPiyQi9HF0KO_MBS2FsvHk&google_hm=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB&google_nid=index&google_push=Aa02lx_AS-qX0FYy6Du_rOUXpLPbtPEWdHaZo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEPiyQi9HF0KO_MBS2FsvHk&google_hm=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB&google_nid=index&google_push=Aa02lx_AS-qX0FYy6Du_rOUXpLPbtPEWdHaZomSBttUFloIhPTLZ_gLPzJH1OL5EaPmqoB7KzWoH6P1RRWKxQ4iWH98KYtc4Iz6anJrUuh7KmeiaswBbpC1qi2j5qE_hYgFnHDPBWVfup-13fqXuiTpSeiFXWQ
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEPiyQi9HF0KO_MBS2FsvHk&google_hm=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB&google_nid=index&google_push=Aa02lx_AS-qX0FYy6Du_rOUXpLPbtPEWdHaZomSBttUFloIhPTLZ_gLPzJH1OL5EaPmqoB7KzWoH6P1RRWKxQ4iWH98KYtc4Iz6anJrUuh7KmeiaswBbpC1qi2j5qE_hYgFnHDPBWVfup-13fqXuiTpSeiFXWQ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
spacer.gif
an.yandex.ru/resource/ Frame 79DD
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEPhSI6LFaBzF1NgowDRjwkY?ext-param=Aa02lx9awmyFyafVNsZ9CYJqQX-P_F904mo58X0H8MZqgCeik41IMQykC-a-ZZdJp1xrNzaaswrooXXgnJgNL9-ZP5Giw9cJTOtL6N4LlotlPqNVW_4O1YLeK8px...
  • https://an.yandex.ru/mapuid/google/CAESEPhSI6LFaBzF1NgowDRjwkY?redir-setuniq=1&ext-param=Aa02lx9awmyFyafVNsZ9CYJqQX-P_F904mo58X0H8MZqgCeik41IMQykC-a-ZZdJp1xrNzaaswrooXXgnJgNL9-ZP5Giw9cJTOtL6N4Llotl...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPhSI6LFaBzF1NgowDRjwkY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 20 Feb 2024 01:49:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 79DD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdRWgnp8ZJ4gtf8rpAZx-UPd8FS1g0kQA1AEaYbm3rRq4jer82t1jgTqi0Fh5iRe5nkW4P1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame B46E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:42 GMT
expires
Tue, 07 Mar 2023 01:49:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame 5E4E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5FB6
Redirect Chain
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdeaWxWwnu2Pks8AD1u-78hvq88AAAGGucKVhg
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdeaWxWwnu2Pks8AD1u-78hvq88AAAGGucKVhg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 07 Mar 2023 01:49:42 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AdeaWxWwnu2Pks8AD1u-78hvq88AAAGGucKVhg
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma
no-cache
server
Logicad
via
1.1 c951e19d4b5948f3bf888af72c1a5f9c.cloudfront.net (CloudFront)
x-amz-cf-id
kDUN2iAK_ZWr9RGuRvpIcic2mBN3A4uuRMPbIKxkTIm22MI9H7ojCQ==
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
usersync.aspx
dis.criteo.com/dis/ Frame 2F0B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:42 GMT
expires
Tue, 07 Mar 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
241072
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 644A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:42 GMT
Expires
Tue, 07 Mar 2023 01:49:41 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master nrt-pixel-x21 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame E959
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=5b1d594...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=1O6mHZp4hVj
42 B
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=1O6mHZp4hVj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
Date
Tue, 07 Mar 2023 01:49:46 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=1O6mHZp4hVj
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3D16
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6358988783605550458&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6358988783605550458&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
1fb8117e-8626-41f2-abaa-40202f0947b2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:42 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6358988783605550458&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame D8FC
Redirect Chain
  • https://ds.uncn.jp/pm/0/sync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_f3c38330-d9e2-4b7c-8f45-d852843b1605
42 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_f3c38330-d9e2-4b7c-8f45-d852843b1605
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
170
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_f3c38330-d9e2-4b7c-8f45-d852843b1605
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame F4CF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZAaYNgAKc_wqmQBh&gdpr=1&gdpr_consent=&_test=ZAaYNgAKc_wqmQBh
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZAaYNgAKc_wqmQBh&gdpr=1&gdpr_consent=&_test=ZAaYNgAKc_wqmQBh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 07 Mar 2023 01:49:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZAaYNgAKc_wqmQBh&gdpr=1&gdpr_consent=&_test=ZAaYNgAKc_wqmQBh
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-itm18848-ITM
x-timer
S1678153783.846770,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame BA7D
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9hkzd49annu4
42 B
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9hkzd49annu4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 07 Mar 2023 01:49:42 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9hkzd49annu4
lws
90
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
pxd
dps.jp.cinarra.com/ Frame 8CF1 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.128.158 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-128-158.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Tue, 07 Mar 2023 01:49:42 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F600
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6m3QQUjWAq6a01G0NpgGZA
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6m3QQUjWAq6a01G0NpgGZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6m3QQUjWAq6a01G0NpgGZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 6C92 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 07 Mar 2023 01:49:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 1499
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=72b43c5b52a64c8c818bfb2e0d02a3ad
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=72b43c5b52a64c8c818bfb2e0d02a3ad
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=72b43c5b52a64c8c818bfb2e0d02a3ad
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame DA3A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ooPZNzPWRThG0JJktx8E-9_YTBs&gdpr=0&gdpr_consent=
42 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ooPZNzPWRThG0JJktx8E-9_YTBs&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ooPZNzPWRThG0JJktx8E-9_YTBs&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 2319
Redirect Chain
  • https://adsd-sync.amanad.adtdp.com/pubmaticsync?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ecfe6e23-f069-4e0c-8c82-ce1f8a80e94a
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ecfe6e23-f069-4e0c-8c82-ce1f8a80e94a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
168
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ecfe6e23-f069-4e0c-8c82-ce1f8a80e94a
/
csync.loopme.me/ Frame 9EA3 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 56E3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 07 Mar 2023 01:49:42 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 0145
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
42 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Mar 2023 01:49:43 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hmgoj69m1Pzmsv5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-01530317849a78967@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A53A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78A0BF4C71E042B3893EE7EC17849ACC&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78A0BF4C71E042B3893EE7EC17849ACC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 07 Mar 2023 01:49:42 GMT
expires
Mon, 06 Mar 2023 01:49:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:78A0BF4C71E042B3893EE7EC17849ACC&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
u.4dex.io/ Frame 416D 		0
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Mar 2023 01:49:42 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2DA8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_Yyf-IyASHSwKNubADCM5A%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=144884
accept-ranges
bytes
content-length
5554
expires
Wed, 08 Mar 2023 18:04:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 2DA8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttd_puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttd_puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae%2C%2C
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&ttd_puid=e05eeaac-27c4-48e5-a7db-6c78369e61ae%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame 2DA8
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
54.251.27.11 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-27-11.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.28.17
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.21.104
content-length
0
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame 2DA8 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Tue, 07 Mar 2023 01:49:40 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkQ4QzlGRjgtOEM4MC00ODc0LUIwMjgtREI5QjAwMzA4Q0U0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECE_1AZHgJbjG94P1rPcib0&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECE_1AZHgJbjG94P1rPcib0&google_cver=1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECE_1AZHgJbjG94P1rPcib0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2DA8 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 06 Mar 2023 01:49:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZAaYNsCo5s0AACemrnkAAAAA
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZAaYNsCo5s0AACemrnkAAAAA
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 07 Mar 2023 01:49:42 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"223.216.76.27","key":"ZAaYNsCo5s0AACemrnkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad431"}
X-SO-Key
ZAaYNsCo5s0AACemrnkAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad431
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZAaYNsCo5s0AACemrnkAAAAA
Cache-Control
private
X-SO-HostName
m-ad431.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-IP
223.216.76.27
Pug
simage2.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
sync
x.bidswitch.net/ Frame 2DA8 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5358275005561920827
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5358275005561920827
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5358275005561920827
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
FD8C9FF8-8C80-4874-B028-DB9B00308CE4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2DA8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FD8C9FF8-8C80-4874-B028-DB9B00308CE4?gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.64.139 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-64-139.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RphdAOBE2uVlWL_iDtZm3DeY3gzfWbQ-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RphdAOBE2uVlWL_iDtZm3DeY3gzfWbQ-~A&gdpr=0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RphdAOBE2uVlWL_iDtZm3DeY3gzfWbQ-~A&gdpr=0
date
Tue, 07 Mar 2023 01:49:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7745423018836985897&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7745423018836985897&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 01:49:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7745423018836985897&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2DA8
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=59887ba7995f1b35&is_secure=true&networkId=17100&version=1&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhGv4L_lq8QNBAKsEAAAAAAA&expiration=1678240183&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&...
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhGv4L_lq8QNBAKsEAAAAAAA&expiration=1678240183&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Mar 2023 01:49:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALhGv4L_lq8QNBAKsEAAAAAAA&expiration=1678240183&nuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame EAAA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:42 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server
AkamaiGHost
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame 5DF1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=1142422145&adf=3009458328&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779809&bpp=1&bdt=1576&idt=738&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=852&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AZ8MrdUtOM&p=https%3A//win2012r2.com&dtd=741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame AAD0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=177904969&adf=3727613999&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=3&format=800x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779810&bpp=1&bdt=1576&idt=744&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=bBIBNG9ivG&p=https%3A//win2012r2.com&dtd=746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame 9E94 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=90&slotname=9405609086&adk=623033813&adf=3666376574&pi=t.ma~as.9405609086&w=800&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=2&format=800x90&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779807&bpp=2&bdt=1573&idt=725&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZB9rJmmNtA&p=https%3A//win2012r2.com&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30D4 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXV42I-C1ohaF-CeRUto_NnJxLkE-MPjcmV71L4-tULvOimaTDt8RsnJLub_nW95oDwHw5hFaIAk6xDj8YkVv1QcYYl8xWWuDJxFIK3f3tYi4yAh3XtfkxHl-QEUO1bLU4mEI&sai=AMfl-YTGvAhx7pqGNYP99OylatPI-N4uz2PIDr3L0Dp2JIT_tiyng2chZCISO5aad3z1d9ztOEQVD36hobgKcmrcoRAPPXypvvtGjlc&sig=Cg0ArKJSzDAtWO0N-j_NEAE&cid=CAQSKQDUE5ym5DI6SaAk4T2Vw3OnhQ2g5kZey5hOCpmEkqwzuROrFPVHaDf0GAE&id=lidar2&mcvt=1061&p=0,0,280,336&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2300975146&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678153780561&rpt=1271&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EAAA 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21979
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:43 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:43 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:43 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ 		561 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
5ed00e5552aaa4690e24a51ec3ac0ede76e19008e675ea85ef4bcf93c6bf56f9

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=102378&f=6&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:43 GMT
server
nginx
x-iplb-request-id
DFD84C1B:DB82_36264064:01BB_64069834_3DED872:0B19
x-iplb-instance
24858
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/ 		561 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
c63e5d0401f888f71163dbb7dac4acd98b10da77d6eab82937adfe1776afe9f3

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=102378&f=19&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:43 GMT
server
nginx
x-iplb-request-id
DFD84C1B:DB85_36264064:01BB_64069833_3DE7250:24D1B
x-iplb-instance
38436
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
872ecdbd69008948e80bb8487b920b1e01c7fcd8beefcf302fddc7723fbe820e

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-smrt-i
10501150
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=102378&f=30&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=30
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:43 GMT
server
nginx
x-iplb-request-id
DFD84C1B:DB83_36264064:01BB_64069833_3DE0D59:1809B
x-iplb-instance
38431
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
setuid
u.4dex.io/ Frame EAAA
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
0
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
tap.php
pixel.rubiconproject.com/ Frame EAAA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gD_0s1IaVVEeBAhKw3tAdw?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 07 Mar 2023 01:49:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame EAAA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXLFK09-7-IR3B&gdpr=0
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXLFK09-7-IR3B&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:43 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 845F70F71B0C4442B8005D92B7E049FC Ref B: OSA30EDGE0407 Ref C: 2023-03-07T01:49:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2RaAm5oYxQbDHmE1yEQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXLFK09-7-IR3B&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame EAAA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ly63OGSrTbKiQeqky2KriA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ly63OGSrTbKiQeqky2KriA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ly63OGSrTbKiQeqky2KriA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DWPVW5RFXJHKWPVHCQH5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ly63OGSrTbKiQeqky2KriA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EAAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EAAA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFiODg4OGRjMmQxMDM1MDU5NGUxMWI0YWI5NDQ1MDg1OWZkNzRiNQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFiODg4OGRjMmQxMDM1MDU5NGUxMWI0YWI5NDQ1MDg1OWZkNzRiNQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFiODg4OGRjMmQxMDM1MDU5NGUxMWI0YWI5NDQ1MDg1OWZkNzRiNQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EAAA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYTEZLMDktNy1JUjNC&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYTEZLMDktNy1JUjNC&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYTEZLMDktNy1JUjNC&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EAAA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xB9e98txTReNYR4u3JhrAw&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xB9e98txTReNYR4u3JhrAw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xB9e98txTReNYR4u3JhrAw&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FDS9ZPWGNRFVK11PA94N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xB9e98txTReNYR4u3JhrAw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EAAA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
genericpost
ww1097.smartadserver.com/ 		22 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d4483dbd2f64525c66022a32c443c31fcc0ab3b7e4cfa873914e0f48903fcd0e

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://win2012r2.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://win2012r2.com
date
Tue, 07 Mar 2023 01:49:43 GMT
vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 0594 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4Yus-wfvo-2PlhR61V5gUhE7l33Nc33dTWsZ4E99j2RL4zGHrjbULqjp5OEhUe5tO7JXOsr_5Lhb1yFPAjC56TbxqBSyLR1lRZG-Dnhz6eSa-8ESD6TOTtCOfl5Z-Un08crY&sai=AMfl-YRCQjkW7pvzKvwnJEZmXhOV77OaMXavR893m_NgFKWXgFMgvpJZUQW6VhWZ6gdPLgaFajNZVGHjCTUnTIQCMtpW8KI2Too-qhY&sig=Cg0ArKJSzJ4w8nzh0WbBEAE&cid=CAQSKQDUE5ymmoNr4vmhl4a28r1oZ1El9Ej3Lm7nhvf3JY7hwXGovg79FSm4GAE&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=188,872,1004,1004,1004&tos=188,684,132,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678153781858&rpt=466&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB
0
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZAaYNYOJJ4ARKje1WrpskQAAFVMAAAAB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
dv-measurements3556.js
cdn.doubleverify.com/ Frame 9BDB 		554 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3556.js
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.106.35 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-106-35.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3572a010b52464fd20bcf4e411a3c6565f5d0eba9414200bb93d797d9866bb65

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Mar 2023 12:43:47 GMT
Server
Microsoft-IIS/10.0
ETag
"8083ce20604fd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108375
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8995 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
82866
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 02:48:37 GMT
etag
48472445140208031
expires
Tue, 07 Mar 2023 02:48:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 989D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f32defa557ae9e3be6dfae8d2f154da0f94eccd13a4fccb8ed8bb6730e578468

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
/
servedby.flashtalking.com/imp/8/115752;4398657;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedJPDSKBAN300x250/ Frame 989D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/115752;4398657;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedJPDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26us_privacy%3D1---%26client%3Dca-pub-7278989100934226%26output%3Dhtml%26h%3D280%26slotname%3D9405609086%26adk%3D2300975146%26adf%3D3404489640%26pi%3Dt.ma~as.9405609086%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678153780%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwin2012r2.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678153779811%26bpp%3D1%26bdt%3D1578%26idt%3D753%26shv%3Dr20230302%26mjsv%3Dm202302280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C800x90%252C800x280%252C800x280%252C336x280%26nras%3D1%26correlator%3D1312555354233%26frm%3D20%26pv%3D1%26ga_vid%3D1991005425.1678153779%26ga_sid%3D1678153781%26ga_hid%3D660623554%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1072%26ady%3D1559%26biw%3D1600%26bih%3D1&gdpr=0&us_privacy=${US_PRIVACY}&cachebuster=446555.2491041786&ft_dv=%5B%25ft_dv%25%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.7.250 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-7-250.deploy.static.akamaitechnologies.com
Software
prod-xre-app11.tky11 /
Resource Hash
5f686a9634db75a00a92d7e854b6e8589b62598f05b972c577267ccfd53f53ba
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app11.tky11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1262
Expires
Tue, 07 Mar 2023 01:49:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8206 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyinAomPw4Vne88JikNt1vmVXbM9DNVk0WXdE0fXLg5hcUL3zuFV677J45IQnWpxUEbRSNJlPbFExUvxm5PYYgugikdu3IgIZY4OOBCthddKRLSws5XI67OkgfEdZ-zwB9SG0&sai=AMfl-YSIFq_Vu8yQHbnqzVF5iE6HfFpaWLV3ke3ZVM8mg23N4pc1tWG5fl2EUb_2SHMktkMinTl0KeFfeHLbsglJLUs2VuoJxoyQxXU&sig=Cg0ArKJSzKB7t50hqhdJEAE&cid=CAQSKQDUE5ym-rgKQzEV3a-V6QZZ0zD8VGBvk4YGQQoP8ozuH0X-o5cr7x6aGAE&id=lidar2&mcvt=1053&p=0,0,280,800&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1142422145&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678153780551&rpt=2085&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F9B 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucyYxm_PomA1f46Im3rjM6SSLs2w8CutEFlTXTxG7aB4x7mVQWsjtg1wNp09RsD6x0KU9i5_t4z4y4_Vk0o5e3HgqIbpAZSsz_e5_GbG-qICM_HcZ_pe8QB7iT_eTVKG8KEDU&sai=AMfl-YTqNQ1dHqpotrPwhq-MGhCLbE9B8ucKx_NLhnpX0M7fb9LJUr_wv1ekts-RvpSTrZXPtpghMNsmBEIE6ovwKYJ1VOuaiWYIlEQ&sig=Cg0ArKJSzPiC30DgyMJgEAE&cid=CAQSKQDUE5ymupaGnlluOeOlnFJntwxhghZRJZN3GkXaEYS50KuOOel_ZIhbGAE&id=lidar2&mcvt=1012&p=0,0,90,800&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=623033813&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678153780537&rpt=2133&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8995
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECaxC1LwvSmPCAJwWatwbtM&google_cver=1&google_push=Aa02lx_zkl4Bfp0pciGtwk1deBioKr_FhOgr11t4sfiPU6zYlB9VtDY...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=761ce0e4cdc21b35&is_secure=true&networkId=14000&version=1&google_gid=CAESECaxC1LwvSmPCAJwWatwbtM&google_cver=1&google_push=Aa02lx_zkl4B...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqn1gU8TlrAM3mFssAAAAAAA&expiration=1678240183&google_cver=1&is_secure=true&google_gid=CAESECaxC1LwvSmPCAJwWatwb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqn1gU8TlrAM3mFssAAAAAAA&expiration=1678240183&google_cver=1&is_secure=true&google_gid=CAESECaxC1LwvSmPCAJwWatwbtM&google_push=Aa02lx_zkl4Bfp0pciGtwk1deBioKr_FhOgr11t4sfiPU6zYlB9VtDYrqz4v90SXIj7DzScAe1Ohcd3jIDBTncoGs2h9ZK0PJ-gm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJqn1gU8TlrAM3mFssAAAAAAA&expiration=1678240183&google_cver=1&is_secure=true&google_gid=CAESECaxC1LwvSmPCAJwWatwbtM&google_push=Aa02lx_zkl4Bfp0pciGtwk1deBioKr_FhOgr11t4sfiPU6zYlB9VtDYrqz4v90SXIj7DzScAe1Ohcd3jIDBTncoGs2h9ZK0PJ-gm
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 8995
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYpXZb4q9NguoF2Yd81s6M&google_cver=1&google_push=Aa02lx_OLf4MfemrLNcMtipUmgD62cO8wvZTjLmqz3xuJfNzVvAo0PufkGZguLfkDdyd2CuiWvlu9T4JGC51Gj-J...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx_OLf4MfemrLNcMtipUmgD62cO8wvZTjLmqz3xuJfNzVvAo0PufkGZguLfkDdyd2CuiWvlu9T4JGC51Gj-JW3vwrETc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx_OLf4MfemrLNcMtipUmgD62cO8wvZTjLmqz3xuJfNzVvAo0PufkGZguLfkDdyd2CuiWvlu9T4JGC51Gj-JW3vwrETcfMGi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Mar 2023 01:49:43 GMT
Server
MT3 569 46451a0 master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=4bNkBpgzRwCYf3orED_UJw&google_push=Aa02lx_OLf4MfemrLNcMtipUmgD62cO8wvZTjLmqz3xuJfNzVvAo0PufkGZguLfkDdyd2CuiWvlu9T4JGC51Gj-JW3vwrETcfMGi
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Mar 2023 01:49:42 GMT
pixel
cm.g.doubleclick.net/ Frame 8995
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODRkYjA2MzgtNDE3YS00OTdmLWI5NzUtZWY3NzAxZDUwNTIx&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx8T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODRkYjA2MzgtNDE3YS00OTdmLWI5NzUtZWY3NzAxZDUwNTIx&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx8TkJb6nlffPt5Wvdu4WeQGlHA6ehGqBZjEEhjZOhPtidnLiBBRhXIlfrfRz_kBGvDAn_mYHnuupwD_fHJevKae9vsWNBJ_rw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ODRkYjA2MzgtNDE3YS00OTdmLWI5NzUtZWY3NzAxZDUwNTIx&google_gid=CAESEJHYDeOCUdwPm0Hmwou9gqk&google_cver=1&google_push=Aa02lx8TkJb6nlffPt5Wvdu4WeQGlHA6ehGqBZjEEhjZOhPtidnLiBBRhXIlfrfRz_kBGvDAn_mYHnuupwD_fHJevKae9vsWNBJ_rw
date
Tue, 07 Mar 2023 01:49:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8995
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFHYqzMY7waOxoHlNqSMfLA&google_cver=1&google_push=Aa02lx_HZppD4nEMc_HdgdN3AxHjUvReaKAcx9s4F9-qDaMhtk7ys8oMxI2te7FRUTRSr-ZC3HMV1M...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx_HZppD4nEMc_HdgdN3AxHjUvReaKAcx9s4F9-qDaMhtk7ys8oMxI2te7FRUTRSr-ZC3HMV1MybITht9fiMDMWKF89m2TUJ4w&google_hm=NjQ5Njk4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx_HZppD4nEMc_HdgdN3AxHjUvReaKAcx9s4F9-qDaMhtk7ys8oMxI2te7FRUTRSr-ZC3HMV1MybITht9fiMDMWKF89m2TUJ4w&google_hm=NjQ5Njk4MDk3MDIwNDQ5OTMyOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=Aa02lx_HZppD4nEMc_HdgdN3AxHjUvReaKAcx9s4F9-qDaMhtk7ys8oMxI2te7FRUTRSr-ZC3HMV1MybITht9fiMDMWKF89m2TUJ4w&google_hm=NjQ5Njk4MDk3MDIwNDQ5OTMyOA%3D%3D
date
Tue, 07 Mar 2023 01:49:43 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8995
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx_ZlQBgW2fub2VxzLX9Hbj5HowvZ5yPXndByN-mxTY7CrI3yCGDhF_0kNCRN2nyhwj5ONUxe...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_ZlQBgW2fub2VxzLX9Hbj5HowvZ5yPXndByN-mxTY7CrI3yCGDhF_0kNCRN2nyhwj5ONUxeM4AybwLqIn0DNulQoY51fhvYg&google_hm=WkFhWU5zQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_ZlQBgW2fub2VxzLX9Hbj5HowvZ5yPXndByN-mxTY7CrI3yCGDhF_0kNCRN2nyhwj5ONUxeM4AybwLqIn0DNulQoY51fhvYg&google_hm=WkFhWU5zQ281dWdBQUQyTU8xSUFBQUFB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Mar 2023 01:49:43 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEEastTIGW0__hKITRrO98GU&google_cver=1&google_push=Aa02lx_ZlQBgW2fub2VxzLX9Hbj5HowvZ5yPXndByN-mxTY7CrI3yCGDhF_0kNCRN2nyhwj5ONUxeM4AybwLqIn0DNulQoY51fhvYg","cluster_id":0,"gdpr":false,"ipv4":"223.216.76.27","key":"ZAaYNsCo5ugAAD2MO1IAAAAA","privacy_sensitive":false,"uid":"ZAaYNsCo5ugAAD2MO1IAAAAA","upstream_id":"m-ad151"}
X-SO-Key
ZAaYNsCo5ugAAD2MO1IAAAAA
X-SO-Upstream-ID
m-ad151
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad151.dc4p.scaleout.jp
X-SO-UID
ZAaYNsCo5ugAAD2MO1IAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
223.216.76.27
X-SO-Cluster-ID
0
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx_ZlQBgW2fub2VxzLX9Hbj5HowvZ5yPXndByN-mxTY7CrI3yCGDhF_0kNCRN2nyhwj5ONUxeM4AybwLqIn0DNulQoY51fhvYg&google_hm=WkFhWU5zQ281dWdBQUQyTU8xSUFBQUFB
Cache-Control
private
X-SO-Ads-Time
3
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
pixel
cm.g.doubleclick.net/ Frame 8995
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAMfgjjVdo2f4UjyD-w5N5k&google_cver=1&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y5...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEAMfgjjVdo2f4UjyD-w5N5k%26google_cver%3D1%26google_push%3DAa02lx8vdFwl_tNfBl90Bo...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4266243696831783884&exchange=193&google_gid=CAESEAMfgjjVdo2f4UjyD-w5N5k&google_cver=1&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyNjYyNDM2OTY4MzE3ODM4ODQ&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyNjYyNDM2OTY4MzE3ODM4ODQ&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y58aR9Uv_b0y2uOZ6qXhv4hg
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyNjYyNDM2OTY4MzE3ODM4ODQ&google_push=Aa02lx8vdFwl_tNfBl90Bo0tY0Mo-WDf4CI9dP3vWEYr69Iikr7x4_JPtFBh5tGQ8qHDU4M18f_wZ7y58aR9Uv_b0y2uOZ6qXhv4hg
Date
Tue, 07 Mar 2023 01:49:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8995
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDs02IYH36zWfRt3rIdkc68&google_cver=1&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEDs02IYH36zWfRt3rIdkc68&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9VBqJ4g_Msm59y8WInZSXJp8aug&google_hm=Uk1td083X2hhV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9VBqJ4g_Msm59y8WInZSXJp8aug&google_hm=Uk1td083X2hhVzFiNkNvMDFsU00=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:44 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8YmRN3d_YvYz_L4oWhBM0engZ491mXZN7-X9K4QzsfnnAIBj00Tf4KiPht-lFTEB-mKGgq9VBqJ4g_Msm59y8WInZSXJp8aug&google_hm=Uk1td083X2hhVzFiNkNvMDFsU00=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
243
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8995 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzmsK3kcpSt2TRR-k6Vd7936erQtkywAn1hwegGCsYJWTskCfBJou30QwPwgI2Kd8qFeEAd3o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame 9BDB 		694 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=107&ttfrms=25&brid=3&brver=110.0.5481.177&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauH%3A%3Fa_%60aCa%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauH%3A%3Fa_%60aCa%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1678153783766737&jsCallback=dvCallback_1678153783766365&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3556&tgjsver=3556&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26us_privacy%3D1---%26client%3Dca-pub-7278989100934226%26output%3Dhtml%26h%3D280%26slotname%3D9405609086%26adk%3D2300975146%26adf%3D3404489640%26pi%3Dt.ma~as.9405609086%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678153780%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwin2012r2.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678153779811%26bpp%3D1%26bdt%3D1578%26idt%3D753%26shv%3Dr20230302%26mjsv%3Dm202302280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C800x90%252C800x280%252C800x280%252C336x280%26nras%3D1%26correlator%3D1312555354233%26frm%3D20%26pv%3D1%26ga_vid%3D1991005425.1678153779%26ga_sid%3D1678153781%26ga_hid%3D660623554%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1072%26ady%3D1559%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759842%252C44759875%252C44759926%252C31072787%252C44774606%252C31071662%26oid%3D2%26pvsid%3D3727815103390617%26tmod%3D1522812755%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26fsb%3D1%26xpc%3DaJlHblYrtK%26p%3Dhttps%253A%2F%2Fwin2012r2.com%26dtd%3D755&fcifrms=12&brh=2&sdf=2&dvp_epl=242&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://win2012r2.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0j9T4DcnGX2xOTIU-JxvK8M&DVP_DBM_1=3060631&DVP_DBM_2=24968041&DVP_DBM_3=15235470221&DVP_DBM_4=396328078&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=467642225278&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=559554306.710516&dvp_tukv=18072634.266044725&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=940423478468&jurtd=3177451591
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3556.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
29f668612604b18e636987b3bf1c286fb5470c1c164cb8e0b031529f5f161abc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:44 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
03/06/2023 01:49:44
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2G2FZZXW0F&gtm=45je3310&_p=660623554&cid=1991005425.1678153779&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1678153778&sct=1&seg=0&dl=https%3A%2F%2Fwin2012r2.com%2F&dt=Windows%20%E5%AE%9F%E8%B7%B5%E3%82%AC%E3%82%A4%E3%83%89&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2G2FZZXW0F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j-4398657-4241464.js
cdn.flashtalking.com/xre/439/4398657/4241464/js/ Frame 989D 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/439/4398657/4241464/js/j-4398657-4241464.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115752;4398657;201;jsappend;DV360;DV360FY20AcrobatCTXCustomAffinityBlendedJPDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26us_privacy%3D1---%26client%3Dca-pub-7278989100934226%26output%3Dhtml%26h%3D280%26slotname%3D9405609086%26adk%3D2300975146%26adf%3D3404489640%26pi%3Dt.ma~as.9405609086%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678153780%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwin2012r2.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678153779811%26bpp%3D1%26bdt%3D1578%26idt%3D753%26shv%3Dr20230302%26mjsv%3Dm202302280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C800x90%252C800x280%252C800x280%252C336x280%26nras%3D1%26correlator%3D1312555354233%26frm%3D20%26pv%3D1%26ga_vid%3D1991005425.1678153779%26ga_sid%3D1678153781%26ga_hid%3D660623554%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1072%26ady%3D1559%26biw%3D1600%26bih%3D1&gdpr=0&us_privacy=${US_PRIVACY}&cachebuster=446555.2491041786&ft_dv=%5B%25ft_dv%25%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bc435eb5276db5f823c6792fb9eca869986230a0239b35cd7570b06df829678f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:44 GMT
Content-Encoding
gzip
x-amz-request-id
62YNFZ8F0FVZAY2T
Connection
Keep-Alive
Content-Length
15339
x-amz-id-2
mE6ONRWHMPCAblTBWx/0yyGhliJSSevxhWgCA3jn+U9eKJheY/MikU716N97+syCnB4RSnIkH1g=
Last-Modified
Fri, 03 Mar 2023 18:36:52 GMT
ETag
"1677868612"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1678153784.dop209.os1.t,1678153784.cds217.os1.shn,1678153784.dop209.os1.t,1678153784.cds223.os1.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=955
Accept-Ranges
bytes
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-162fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Mar 2023 01:49:44 GMT
d9core
d9.flashtalking.com/ Frame 989D 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/439/4398657/4241464/js/j-4398657-4241464.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.224.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-224-55.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
5971a5d81647b4a74c7a3899761b71c142586067dd0d29d5fb009b34ad752b25

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:43 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10813
dvtp_src.js
cdn.doubleverify.com/ Frame 989D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115752&sid=18330&plc=4398657&num=&adid=&advid=&adsrv=29&btreg=4398657&btadsrv=flashtalking&crt=4241464&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=0D4EF17D-0C0D-3B7B-4BFF-74D74BB16714&auevent=&132393944
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/439/4398657/4241464/js/j-4398657-4241464.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.106.35 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-106-35.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
03d9196c5bb20ddd14f858687cc827133dfb110401d678b90fbacf02c9e26f9a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Mar 2023 14:02:25 GMT
Server
Microsoft-IIS/10.0
ETag
"802ef41c6b4fd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3337
4241464.gif
cdn.flashtalking.com/xre/439/4398657/4241464/image/ Frame 989D 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/xre/439/4398657/4241464/image/4241464.gif?142386188
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b6b24af40c417032fe9a1b411ef89871afd6d0d37099ac62be0ff7222eec75cc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:44 GMT
Last-Modified
Fri, 03 Mar 2023 16:50:07 GMT
x-amz-request-id
SPP8TTX55W2J0FNS
ETag
"1677862207"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-HW
1678153784.dop209.os1.t,1678153784.cds217.os1.shn,1678153784.dop209.os1.t,1678153784.cds236.os1.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=955
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
39429
x-amz-id-2
TAGXArM7+an7sOrJbJ7OwGNnIR2Upxr4+heQ3/7Yra0/kgJyxy7Zwln+unxDP+0Wqw6xmWFcimE=
iconc.png
secure.flashtalking.com/oba/icon/ Frame 989D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.56 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:44 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:31 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin
us
X-Varnish
394860326 286221358
Content-Type
image/png
Cache-Control
max-age=1656359
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Sun, 26 Mar 2023 05:55:43 GMT
dv-measurements3556.js
cdn.doubleverify.com/ Frame 60A2 		554 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3556.js
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.106.35 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-106-35.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3572a010b52464fd20bcf4e411a3c6565f5d0eba9414200bb93d797d9866bb65

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Mar 2023 12:43:47 GMT
Server
Microsoft-IIS/10.0
ETag
"8083ce20604fd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108375
visit.js
tps.doubleverify.com/ Frame 60A2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=93&ttfrms=7&brid=3&brver=110.0.5481.177&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauH%3A%3Fa_%60aCa%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauH%3A%3Fa_%60aCa%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=3018&ddur=58&uid=1678153784306305&jsCallback=dvCallback_1678153784306963&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3556&tgjsver=3556&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26us_privacy%3D1---%26client%3Dca-pub-7278989100934226%26output%3Dhtml%26h%3D280%26slotname%3D9405609086%26adk%3D2300975146%26adf%3D3404489640%26pi%3Dt.ma~as.9405609086%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1678153780%26rafmt%3D1%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwin2012r2.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1678153779811%26bpp%3D1%26bdt%3D1578%26idt%3D753%26shv%3Dr20230302%26mjsv%3Dm202302280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C800x90%252C800x280%252C800x280%252C336x280%26nras%3D1%26correlator%3D1312555354233%26frm%3D20%26pv%3D1%26ga_vid%3D1991005425.1678153779%26ga_sid%3D1678153781%26ga_hid%3D660623554%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1072%26ady%3D1559%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44777876%252C44759842%252C44759875%252C44759926%252C31072787%252C44774606%252C31071662%26oid%3D2%26pvsid%3D3727815103390617%26tmod%3D1522812755%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26fsb%3D1%26xpc%3DaJlHblYrtK%26p%3Dhttps%253A%2F%2Fwin2012r2.com%26dtd%3D755&fcifrms=12&brh=2&sdf=2&dvp_epl=242&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115752&sid=18330&plc=4398657&crt=4241464&btreg=4398657&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=0D4EF17D-0C0D-3B7B-4BFF-74D74BB16714&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=559554306.710516&dvp_tukv=48739255585.85596&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=1654204070302&jurtd=1433398404
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3556.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
63359089875e34d3768ae1431fed33d68d90d3fe8c8fd28050d3f80c050e8e62

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:44 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
03/06/2023 01:49:44
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 989D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7278989100934226&output=html&h=280&slotname=9405609086&adk=2300975146&adf=3404489640&pi=t.ma~as.9405609086&w=336&fwrn=4&fwrnh=100&lmt=1678153780&rafmt=1&format=336x280&url=https%3A%2F%2Fwin2012r2.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678153779811&bpp=1&bdt=1578&idt=753&shv=r20230302&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x90%2C800x280%2C800x280%2C336x280&nras=1&correlator=1312555354233&frm=20&pv=1&ga_vid=1991005425.1678153779&ga_sid=1678153781&ga_hid=660623554&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=1559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759875%2C44759926%2C31072787%2C44774606%2C31071662&oid=2&pvsid=3727815103390617&tmod=1522812755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=aJlHblYrtK&p=https%3A//win2012r2.com&dtd=755
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.56 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:44 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin
us
X-Varnish
107776417 107557394
Content-Type
image/png
Cache-Control
max-age=706
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Tue, 07 Mar 2023 02:01:30 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Mar 2023 01:49:44 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2DA8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
lgc
d9.flashtalking.com/ Frame 989D 		103 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.224.55 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-224-55.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
2de97ac8028d131c329657a3b31fb2287e3b4cf0958b8bb813e6bfef3baa83af

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 07 Mar 2023 01:49:44 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
103
/
servedby.flashtalking.com/state/4398657;4241464;0;401;0D4EF17D-0C0D-3B7B-4BFF-74D74BB16714/ Frame 989D 		42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/4398657;4241464;0;401;0D4EF17D-0C0D-3B7B-4BFF-74D74BB16714/?ft_data=d9:d0b018f1458b4412bb636a0e6af4a621;d9s:d0b018f1458b4412bb636a0e6af4a621&cachebuster=703668906
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.7.250 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-7-250.deploy.static.akamaitechnologies.com
Software
prod-xre-app9.tky11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:44 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app9.tky11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Tue, 07 Mar 2023 01:49:44 GMT
lib_watermark.js
ads.themoneytizer.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_watermark.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
b8b0db583acb8255792448212abc01984bed38a2799697ef8b9b09d410b283d0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:45 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
74714
x-77-nzt
AVm7oB1bl/n/2iMBAA
pragma
public
x-accel-expires
@1678165471
last-modified
Fri, 24 Feb 2023 15:43:26 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587939980664b461e008
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 07 Mar 2023 05:04:31 GMT
300x250.png
ads.themoneytizer.com/passback/moneytizer/ Frame E457 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.themoneytizer.com/passback/moneytizer/300x250.png
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f2deef450997edbab9c5766cd19c5a92fab6ad60764cff1e8661f12c87b4e186

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:45 GMT
x-cache
HIT
x-77-cache
HIT
x-age
74714
content-length
18013
x-77-nzt
AVm7oB34ajH/2iMBAA
pragma
public
x-accel-expires
@1678165471
last-modified
Tue, 10 Jan 2023 10:35:12 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587939980664575d390a
content-type
image/png
cache-control
max-age=86400, public, no-transform
accept-ranges
bytes
expires
Tue, 07 Mar 2023 05:04:31 GMT
ot.js
fo-api.omnitagjs.com/fo-api/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-api.omnitagjs.com/fo-api/ot.js?Placement=66f77b0b79783e0b1bdb9581c1ddcb5d
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b5451e775ea83d981789fed51393af23d2a7182da33ecf20619c8e5b2b7ff54f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:45 GMT
via
kong/2.8.3
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
6
content-length
1352
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding
expires
0
aip
itx4.smartadserver.com/h/ 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itx4.smartadserver.com/h/aip?uii=4256948142526292112&tmstp=7464904939&ckid=6496980970204499328&systgt=%24qc%3d1308020772%3b%24ql%3dHigh%3b%24qpc%3d461-0013%3b%24qt%3d36_5_126711t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d5506%3b%24wpc%3d1273%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d11709%3b%24wpc%3d6396%3b%24wpc%3d12176%3b%24wpc%3d12177%3b%24wpc%3d11749%3b%24wpc%3d6425%3b%24wpc%3d12188%3b%24wpc%3d11710%3b%24wpc%3d11748%3b%24wpc%3d11737%3b%24wpc%3d6235%3b%24wpc%3d13067%3b%24wpc%3d13074%3b%24wpc%3d13085%3b%24wpc%3d13086%3b%24wpc%3d13089%3b%24wpc%3d13093%3b%24wpc%3d13096%3b%24wpc%3d13100%3b%24wpc%3d13102%3b%24wpc%3d13104%3b%24wpc%3d13105%3b%24wpc%3d13110%3b%24wpc%3d13111%3b%24wpc%3d13112%3b%24wpc%3d13113%3b%24wpc%3d13116%3b%24wpc%3d13117%3b%24wpc%3d13118%3b%24wpc%3d13119%3b%24wpc%3d13120%3b%24wpc%3d13123%3b%24wpc%3d13124%3b%24wpc%3d13125%3b%24wpc%3d13129%3b%24wpc%3d13145%3b%24wpc%3d13157%3b%24wpc%3d13160%3b%24wpc%3d13161%3b%24wpc%3d13167%3b%24wpc%3d13193%3b%24wpc%3d13195&acd=1678153784959&envtype=0&hol_cpm=0&opid=4ff14844-072f-43e8-a986-c375de344f3b&opdt=1678153784959&siteid=558924&hb_bid=moneytizer&hb_cpm=0&hb_ccy=USD&hb_dealid=0&tgt=hb_adid%3d1255a48e8e831838%3bhb_pb%3d0%3bhb_bidder%3dmoneytizer%3bhb_format%3d35757%3b%3b%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fwin2012r2.com%2f&cappid=6496980970204499328&capp=0&mcrdbt=1&insid=11298778&imgid=0&pgid=1698062&fmtid=35757&isLazy=0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:45 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tm.png
ads.themoneytizer.com/media/ Frame E457 		228 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.themoneytizer.com/media/tm.png
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:45 GMT
x-cache
HIT
x-77-cache
HIT
x-age
74714
content-length
228
x-77-nzt
AVm7oB2tcxT/2iMBAA
pragma
public
x-accel-expires
@1678165471
last-modified
Mon, 07 Nov 2022 09:00:04 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac5879399806640c026a0f
content-type
image/png
cache-control
max-age=86400, public, no-transform
accept-ranges
bytes
expires
Tue, 07 Mar 2023 05:04:31 GMT
lib_footer_slidein.js
ads.themoneytizer.com/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_footer_slidein.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102378&formatId=11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
9ab2020dab16b882c3a205ceb9baf3c838923a07dc87a04fe6d8151e02ea64df

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:45 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
74714
x-77-nzt
AVm7oB0h1FD/2iMBAA
pragma
public
x-accel-expires
@1678165471
last-modified
Fri, 17 Feb 2023 20:24:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac587939980664f8629a1b
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 07 Mar 2023 05:04:31 GMT
renderer-sticky-video.js
chat.missena.io/ 		128 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.missena.io/renderer-sticky-video.js
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-85.nrt57.r.cloudfront.net
Software
/
Resource Hash
77d0e22933dcf5e75373c7417aa5206ee30eb99048881409ab1cbb0f494387d2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:27 GMT
content-encoding
gzip
via
1.1 aaaa38f6638fefc2221f20ff18eceef2.cloudfront.net (CloudFront)
last-modified
Mon, 06 Mar 2023 18:31:02 GMT
x-amz-cf-pop
NRT57-P2
age
21
etag
W/"64063166-1ffe4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-id
XfquTQPEQLqL0J-Enf14rZbjOSjYT_MQ4JzJZ71PZTX84HAQgppPQw==
expires
Tue, 07 Mar 2023 01:51:24 GMT
ot_multi_template.js
fo-static.omnitagjs.com/fo-static/ 		501 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-static.omnitagjs.com/fo-static/ot_multi_template.js
Requested by
Host: fo-api.omnitagjs.com
URL: https://fo-api.omnitagjs.com/fo-api/ot.js?Placement=66f77b0b79783e0b1bdb9581c1ddcb5d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.33.211 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-33-211.deploy.static.akamaitechnologies.com
Software
ayl-lb-fra02 /
Resource Hash
d1a405fbaabdea61f0df360454fa9789c73bf7a37ff67c91088ded727899aaaf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win2012r2.com/
Origin
https://win2012r2.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
pragma
public
last-modified
Wed, 22 Feb 2023 09:51:53 GMT
server
ayl-lb-fra02
etag
"63f5e5b9-7d2e9"
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
false
cache-control
public, max-age=1608
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type
expires
Tue, 07 Mar 2023 02:16:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 989D 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=12158608339&version=m202301230201&ct=77&x=1&cor=4514126447019834400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		2 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f10.1e100.net
Software
ESF /
Resource Hash
79acf10f7d6c86166be06bed49f20fa283015eb981af4b0e45871d7069f48de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 01:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 01:49:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 01:49:45 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/renderer-sticky-video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
sffe /
Resource Hash
aa512f97178d2c7d30ce3d246a251c9a55392ca61a8a953af4186a75cb31a51e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122296
x-xss-protection
0
expires
Tue, 07 Mar 2023 01:49:46 GMT
clapper1.png
s3-eu-west-1.amazonaws.com/img.missena.io/video/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/img.missena.io/video/clapper1.png
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.17.208 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
77d0112eb77b4d93a2999e9bef6f74751472194caee7b45ce4f6a14d95dfd929

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:47 GMT
x-amz-version-id
mjN9tY2ZkYjU3YVhpf_yukI62tc0117f
Last-Modified
Fri, 26 Feb 2021 14:02:47 GMT
Server
AmazonS3
x-amz-request-id
Q49RF8AZ2EANFPJH
ETag
"ae7dddc8bcaab21e183a6e74e63be4ce"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
9067
x-amz-id-2
CwSuaLXSJcaUASU19cwWk7Loib6QQvcmqqQvdI+e6EUI4N2cb0DGtB5TvNyvaxOfB3YzrJYJQFg=
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e07cab4d08ee6e89f8332ac2c7cbc3155ffb2b68d0fe8d4563cb1208c4ae4c01

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
events
events.missena.io/v1/ 		0
377 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/renderer-sticky-video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/msgpack

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:46 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Vary
Origin
Access-Control-Allow-Origin
https://win2012r2.com
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
events
events.missena.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,HEAD,PUT,DELETE,PATCH
Access-Control-Allow-Origin
https://win2012r2.com
Connection
keep-alive
Date
Tue, 07 Mar 2023 01:49:45 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pixel
tracking-us-west-2.omnitagjs.com/tracking/ 		49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-us-west-2.omnitagjs.com/tracking/pixel?event_kind=PLACEMENT_MATCH_BROWSER&attempt=358244ced8d36b2066f77b0b79783e0b
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
pixel
tracking-us-west-2.omnitagjs.com/tracking/ 		49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-us-west-2.omnitagjs.com/tracking/pixel?event_kind=AVAIL&attempt=358244ced8d36b2066f77b0b79783e0b
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f3.1e100.net
Software
sffe /
Resource Hash
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://win2012r2.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 05:38:14 GMT
x-content-type-options
nosniff
age
418291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12820
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 05:38:14 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame 2AAE 		604 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
fd728b900dde23bf38b8d2d54ee07916b93fa677f448be11d65c9aaa043286d3

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html
sync
eb2.3lift.com/ Frame F92E
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
05559c248e6d90687ec1638e62d9a1d7d0dbd3e2def71592399cc604f3c3f509

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 01:49:46 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Mar 2023 01:49:46 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
csync.smilewanted.com/ Frame 8DD9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481ccb802aabe8d69eb7da4a7a9763f89b2e55f33f63a033aa90b772ea4bfae0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f0a5d29838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2476 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:45 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0BA4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
bac07df2fdaa2cd30ebd88974bca8d5bcc267d957d71afce1db7eb26b6e0f0e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1078
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usersync
usersync.gumgum.com/ Frame 9D59
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Tue, 07 Mar 2023 01:49:45 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
iframe
sync.missena.io/ Frame C080 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
1e13ea1327e676b3f97384666a2834444a826a5507a9e54ce6992b5b57ba9cbd

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
usersync
usersync.gumgum.com/ Frame 7DDF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=bzW3mEwcN2Ru0aydNQEB&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=bzW3mEwcN2Ru0aydNQEB&pi=gumgum&tc=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 07 Mar 2023 01:49:47 GMT Tue, 07 Mar 2023 01:49:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=bzW3mEwcN2Ru0aydNQEB&pi=gumgum&tc=1
pragma
no-cache
usersync
usersync.gumgum.com/ Frame 86C0
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZAaYNsCo5ugAAD2MO1IAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZAaYNsCo5ugAAD2MO1IAAAAA
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Mar 2023 01:49:45 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZAaYNsCo5ugAAD2MO1IAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad151.dc4p.scaleout.jp
X-SO-IP
223.216.76.27
X-SO-Key
ZAaYNsCo5ugAAD2MO1IAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"223.216.76.27","key":"ZAaYNsCo5ugAAD2MO1IAAAAA","privacy_sensitive":false,"uid":"ZAaYNsCo5ugAAD2MO1IAAAAA","upstream_id":"m-ad151"}
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-UID
ZAaYNsCo5ugAAD2MO1IAAAAA
X-SO-Upstream-ID
m-ad151
usersync
usersync.gumgum.com/ Frame F263
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZAaYNgAKc_wqmQBh&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZAaYNgAKc_wqmQBh&gdpr=0&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 07 Mar 2023 01:49:45 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZAaYNgAKc_wqmQBh&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-itm18848-ITM
x-timer
S1678153786.980163,VS0,VE0
usersync
usersync.gumgum.com/ Frame A868
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Tue, 07 Mar 2023 01:49:45 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master nrt-pixel-x17 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 83FB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c835c89d3368385afcb3f8bc97e31bd0878b329446a8e6c29503023c818c488c

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.2
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 2758 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hNjg3YjFjMi05OTQyLTQwMTktOWI0My04ZDBkNGNlYTg3NWQ=&gdpr=0&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 48D0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
67044
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 07 Mar 2023 01:49:46 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 01 Mar 2023 07:12:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
21, 794555
X-Served-By
cache-lga13626-LGA, cache-itm18846-ITM
X-Timer
S1678153786.301817,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01C8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144881
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Mar 2023 01:49:45 GMT
expires
Wed, 08 Mar 2023 18:04:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=5358275005561920827
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=5358275005561920827
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=adf&gdpr=0&gdpr_consent=undefined&uid=5358275005561920827
date
Tue, 07 Mar 2023 01:49:47 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6358988783605550458
0
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6358988783605550458
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Date
Tue, 07 Mar 2023 01:49:46 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f5fe5a08-390f-4dbb-9b06-8dd939374809
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6358988783605550458
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D1299ab47-06b6-4413-9268-36e9fe4c618...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e1b36406-9833-4700-987f-7a2b103fd427&expires=30&ssp=vidoomy&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
Date
Tue, 07 Mar 2023 01:49:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50
43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:48 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

date
Tue, 07 Mar 2023 01:49:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
b1sync.zemanta.com/usersync/bluekai/callback/
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DH5SXQY3IMFXGOZJ5OBZGKYTJMQ&gdpr=0
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
26 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

P3p
CP="We do not support P3P header."
Date
Tue, 07 Mar 2023 01:49:46 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

location
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=H5SXQY3IMFXGOZJ5OBZGKYTJMQ
date
Tue, 07 Mar 2023 01:49:46 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dd27bb356-86ab-47b5-b718-4ea1dccfe68c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F213%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd27bb356-86ab-47b5-b718...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F213%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd27bb356-86ab-47b5-b718-4ea1dccfe68c%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kMjdiYjM1Ni04NmFiLTQ3YjUtYjcxOC00ZWExZGNjZmU2OGM%253D%26uid%3D%24UID
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 07 Mar 2023 01:49:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F213%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dd27bb356-86ab-47b5-b718-4ea1dccfe68c%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1kMjdiYjM1Ni04NmFiLTQ3YjUtYjcxOC00ZWExZGNjZmU2OGM%253D%26uid%3D%24UID
date
Tue, 07 Mar 2023 01:49:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=d27bb356-86ab-47b5-b718-4ea1dccfe68c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_privacy=1---
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Tue, 07 Mar 2023 01:49:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=d27bb356-86ab-47b5-b718-4ea1dccfe68c
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A&gdpr=0
date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LEXLFK09-7-IR3B&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LEXLFK09-7-IR3B&gdpr=0&us_privacy=1---
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LEXLFK09-7-IR3B&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
usync.js
eus.rubiconproject.com/ Frame 2476 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21975
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 01C8 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41961482&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 07 Mar 2023 01:49:46 GMT
content-length
47
content-type
text/html; charset=UTF-8
match
ads.betweendigital.com/ Frame 2AAE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1299ab47-06b6-4413-9268-36e9fe4c618d
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1299ab47-06b6-4413-9268-36e9fe4c618d
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a5658da7-0350-48b5-88d3-7e514c81a88f&user_group=1&ssp=between&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
Date
Tue, 07 Mar 2023 01:49:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame 2AAE
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=UldjzdLUJN.AikABlGGucKpyw
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=UldjzdLUJN.AikABlGGucKpyw
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
server
nginx
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=UldjzdLUJN.AikABlGGucKpyw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 2AAE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1rcmcwRXFWRTJ1RXFVc1hCR1FYSGFOejhEeGJEZTNvekZhNEVaWkktfkE%3D&gdpr=0
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1rcmcwRXFWRTJ1RXFVc1hCR1FYSGFOejhEeGJEZTNvekZhNEVaWkktfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1rcmcwRXFWRTJ1RXFVc1hCR1FYSGFOejhEeGJEZTNvekZhNEVaWkktfkE%3D&gdpr=0
date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
btw
sync.dmp.otm-r.com/match/ Frame 2AAE 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=d43443fb-392d-5442-9fa1-7e87fba7e6b2
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.100.59.69.159.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:47 GMT
server
nginx/1.17.10
bidder_18.html
cache.betweendigital.com/code/ Frame CDAC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d43443fb-392d-5442-9fa1-7e87fba7e6b2&CACHEBUSTER=122028
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.33.236.19 Teykovo, Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
customer19.transtelecom.net
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 07 Mar 2023 01:49:48 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
63
x-cdn-request-id
573c5e0c9218f4b35634b6575b365cc1
usersync
usersync.gumgum.com/ Frame 916A 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
0
Pragma
no-cache
/
onetag-sys.com/match/ Frame 0BA4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0BA4 		42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=As3vSR1NfOhGspBYZN8AlYTbG4XVnPC_66cAc7HupG0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 0BA4
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
date
Tue, 07 Mar 2023 01:49:46 GMT
content-length
0
/
onetag-sys.com/match/ Frame 0BA4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 0BA4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0BA4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-gLp_2phE2pkR4qBMxzwpQjCtP1FRyjKuDPi4Pw--~A&expires=5&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1678153781552&gdpr=0
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 07 Mar 2023 01:49:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
missena
sync.missena.io/ Frame C080 		43 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.missena.io/missena?gdpr=0&gdpr_consent=undefined
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:46 GMT
Content-Encoding
br
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 8DD9 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
33435
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7a3f2f0c4efb838a-KIX
expires
Thu, 31 Dec 2037 23:55:55 GMT
d9e95577-1d4d-4c6a-9037-811ae54d6c81
sync.missena.io/improvedigital/ Frame C080
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=undefined&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D
  • https://sync.missena.io/improvedigital/d9e95577-1d4d-4c6a-9037-811ae54d6c81
43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.missena.io/improvedigital/d9e95577-1d4d-4c6a-9037-811ae54d6c81
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.missena.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:46 GMT
Content-Encoding
br
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://sync.missena.io/improvedigital/d9e95577-1d4d-4c6a-9037-811ae54d6c81
access-control-allow-origin
*
date
Tue, 07 Mar 2023 01:49:46 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync.html
eus.rubiconproject.com/ Frame CBB5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
  • https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18A0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144880
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Mar 2023 01:49:46 GMT
expires
Wed, 08 Mar 2023 18:04:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
6496980970204499328
sync.missena.io/smart/ Frame C080
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=undefined&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D
  • https://sync.missena.io/smart/6496980970204499328
43 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.missena.io/smart/6496980970204499328
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.missena.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:47 GMT
Content-Encoding
br
Last-Modified
Tue, 07 Mar 2023 01:49:47 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://sync.missena.io/smart/6496980970204499328
date
Tue, 07 Mar 2023 01:49:46 GMT
content-length
0
f79db6022e320fafa203ab9e5911702f
sync.missena.io/smilewanted/ Frame C080
Redirect Chain
  • https://csync.smilewanted.com/getuid?gdpr=0&gdpr_consent=undefined&pubid=3924&redirect=https%3A%2F%2Fsync.missena.io%2Fsmilewanted%2F%24UID&source=openrtb-via-prebid-server
  • https://sync.missena.io/smilewanted/f79db6022e320fafa203ab9e5911702f
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.missena.io/smilewanted/f79db6022e320fafa203ab9e5911702f
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.missena.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:46 GMT
Content-Encoding
br
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Tue, 07 Mar 2023 01:49:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://sync.missena.io/smilewanted/f79db6022e320fafa203ab9e5911702f
access-control-allow-credentials
true
cf-ray
7a3f2f0cbf5b838a-KIX
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
async_usersync
ib.adnxs.com/ Frame 48D0 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:46 GMT
AN-X-Request-Uuid
d86e9d83-a5ac-4194-8b6e-61323017b119
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
marketplace
fo-ssp-us-west-2.omnitagjs.com/fo-ssp/ 		12 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fo-ssp-us-west-2.omnitagjs.com/fo-ssp/marketplace?Attempt=358244ced8d36b2066f77b0b79783e0b&Campaign=e2a82912438eaa7d2f234f778f82c274&CanonicalUrl=https%3A%2F%2Fwin2012r2.com%2F&Origin=https%3A%2F%2Fwin2012r2.com&PageUrl=https%3A%2F%2Fwin2012r2.com%2F&Source=SSP&Url=https%3A%2F%2Fwin2012r2.com%2F&player=ima&_=1678153786342
Requested by
Host: fo-static.omnitagjs.com
URL: https://fo-static.omnitagjs.com/fo-static/ot_multi_template.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
12
content-length
12
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://win2012r2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame B231 		0
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f0d0f95838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
server
cloudflare
vary
Accept-Encoding
GRKNCBZHu6GmWJstQzOlNICU
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame 61C7
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/GRKNCBZHu6GmWJstQzOlNICU
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/GRKNCBZHu6GmWJstQzOlNICU
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f0e1867838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Tue, 07 Mar 2023 01:49:46 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/sovrn/GRKNCBZHu6GmWJstQzOlNICU
X-Sovrn-Pod
ad_ap2sfo1
6358988783605550458
sync.missena.io/xandr/ Frame 59B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.missena.io%2Fxandr%2F%24UID
  • https://sync.missena.io/xandr/6358988783605550458
43 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/xandr/6358988783605550458
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
br
Content-Type
text/plain; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin

Redirect headers

AN-X-Request-Uuid
ad727a7c-41f0-4e08-8c13-58f8a4aa3ce8
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.missena.io/xandr/6358988783605550458
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection
0
FD8C9FF8-8C80-4874-B028-DB9B00308CE4
sync.missena.io/pubmatic/ Frame 0BD0 		43 B
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/pubmatic/FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
br
Content-Type
text/plain; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
sync.missena.io/yahoo/ Frame C080
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58673/occ?gdpr=0&gdpr_consent=undefined
  • https://sync.missena.io/yahoo/y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A?gdpr=0
43 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.missena.io/yahoo/y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A?gdpr=0
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.missena.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:46 GMT
Content-Encoding
br
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://sync.missena.io/yahoo/y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A?gdpr=0
date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
isync
visitor.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://sync.missena.io/adyoulike?gdpr=0&gdpr_consent=undefined
  • https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7a3ad20597f3eba4467588004312fcf48919a007b4dd46f8f02416529177d17e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1546
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
10

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Location
https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Pragma
no-cache
Vary
Origin
usync.js
eus.rubiconproject.com/ Frame CBB5 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21975
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
4522641d3eddd1ac5c18188ef798b9d0
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 3F0D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/4522641d3eddd1ac5c18188ef798b9d0?gdpr_consent=&gdpr=0
0
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/4522641d3eddd1ac5c18188ef798b9d0?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f0f79db838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Tue, 07 Mar 2023 01:49:46 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/4522641d3eddd1ac5c18188ef798b9d0?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1678153786669071-226
bridge3.560.0_en.html
imasdk.googleapis.com/js/core/ Frame 983E 		692 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f10.1e100.net
Software
sffe /
Resource Hash
90bcf964eccf69e68420c35e7120f9f38896ce99896314a84e9be0fedeae2106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
252933
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226079
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 03:34:13 GMT
expires
Sun, 03 Mar 2024 03:34:13 GMT
last-modified
Sat, 04 Mar 2023 03:23:17 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Mar 2023 01:49:46 GMT
integrator.js
adservice.google.co.jp/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=win2012r2.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=win2012r2.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
xuid
eb2.3lift.com/ Frame F92E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame F92E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTA4NTAwMzY3ODIxNzYzNTk2MjEzMA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F92E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO-4DW_tU-IO6zJBI9WGyHE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO-4DW_tU-IO6zJBI9WGyHE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO-4DW_tU-IO6zJBI9WGyHE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F92E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTA4NTAwMzY3ODIxNzYzNTk2MjEzMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTA4NTAwMzY3ODIxNzYzNTk2MjEzMA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.222.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTA4NTAwMzY3ODIxNzYzNTk2MjEzMA%3D%3D
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame F92E 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1085003678217635962130&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A011EC8A7BCF4F809E5158EBF764D532 Ref B: OSA30EDGE0407 Ref C: 2023-03-07T01:49:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2RaBTgbj/JwtuLmMs9Q==
xuid
eb2.3lift.com/ Frame F92E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1085003678217635962130&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5358275005561920827&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 07 Mar 2023 01:49:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame F92E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1085003678217635962130?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-CL6APvhE2oSySN2uaCM6dBrulCv6OKl3PvLaeOEWlA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CL6APvhE2oSySN2uaCM6dBrulCv6OKl3PvLaeOEWlA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-CL6APvhE2oSySN2uaCM6dBrulCv6OKl3PvLaeOEWlA--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame F92E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1085003678217635962130
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame F92E 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1085003678217635962130&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
last-modified
Fri, 17 Feb 2023 00:56:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CC2232A3816F484080FCDABEEC4CE21E Ref B: OSA30EDGE0416 Ref C: 2023-03-07T01:49:46Z
etag
"625d0a86a42d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame F92E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6358988783605550458&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6358988783605550458&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 07 Mar 2023 01:49:46 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
11e1ce85-88c5-467e-9adc-a941d3f7c000
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6358988783605550458&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
%7BSTX_USER_ID%7D
csync.smilewanted.com/set_partner_userid_get/sharethrough/ Frame 291B
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f0e2873838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
LEXLFK09-7-IR3B
sync.missena.io/magnite/ Frame CBB5
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=missena&gdpr=0&gdpr_consent=undefined&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B
  • https://sync.missena.io/magnite/LEXLFK09-7-IR3B?gdpr=0&gdpr_consent=undefined
43 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.missena.io/magnite/LEXLFK09-7-IR3B?gdpr=0&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:46 GMT
Content-Encoding
br
Last-Modified
Tue, 07 Mar 2023 01:49:46 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.missena.io/magnite/LEXLFK09-7-IR3B?gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
4c764463a5d4c91dddc9d5a9d11929175ec9ffdc33ee0ad6c1ad831e5e7d7f58
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame A639
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/4c764463a5d4c91dddc9d5a9d11929175ec9ffdc33ee0ad6c1ad831e5e7d7f58
0
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/4c764463a5d4c91dddc9d5a9d11929175ec9ffdc33ee0ad6c1ad831e5e7d7f58
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f11ac08838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Tue, 07 Mar 2023 01:49:47 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/4c764463a5d4c91dddc9d5a9d11929175ec9ffdc33ee0ad6c1ad831e5e7d7f58
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
bzW3mEwcN2Ru0aydNQEB
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 15BF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/bzW3mEwcN2Ru0aydNQEB?pi=smilewanted&tc=1
0
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/bzW3mEwcN2Ru0aydNQEB?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f146eea838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 07 Mar 2023 01:49:47 GMT Tue, 07 Mar 2023 01:49:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/bzW3mEwcN2Ru0aydNQEB?pi=smilewanted&tc=1
pragma
no-cache
csi
csi.gstatic.com/ Frame 983E 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lexlfovh&c=1312555354233&slotId=656277677116.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.126.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
oa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
preload.js
tag.imonomy.com/script/14567609857/ 		271 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.imonomy.com/script/14567609857/preload.js
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d577b4b71e11103521a967b505d690ce5b5d0435a61b24cf25ff009ded3b763

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
19192
cf-polished
origSize=318797
etag
W/"63be90d3b6352a1d2f67daffc6aa6d0a9183eb48"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7a3f2f1119f619e0-KIX
pixel
tracking-us-west-2.omnitagjs.com/tracking/ 		49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-us-west-2.omnitagjs.com/tracking/pixel?event_kind=INVENTORY_PASSBACK&attempt=358244ced8d36b2066f77b0b79783e0b
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
pixel
tracking-us-west-2.omnitagjs.com/tracking/ 		49 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-us-west-2.omnitagjs.com/tracking/pixel?event_kind=INVENTORY_PASSBACK_PUBLISHER&attempt=358244ced8d36b2066f77b0b79783e0b
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
23
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
vast
bid.g.doubleclick.net/dbm/ Frame 983E 		32 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BXbMcQ0-ndr1NqWvUCkwVdD9jW-vgxBM5tAhsaMZwxnDPUSBjmGOmOzqdRIeDN3xfkUsQ9kZPeaR0uDBdlnp2E2JZwSw&cry=1&dbm_d=AKAmf-CESQHnDxEgo3XmODOQoHjsu8EABkE4XSDrKG2W7w33p0ivqiIltnfiNPZrdXJE8HN0S3GIbzwpMEgv3Lq6fHKS0OqGSUSEe9CoQqpPuKEatSSr4rnOqPX4oSz4tGBtlBvTTvjFQbjAsY07bb2K3VKswbS0sC8NVlUpmVKePbHKcC6AamQO1Dq7u5KsfU3tWNcZA5rFYHsXn6seBw8ZFkWxnTqtoXw12jaSKSVT5Keb_TDnMqRGNrkKd0kXlx6ockKdQCv3OD2bxfTdPwN9_ID5hD741jPF4NdEe_2JcSph8vy2hqnqB0YwM_Mb23r3YTL8uAMolTs6yLJ6GiJojGN4Vzvkv7vCRs8q73w_rjemq1CPJmm6QadXV_qLaaHctkbTKuDgZkBO7AHmgTBiGtvmT7aGwlQ-fzD7Cmj5zLaH-kYlwbY84uCAFMduZ9znc3TGdr0G_MpfCBaixIY1iUrz9MZzKwRs8DcKEcfPTn5GVKl9RbuEQBRWzkZ3-pbxADNhIb_TPSmjfiUOq37HrIU9PbKDAiYdWwI41MVBZ8PyKVN-eS37K3ffKqlotuJqwMWPiDhz7NJPFy-onuF0P9tnHdLk7HlYywT2wi0_OSAo4PAoqlNccIM7UiAD88fPCnjfLvyfA7eFBcwOReNfte5EsQ9eywOHsoBH4N3rqMbQTIp3EWo9B4VHgZ62_YXT7WL2hRp-uOMvKKGgl4BmjGKuQ5wDHwBG8mys_4aewp69UA7zmqxyoNxArnI0Tk9WrKuDAZJRB8Ak0AVfifwjOw6NaDk5k4oSNt4FdsDbFSdbGGtYvCNWcSvPdZ9AH-ZaYBbWQ_0Hm5af8nKWbcC5L51upwDDL-Vf4cv4BXJY8LShFIkq3AA_sMkPxqWhKnmImA9rLfik8cannxDsh2UGpsNZTkHIY8bQkzVrsapFXDeiQtG1ohom_JkBOGAH3NsChWoeB2rbz2aOdzpmfIDL3T5eRNgJ-TbB4w5wiIO2VJsponieHfZKeqRHMn1Wnm0YoOWliqy0h1B01lLX2sKn6Ycdh94R9C9pV1NrlHHFkgbnjuJU-0vaStPdCGSBk5_jB_aUcxyNRBB8OwJwL7bvwG_OT1o0G82qTUKphdsh0OlTPxwg1EUXsZ67_19IsC4Xp7d7f9aylEovDGv3aSSrtKWI75m003PfPM1Uwex3vfLNCBrfcFUbaRcxiW_7tRpfyuNjIBtguRtvJN_REki9aePq_voDfr-k_m6TGTs8Sw6k9NzaXzoC6OBGdtdXEVnLQxawzVNB6kExoSusMLDkGN7tub1mabm7gaoCQEmO4FgXCgCBsWzZO6JWth4KDyaCe7MT9hVoNAjmdPJrd65Y5OcPjkRkvP3Bd5cSEzR_AvfXRVn10iV2USf0wmUEk973KHo4TxkYr4IUyvoBIcNJslQp-057l24LvQdqkPmS2aPnFR8mp5s38gH3V25UhyqIGQ5XWt3WNE-AcsubibVVKwoD3p_kBSLnq3cyRle6ozaELJS33aFBsIXbYrJ99Iy0M__AZCBn-BkBtfWw5rmldIzi8UfVhiMRdfmPdkS_0TjBzQx_Zk-_8NRZE-3D0vM93_LLvwMwgIvSzGK3RcJby_uu2TN8fj0dEA7UHu_V8bpy3xTIfh4UBFezLVkD8NX1wglJNnhKzqpfOOAqWJ3_1r6WEO2nFPiQJdONbnfDTT5FBl-4YTH0La_mPoyrRNKJJ1JSWN912NpOT9nb6di5TZLMBZpyt867kvAUSPaZxxnG62qNIIzvkQjEUnGrSm8W9Ba42KUw5QsP3JSk5-YwOJKNNh1PTTOnKsujxbPG3oZo2Mf6pUb98v3xAtorGp4bHcQqOhJDS-fkKm1DbHI1sOslj4VW2iw60l1qlOQj1Pbf_sEEqE9LtfNiSmmu3vDqpNZVLNN6geL4pVByNRCW1qdTmc9fN0FBFmDu_O0QPvgdsO5mOqpnTBOvzj_EfMgHpYbwZO2Jrq-ePhOiRueeH-12dtYEId1y2xkWqpol7R209RvXlAqZT8oJU3A9VuD0nkGzeDOFRApWejXSM2BrOL1dWX_agemMqjHi4iAl0P9DIWPXMViMeoI9DhMU51PsamMXhQW5L3ks6A6uh4EHYKGDMG57Ufd9S_Ntc5t15mUeAj0vCv6bQr6KOm09o-h8xBFLMgmVITa-KA-D4h4DrvSIPR1wNgsHMyLkI0gVnVVXd_l2fyDx12wgW3gnW1GvM3Ru6wQI3ooqeXWihjS_7gbYAWE-ZODKgWYa2SELad5iEfeE6GkheQoa1PAJy9Kr1reHIzj4SemH_0lUOHAL2109nN4azQ6NxrybNOZd-O33IaiZUtqyaO5CKIqwKHFeSmBMa0GSkcm-FvvN_e9D9SCx9hICV2M_T42AA9Xp4sI48gZqotwI-7SGoA_oB_A2D4ofCWv1poXUT4dNjfzVHQL4fOFLDCHKIMb6BPMtnE9QdwskXWrqEuYDd-YV14XjTTiCjtY28IMSnSPPRLr4BWPubxw4fQQnpOQBjfODDYw2uvNUhQLyEd_QuOAGNenU9Q1rwrSsXGmv30bAi4xCxMp6xdXkpc5PcU__0JEOFL3qYvYhOOqb1Kk3l0UeVTzEJyeiZ6kY0ji2O6XUppM64r0Oha4tQmxCzRb8Uj6qMaJJ39MYrJj4ybza3fGsltAwOl3-x8KYImJ8TbFFqcovBhXTeU0bDhvtxSYkFTE8SPmn8WnOAF860dxPv328m7JJMXvppnDTMVZxvkL7SXmwRgpCB9VsiV6ga2kQAmHKa-1XDVwIZ_uT7y_oksbReUY72eQeWPCcJ5ukMwhgKdjcz_G8PBZNrAVjs87B3UtB_ijKlSisqXR02e62206YNqA7z_apndD-iUZWgV0f6CAbNo5EV3rFaTSbJ9Chf7Nzkgc-b2OFBPXHL3U7byKZUJ-e3dW2aH_P3OxQxGMsTIEK9oyNIj6ZKRl78rXrGhLTjdrSLz-MRhbYecdYxITzuK4vBtpxU2mUJNJt72v5yAV4_x7F8oG2dFv1oeCpX2KDlvpPMH0WOe_AyBDJbOz5GNKVg63wcTZKMUcLng4sAGle_21FrQ46bQI34Qo9IFaviGr5VReumeWOfepOab4utpBhFkpeqbUGyudzcRbtfSWiu20hW4-K-A&cid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZubyIvznxbhCtR1KNuMYAQ&pr=8%3A6C2F84F88188DA3F&vpa=click&vpmute=0&sdkv=h.3.560.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=3288127539&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.560.0&sid=C7F1BA70-0271-4915-BC2A-25C63D53F7AA&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwin2012r2.com%2F&dt=1678153786593&ged=ve4_td9_er987.1404.1140.1704_vi0.0.1200.1600_vp65_eb20072
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f154.1e100.net
Software
cafe /
Resource Hash
e2ef715665d8210e998e03cb3f1a4357589a49ac7dec42a3513712e8722f7318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16498
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 3797
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8a75893f6b215e8485c67c5d4fe6e31
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8a75893f6b215e8485c67c5d4fe6e31
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.19 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

AN-X-Request-Uuid
c1ee0a6a-9334-44d4-a453-50fa5a6536fe
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Mar 2023 01:49:46 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f0e68b2838a-KIX
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8a75893f6b215e8485c67c5d4fe6e31
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame BEFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7a3f2f112d091a26-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
6496980970204499328
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 2A47
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/6496980970204499328
0
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/6496980970204499328
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f10db77838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/6496980970204499328
csi
csi.gstatic.com/ Frame 983E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lexlfowj&c=1312555354233&slotId=656277677116.5&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.126.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
oa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d9e95577-1d4d-4c6a-9037-811ae54d6c81&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 8410
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/d9e95577-1d4d-4c6a-9037-811ae54d6c81&partner_id=1010
0
594 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/d9e95577-1d4d-4c6a-9037-811ae54d6c81&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f102a9f838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/d9e95577-1d4d-4c6a-9037-811ae54d6c81&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lexlforo&c=1312555354233&slotId=656277677116.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.126.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
oa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15
r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,ita...
4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/201A7C4AFB0148AAD49E69BE0A25373FB8FE8BB0.2894ADCDAE52BC12C4034B7B55D991976FB769DA/key/cms1/cms_redirect/yes/mh/8v/mip/223.216.76.27/mm/42/mn/sn-3pm76nes/ms/onc/mt/1678153478/mv/m/mvi/4/pl/15?cpn=_HzJ0GiXfnE-Gaj0&file=file.mp4
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
74.125.106.73 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix05s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Mar 2023 07:44:27 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-4411524/4411525
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4411525
Expires
Tue, 07 Mar 2023 01:49:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/201A7C4AFB0148AAD49E69BE0A25373FB8FE8BB0.2894ADCDAE52BC12C4034B7B55D991976FB769DA/key/cms1/cms_redirect/yes/mh/8v/mip/223.216.76.27/mm/42/mn/sn-3pm76nes/ms/onc/mt/1678153478/mv/m/mvi/4/pl/15?cpn=_HzJ0GiXfnE-Gaj0&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
668
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LEXLFK09-7-IR3B
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 8A08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LEXLFK09-7-IR3B?gdpr=0
0
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LEXLFK09-7-IR3B?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7a3f2f105afc838a-KIX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LEXLFK09-7-IR3B?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
content-length
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6358988783605550458&gdpr=0&gdpr_consent=undefined
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6358988783605550458
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6358988783605550458
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6358988783605550458
x-kong-upstream-latency
10
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6358988783605550458&gdpr=0&gdpr_consent=undefined
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6358988783605550458
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6358988783605550458
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6358988783605550458
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=undefined
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5358275005561920827&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=1299ab47-06b6-4413-9268-36e9fe4c618d&name=BIDSWITCH&gdpr=&gdpr_consent=
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=&gdpr_consent=&name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=1299ab47-06b6-4413-9268-36e9fe4c618d
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=&gdpr_consent=&name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=1299ab47-06b6-4413-9268-36e9fe4c618d
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=&gdpr_consent=&name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=1299ab47-06b6-4413-9268-36e9fe4c618d
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike
  • https://creativecdn.com/cm-notify?pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=f3nEWoZhxrOawts6P1fR&name=RTB_HOUSE&pi=adyoulike&tc=1
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=f3nEWoZhxrOawts6P1fR
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=f3nEWoZhxrOawts6P1fR
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=RTB_HOUSE&pi=adyoulike&tc=1&uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=f3nEWoZhxrOawts6P1fR
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame 3E1D 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=fa95a31fe9d38e7279f1ac94b98aeaf9
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.62.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-62-95.nrt20.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
via
1.1 174ba2b7341fa54ff0e5da2d0fb24322.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C4
x-amz-cf-id
PFxuO-72sh1mB8gRuk-LYRx8-M6B8fHa9zraHcrtQeCsEwNrdTuVdg==
x-cache
Miss from cloudfront
aul
match.prod.bidr.io/cookie-sync/ Frame 3E1D 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/aul
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.111.66 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-111-66.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain
sync
vid.vidoomy.com/ Frame 3E1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D8fbd69cc083d6399099e25c303aa5e32%26visitor%3D%7B%7BVID%7D%7D%26name%3DVIDOOMY&gdpr=0&gdpr_consent=undefined
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.31 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&name=THE_TRADE_DESK
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=THE_TRADE_DESK&uid=8122fdac60517b1efe1389612f3dfb34&visitor=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=THE_TRADE_DESK&uid=8122fdac60517b1efe1389612f3dfb34&visitor=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=THE_TRADE_DESK&uid=8122fdac60517b1efe1389612f3dfb34&visitor=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
x-kong-upstream-latency
10
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
csync.loopme.me/ Frame 3E1D 		0
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TT...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TTFZRW63JPOZUXG2LUN5ZC643ZNZRT6ZLYMNUGC3THMU6WCZDZN52WY2LLMUTGOZDQOI6TAJTHMRYHEX3DN5XHG...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=RMmwO7_haW1b6Co01lSM
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=RMmwO7_haW1b6Co01lSM
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=RMmwO7_haW1b6Co01lSM
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=RMmwO7_haW1b6Co01lSM
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TT...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGLLXMVZXILJSFZXW23TJORQWO2TTFZRW63JPOZUXG2LUN5ZC643ZNZRT6ZLYMNUGC3THMU6WCZDZN52WY2LLMUTGOZDQOI6TAJTHMRYHEX3DN5XHG...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=RMmwO7_haW1b6Co01lSM
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=RMmwO7_haW1b6Co01lSM
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=RMmwO7_haW1b6Co01lSM
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=RMmwO7_haW1b6Co01lSM
x-kong-upstream-latency
16
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://sync.e-volution.ai/4460e88f3323cf4d9f4263656a846075.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dfcd0c0bfff5af32579cdcdb6ff804bf8%26visitor%3D%5BUID%5D%26name%3Dev...
  • https://visitor.omnitagjs.com/visitor/sync?uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9285c005-457f-4dae-912f-8d0b873c85f9&name=evolution
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9285c005-457f-4dae-912f-8d0b873c85f9
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9285c005-457f-4dae-912f-8d0b873c85f9
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=evolution&uid=fcd0c0bfff5af32579cdcdb6ff804bf8&visitor=9285c005-457f-4dae-912f-8d0b873c85f9
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08d02204203481a2ac2cf407&gdpr=0&gdprConsent=undefined
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=undefined&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08d02204203481a2ac2cf407
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=undefined&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08d02204203481a2ac2cf407
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdprConsent=undefined&name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=08d02204203481a2ac2cf407
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-645333c5-1119-432a-4a50-24c0017d56e2$ip$223.216.76.27&name=STACKADAPT
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-645333c5-1119-432a-4a50-24c0017d56e2%24ip%24223.216.76.27
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-645333c5-1119-432a-4a50-24c0017d56e2%24ip%24223.216.76.27
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=STACKADAPT&uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-645333c5-1119-432a-4a50-24c0017d56e2%24ip%24223.216.76.27
x-kong-upstream-latency
13
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://cs.admanmedia.com/4b8f8957881b0c14cfc1656ea578b9f9.gif?&redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dac67699ebc4111389a3cf1998c4bd2dc%26name%3DACUITY%26visitor%3D%5BUI...
  • https://visitor.omnitagjs.com/visitor/sync?uid=ac67699ebc4111389a3cf1998c4bd2dc&name=ACUITY&visitor=a3cf1e83-29af-4774-b174-6bcf5fc376dd
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=ACUITY&uid=ac67699ebc4111389a3cf1998c4bd2dc&visitor=a3cf1e83-29af-4774-b174-6bcf5fc376dd
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=ACUITY&uid=ac67699ebc4111389a3cf1998c4bd2dc&visitor=a3cf1e83-29af-4774-b174-6bcf5fc376dd
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=ACUITY&uid=ac67699ebc4111389a3cf1998c4bd2dc&visitor=a3cf1e83-29af-4774-b174-6bcf5fc376dd
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D4b30a0b1f289a261ab592e1e53c126eb%26name%3DSOVRN%26visitor%3D%24UID&gdpr=0&gdpr_consent=undefined
  • https://visitor.omnitagjs.com/visitor/sync?uid=4b30a0b1f289a261ab592e1e53c126eb&name=SOVRN&visitor=GRKNCBZHu6GmWJstQzOlNICU
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GRKNCBZHu6GmWJstQzOlNICU
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GRKNCBZHu6GmWJstQzOlNICU
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=SOVRN&uid=4b30a0b1f289a261ab592e1e53c126eb&visitor=GRKNCBZHu6GmWJstQzOlNICU
x-kong-upstream-latency
16
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D171e1b3d878c5443361586e41274318e%26name%3DADMIXER%...
  • https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
1
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Date
Tue, 07 Mar 2023 01:49:48 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=d43443fb-392d-5442-9fa1-7e87fba7e6b2&name=BETWEENX
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=d43443fb-392d-5442-9fa1-7e87fba7e6b2
49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=d43443fb-392d-5442-9fa1-7e87fba7e6b2
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=BETWEENX&uid=bf39a6af2a15b80f82f7ff725f351919&visitor=d43443fb-392d-5442-9fa1-7e87fba7e6b2
x-kong-upstream-latency
12
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 3E1D
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=32321738-2cdf-4b27-a930-00a7a70033c4&name=BIDTELLECT
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=BIDTELLECT&uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=32321738-2cdf-4b27-a930-00a7a70033c4
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=BIDTELLECT&uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=32321738-2cdf-4b27-a930-00a7a70033c4
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=BIDTELLECT&uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=32321738-2cdf-4b27-a930-00a7a70033c4
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
711333.gif
id.rlcdn.com/ Frame 3E1D 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=undefined
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync.html
s.spotim.market/ Frame 8A04 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.202 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
48b795b64d2d1ada005c2110016af0c5ad5409343d2df62ad5e6ac86a66a1bf3

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1162
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Mar 2023 01:49:49 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 32BA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144880
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Mar 2023 01:49:46 GMT
expires
Wed, 08 Mar 2023 18:04:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0573
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 32E3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame D14B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame C6BD 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
ee50aa23b033c69ad2cfb3615243795b2b63ed690e788ccf2512c1eeb8a26b00
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1131
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F5D8 		962 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=undefined
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cg39gemsqcic73cpo3j0&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
851a3b54ab6378ac9fc94bc97231768d2ffe8aab85e8b32036ecd182a447ba18

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
962
content-type
text/html
date
Tue, 07 Mar 2023 01:49:46 GMT
tm.png
ads.themoneytizer.com/media/ 		0
0
tm.png
ads.themoneytizer.com/media/ Frame 7460 		228 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.themoneytizer.com/media/tm.png
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/lib_watermark.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.30 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop
tokyoJP
date
Tue, 07 Mar 2023 01:49:46 GMT
x-cache
HIT
x-77-cache
HIT
x-age
74715
content-length
228
x-77-nzt
AVm7oB2Zg/r/2yMBAA
pragma
public
x-accel-expires
@1678165471
last-modified
Mon, 07 Nov 2022 09:00:04 GMT
server
CDN77-Turbo
x-77-nzt-ray
f5cf380cb0ac58793a98066408dfcf39
content-type
image/png
cache-control
max-age=86400, public, no-transform
accept-ranges
bytes
expires
Tue, 07 Mar 2023 05:04:31 GMT
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 7CF0
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/sync?uid=2fe1084ffe44c28350116ec0a0a1c2d1&name=PUBMATIC&visitor=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=PUBMATIC&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
49 B
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=PUBMATIC&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160925&predirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26name%3DPUBMATIC%26visitor%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Tue, 07 Mar 2023 01:49:47 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
5

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Mar 2023 01:49:47 GMT
expires
0
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=PUBMATIC&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
x-kong-upstream-latency
7
sync
visitor-fra02.omnitagjs.com/visitor/ Frame F5D8
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=6496980970204499328&name=SMARTADSERVER&gdpr=0&gdpr_consent=
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=6496980970204499328
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=6496980970204499328
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&name=SMARTADSERVER&uid=9276a8c8d010b77af50144c60047b781&visitor=6496980970204499328
x-kong-upstream-latency
18
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame F5D8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=RMmwO7_haW1b6Co01lSM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=RMmwO7_haW1b6Co01lSM
43 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=RMmwO7_haW1b6Co01lSM
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=RMmwO7_haW1b6Co01lSM
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame F5D8
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fa95a31fe9d38e7279f1ac94b98aeaf9&gdpr=0&gdpr_consent=0
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fa95a31fe9d38e7279f1ac94b98aeaf9&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=fa95a31fe9d38e7279f1ac94b98aeaf9&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
4
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
redir
rtb-csync.smartadserver.com/ Frame F5D8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4NE7IDTAAACCtMn4Psg&gdpr=0
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4NE7IDTAAACCtMn4Psg&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4NE7IDTAAACCtMn4Psg&gdpr=0
Date
Tue, 07 Mar 2023 01:49:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame F5D8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Tue, 07 Mar 2023 01:49:47 GMT
Server
MT3 569 46451a0 master nrt-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Mar 2023 01:49:46 GMT
usync.js
eus.rubiconproject.com/ Frame D14B 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21974
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
usync.js
eus.rubiconproject.com/ Frame 0573 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21974
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
usync.js
eus.rubiconproject.com/ Frame 32E3 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21974
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
sync
visitor-fra02.omnitagjs.com/visitor/ Frame D14B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LEXLFK09-7-IR3B&name=RUBICON&gdpr=0&gdpr_consent=undefined
  • https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=RUBICON&uid=3496f2c9155784213a7b528f78bb441a&visitor=LEXLFK09-7-IR3B
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=RUBICON&uid=3496f2c9155784213a7b528f78bb441a&visitor=LEXLFK09-7-IR3B
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=undefined&name=RUBICON&uid=3496f2c9155784213a7b528f78bb441a&visitor=LEXLFK09-7-IR3B
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
serve
srv.imonomy.com/script/layer/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.imonomy.com/script/layer/serve?v=2&format=1&img=true&cid=layer_fr&isps=false&cbs=0.9015822380532694&ln=ja&sid=14567609857&terms=&httpsite=true&keywords=&dm=win2012r2.com&charset=UTF-8&ttl=Windows%20%u5B9F%u8DF5%u30AC%u30A4%u30C9&ln=ja&ct=0&w=1600&h=1200&pxr=1&ppi=96&adl=true&loc=https%3A//win2012r2.com/&dm=win2012r2.com&rtb_highest_price=
Requested by
Host: tag.imonomy.com
URL: https://tag.imonomy.com/script/14567609857/preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.73.116 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip-158-69-73.eu
Software
nginx/1.20.1 /
Resource Hash
cb7855254c5dc035b96e46edd2c0986e23dab15c038c02c02854e6ceba5e11a6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:48 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Etag
"d88aecf3be8d12ff7750cf19566c1bca95ddad6d"
Vary
Accept-Encoding
Content-Type
application/javascript
P3p
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Cache-Control
public, max-age=360
Content-Length
6460
/
track.adform.net/Serving/Cookie/ Frame 83FB 		92 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3798d91a52821f038db87bf0b13e8cb89c1621a9ae179bba739995bd15cd8c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
199
expires
-1
usync.html
eus.rubiconproject.com/ Frame C0B6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad
  • https://eus.rubiconproject.com/usync.html?p=publicidad
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:47 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad
server
AkamaiGHost
sync
ups.analytics.yahoo.com/ups/58170/ Frame 83FB
Redirect Chain
  • https://pixel.advertising.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
H2
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
date
Tue, 07 Mar 2023 01:49:47 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.25
content-length
370
content-language
en
/
sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/ Frame 83FB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-Dhmc7DtE2uHt8uDNURDbEiWRS_hg4gHFxJtGQQA-~A&gdpr=0
95 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-Dhmc7DtE2uHt8uDNURDbEiWRS_hg4gHFxJtGQQA-~A&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/png
date
Tue, 07 Mar 2023 01:49:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-Dhmc7DtE2uHt8uDNURDbEiWRS_hg4gHFxJtGQQA-~A&gdpr=0
date
Tue, 07 Mar 2023 01:49:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 83FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6358988783605550458
95 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6358988783605550458
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/png
date
Tue, 07 Mar 2023 01:49:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Tue, 07 Mar 2023 01:49:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3c01ac30-48f3-4b25-a5f4-5fb5c6f5c577
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=6358988783605550458
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 83FB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=6004bbcb-7f27-4c95-94d2-0zz1678153781
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drichaudience%26bsw_param%3D1299ab47-06b6-4413-9268-36e9fe...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e1b36406-9833-4700-987f-7a2b103fd427&expires=30&ssp=richaudience&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_ps=
95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/png
date
Tue, 07 Mar 2023 01:49:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=&us_ps=
Date
Tue, 07 Mar 2023 01:49:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
partner
sync.search.spotxchange.com/ Frame 83FB
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=202100&gdpr=0&gdpr_consent=
  • https://sync.search.spotxchange.com/partner?source=202100&gdpr=0&gdpr_consent=&__user_check__=1&sync_id=5761c6e3-bc8a-11ed-a1a5-169d53a90107
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&gdpr_consent=&uid=CAESEMKQbwtbJaGXdEsA3ygGppQ&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.search.spotxchange.com/partner?adv_id=7028&uid=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&img=1
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZAaYNgAKc_wqmQBh&img=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://tg.socdm.com/aux/idsync?proto=spotx
  • https://sync.search.spotxchange.com/partner?adv_id=8554&uid=ZAaYNsCo5ugAAD2MO1IAAAAA
  • https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.search.spotxchange.com/partner?adv_id=6653&uid=e1b36406-9833-4700-987f-7a2b103fd427&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/spotx/5761c6a6-bc8a-11ed-a1a5-169d53a90107?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.search.spotxchange.com/partner?adv_id=7283&uid=y-xs0foUVE2oPSSYosc9BTp3MHYC0CFV8UFjU-~A
  • https://x.bidswitch.net/sync?ssp=spotx&gdpr=0&gdpr_consent=&us_privacy=
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=spotx
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=ZAaYNsCo5ugAAD2MO1IAAAAA&expires=30&ssp=spotx
  • https://sync.search.spotxchange.com/partner?adv_id=7310&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
HTTP/1.1
Server
103.71.26.126 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:49 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
7
Connection
keep-alive
Content-Length
43

Redirect headers

Location
//sync.search.spotxchange.com/partner?adv_id=7310&uid=1299ab47-06b6-4413-9268-36e9fe4c618d
Date
Tue, 07 Mar 2023 01:49:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame C6BD
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=undefined
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
17c962550296893d145ef1b8078fc6d6
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C6BD 		42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=icbfG365vDW5ZH5az6icaWfXqnAX4eAzS1cOgAdofd4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame C6BD
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=undefined&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
date
Tue, 07 Mar 2023 01:49:46 GMT
content-length
0
/
onetag-sys.com/match/ Frame C6BD
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=undefined&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
date
Tue, 07 Mar 2023 01:49:47 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame C6BD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=undefined
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
date
Tue, 07 Mar 2023 01:49:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame C6BD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&google_hm=MTI5OWFiNDctMDZiNi00NDEzLTkyNjgtMzZlOWZlNGM2MThk
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEEi_7H4xLc1qO4j8ELrPlsE&google_cver=1&ssp=onetag&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d
  • https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 07 Mar 2023 01:49:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor-fra02.omnitagjs.com/visitor/ Frame C6BD
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=icbfG365vDW5ZH5az6icaWfXqnAX4eAzS1cOgAdofd4
  • https://visitor-fra02.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=icbfG365vDW5ZH5az6icaWfXqnAX4eAzS1cOgAdofd4
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=icbfG365vDW5ZH5az6icaWfXqnAX4eAzS1cOgAdofd4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=icbfG365vDW5ZH5az6icaWfXqnAX4eAzS1cOgAdofd4
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame C0B6 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:47 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21974
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
event.png
tpsc-ae1.doubleverify.com/ Frame 9BDB 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=eaf5009a9a6243dd977021e38ced2933&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=673&eoid=14&msrjs=3556&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=58&tetms=15&msltms=78&vltms=673&sei=289&vetms=6&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=2032&isumms=2032&nvr=2&isgmmims=2032&isgmv4mims=2032&elmtp=6&isbxdms=2732&b0=807&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&lftb=807&sftb=807&msrdp=3&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=2032&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3707&cbust=1678153787450647
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3556.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:47 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
03/06/2023 01:49:47
/
sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/ Frame C0B6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
95 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad
Protocol
H2
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/png
date
Tue, 07 Mar 2023 01:49:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
event.png
tpsc-ae1.doubleverify.com/ Frame 60A2 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=f94f1c8c7e78449682629d7fde1b10e6&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=283&eoid=14&msrjs=3556&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=58&tetms=8&msltms=61&vltms=283&sei=290&vetms=7&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=10&isumms=10&nvr=2&isgmmims=10&isgmv4mims=10&elmtp=6&isbxdms=2317&b0=2501&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&lftb=2501&sftb=2501&msrdp=1&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=10&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3295&cbust=1678153787595192
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3556.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:47 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
03/06/2023 01:49:47
csi
csi.gstatic.com/ Frame 983E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lexlfp0s&c=1312555354233&slotId=656277677116.5&fb=ima_html5-lima&sdkv=h.3.560.0&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=10&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.126.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
oa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 983E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.560.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 20:03:23 GMT
64c38ad2-37b4-46bf-8129-954a08983901
beacon-sjc2.rubiconproject.com/beacon/v/ Frame 983E 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-sjc2.rubiconproject.com/beacon/v/64c38ad2-37b4-46bf-8129-954a08983901?oo=0&accountId=24548&siteId=427180&zoneId=2436742&sizeId=277&e=CBADCB97774921C62FF4CF18895774A2F9DBFCD76BA5FEF6CEC2AECDE0E14CE0753BBA1C0AB8D86A71669BF6101DF2ED02EA74D30A042A40ED1A14246918F62DFD9A6AEFDDE63BC55FEB23BA8AC97C0D42FFED8556A59B2DF26C573B62537D3930FF1B5C1DFB98C9B8B23CECFA3CD45B5F89C29AD8D45B4099BDE732D0CCEE7D5188D8698444422724F5207A2458AD7717B9BADD7848C9AA1802AC18EFB113A189B0B51E472EE444C65A86A931EF63CD8CE2454A44FCC666CDA10306204D320B
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.164 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:48 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 983E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 983E
Redirect Chain
  • https://um.simpli.fi/rb_match?gdpr=0&
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1B32369227AF48F1ABF9116409EA6EC6&expires=365
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1B32369227AF48F1ABF9116409EA6EC6&expires=365
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 07 Mar 2023 01:49:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1B32369227AF48F1ABF9116409EA6EC6&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Mar 2023 01:49:47 GMT
tap.php
pixel.rubiconproject.com/ Frame 983E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEacRvXJBIg7h0GmiHFcu_Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 983E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?gdpr=0&bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC4NE7IDTAAACCtMn4Psg&expires=30&gdpr=0
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC4NE7IDTAAACCtMn4Psg&expires=30&gdpr=0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC4NE7IDTAAACCtMn4Psg&expires=30&gdpr=0
Date
Tue, 07 Mar 2023 01:49:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 983E
Redirect Chain
  • https://token.rubiconproject.com/token?gdpr=0&pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gD_0s1IaVVEeBAhKw3tAdw?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 07 Mar 2023 01:49:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGjyMPhE2oLMhxMEvpMu.2XrWxFwp3V5.VlXIw--~A
content-length
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 983E 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ipredictive.com/d/sync/cookie/generic?gdpr=0&https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D17149%26nid%3D2861%26put%3D%24{ADELPHIC_CUID}%26expires%3D30
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.142.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-142-231.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:48 GMT
Connection
keep-alive
X-CI-RTID
e1fe2ac8-cdcb-4136-aea9-521783e75faf
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 983E
Redirect Chain
  • https://sync.mathtag.com/sync/img?gdpr=0&mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e1b36406-9833-4700-987f-7a2b103fd427&expires=28
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e1b36406-9833-4700-987f-7a2b103fd427&expires=28
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Tue, 07 Mar 2023 01:49:47 GMT
Server
MT3 569 46451a0 master nrt-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e1b36406-9833-4700-987f-7a2b103fd427&expires=28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Mar 2023 01:49:46 GMT
tap.php
secure.adnxs.com/gdpr=0&https://pixel.rubiconproject.com/ Frame 983E
Redirect Chain
  • https://secure.adnxs.com/getuidnb?gdpr=0&https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://secure.adnxs.com/gdpr=0&https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6358988783605550458&expires=30
0
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/gdpr=0&https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6358988783605550458&expires=30
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Server
103.43.90.21 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:48 GMT
AN-X-Request-Uuid
5ded5509-b301-43ba-a54f-f7cc43fd371b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date
Tue, 07 Mar 2023 01:49:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0844d380-2c72-4b3c-96f2-b2269fb38980
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
gdpr=0&https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6358988783605550458&expires=30
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
impression
post.update.rubiconproject.com/2/873648/ Frame 983E 		0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://post.update.rubiconproject.com/2/873648/impression?gdpr=0&cb=1678153781&ip=223.216.76.27&ti=64c38ad2-37b4-46bf-8129-954a08983901&pv=7b61462b-eeb0-4a53-8c21-6f2325299c09&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F110.0.5481.177%20Safari%2F537.36
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.76.3.9 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-3-9.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
googleads4.g.doubleclick.net/pcs/ Frame 983E 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrnDn-IXVCpWpOjYPiXTNhiFyVe1VU0dJXuO1Qv5H1d0e_pYPqrzNR9GT3BEzkEqKyhE9XqnlvrczI8qjeTBFqjrN7ZXLvavoC0FfLQT7WTFWFTQbSTm8JF9FZBIPAvYwwGYVy6v-kkZOGmQSyuMgLAWU4WijCgPDi7wZMEcE-l0b5BFYHmzvaZ4OAvHRBdFJoqwG00FQK58vYlMD4YfSKY2oDIcYolB3r9B_M3s-0lpnNODKucLqjcnueU-LnDgwY0aIM1EVxqxul65V839QIXgxZu4z8wYSALz0R4Z4Lb0-b7ceUbtKRKCGYeJDJ8IH6IwGLPLX-K99-Ifuk3eWg0bj7Wpg5aSmlhzFOyiVdlkHrCVs7XS_qcy6S7fX3KR732x9eDD5ubLturJmSAZb2OTDQFEyc3UX1FpZVs7S3d3S3nrb5Tfr5miNmOgGH4BLhg5P-AD2mboIWmHGOWsA7A9C5PwLXlOKpAEimkBf6snh4pwydygHSUY_ZgDoFwympaJQCw92LdwK0MjJSmNI-enBQJ1pwsgAbZXOBs1cLMB1b3AbUMv4CdWhI01XF4vWyWbm6zDg2yNmJ6W40rGl3ZW2yzQJoa2wP1CiPWusOkajiSyYbh7sdr_FWjrd7RnoQfdzEfSiJ4oQwhWNYVLTCADzXa0WYa4yW-fztGnEWfp92K65OXRRRyMAxQZ8dvfQDfQnSS2D4T9Q3b63OTC0AIpm3RMjyZ9TUtYsCNovXajCzFPa3vDdam0j8nf4O5yJCc69uC1SEo7Gyfvwunzc84efc5Cgh7Ed_8D3p_ZjJeD7Qs7BLe4VF1N19kZ8nkPsJBJ4h_oKTT1Cjj1M4E5xb5OShG2xllc3i76QpuDz8WVyyRNL9KoYWv4tvfkt-AlSYZ-Pf-zg0OibHhfznA8-mx-QfSVIFJ0ELyzYyrylMzKiBLz_0TVkeqtkKLvaKqku_OwglH8FEpsMVxVnjieQQbEPWAdpe4umrgmzqk06KbgMv0gdmgmKVqqviCieW8f5KkpQgueRCBv77dqzC9BoSYz38_YM6qg59XA62UHck--GlGmUSLNt0HrqF_pxKo_O7titD46EyVL3N1CMRoejUgOGLh6zp60LQVd9p3MTGub2ESdvteyJaCQkNjInaMzt26VPVW0WO2ee12KH60gVcwfMks6xIIsNLzsbOJA9pafpCUS7eBqwV1-0Xny5RTd_D84f9dbIsxZm8Bg27zsguB7mKh9ES3Dtmmr4MIcQDvYSx&sai=AMfl-YREOYO3CUkjQgA4gbzJ6MwbWEP1typjsLlxb2txtMlMll_UfaQDW0E3x5rceE4zLKEVn-37M7CpDzHxCDvJu0nThWttu1093QT9dzDtHIHxUBarKPx9OhX_URhlZMRJIjZe__tQta4ChhwESEJ-7XvDvhjXTww9ok9B-RHkFKtT3zvErIiDTPktOZVaA-kJ7t5X_q0aPqNTeZF70gJ9O2RJQdWgy4AwopevJzSfGtBEfiOkEooukFwoEQJYJjKUH7fowMw0d_TjEVAaZSJu&sig=Cg0ArKJSzLMtnzV9ilkqEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&pr=8:6C2F84F88188DA3F&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.560.0&adurl=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
cs.adingo.jp/sync/ Frame 983E
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjK2-8CEPme9PECGIaJ1-IBIAEwAQ&v=APEucNWXUTfSrArxOG9z3TmSOL3pszAgkZV5AqWFxVhbCB6AxET52UNhG-HGzytWtyqKVgs7cQsGCSVXd1VVvljMXIjfNWgSFgEmTNHNAJwhSRGKBnH...
  • https://cm.g.doubleclick.net/pixel?google_nid=adingo_dbm&google_cm&google_dbm&gdpr=0
  • https://cs.adingo.jp/sync/?from=dbm&id=CAESEHhtvlAkzpfCnmtf35Rg4aY&google_cver=1&gdpr=0
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=dbm&id=CAESEHhtvlAkzpfCnmtf35Rg4aY&google_cver=1&gdpr=0
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
52.199.221.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-221-43.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
image/gif
server
nginx
expires
Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.adingo.jp/sync/?from=dbm&id=CAESEHhtvlAkzpfCnmtf35Rg4aY&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
64c38ad2-37b4-46bf-8129-954a08983901
beacon-nf.rubiconproject.com/beacon/v/ Frame 983E 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/v/64c38ad2-37b4-46bf-8129-954a08983901?oo=0&accountId=24548&siteId=427180&zoneId=2436742&sizeId=277&e=498E45A22EEBCA463E95EA2CE324C625C186975077611471443791BBDE4180C04D0E5A579A52CBAF55EA24AF1F878B6DAAF3145249F18F5DA2639E60186246263677EEBE1842E808BA7C998DD14C95E24F651F3EAC8A5ADF086EE7C5F3A07E5975A7A6AC1FF8C69D4EB5A54A416556B4A4BE2E3A8817B1373C618849DF35BA05E8C79F463573B5FCFDC7548137E43A743B28458BFCE29CE670BFE902E24FBAFB3017E0C452CA49E31FF6A0DEEEA22BD2F64C24F2795691B35EAC93C1C2E7D7E5
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.68 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:48 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 983E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth3LEoFv8iF2qeucu8uneRp6mqpRzdt9MPoVkwXn2s8OZYkPWRW29ADS_LfQFiaaeM6cF7Y_NuAJXMZ18J2P9pA5ZZzvoDHkc&sig=Cg0ArKJSzLLMo713AXnbEAE&id=lidarv&acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D987,1404,1085,1577%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D222%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D890046390%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1372%26pngs%3D9,14,15%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1678153786749&avm=1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZub...
ade.googlesyndication.com/ddm/activity/ Frame 983E 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZubyIvznxbhCtR1KNuMYAQ;eps=CIBhEAEYXzICigI6AoBA;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D987,1404,1085,1577%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D222%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D890046390%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1372%26pngs%3D9,14,15%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1678153786749;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZub...
ade.googlesyndication.com/ddm/activity/ Frame 983E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZubyIvznxbhCtR1KNuMYAQ;eps=CIBhEAEYXzICigI6AoBA;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D987,1404,1085,1577%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D222%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D890046390%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1373%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1678153786749;dc_rfl=0,https%253A%252F%252Fwin2012r2.com%252F%240;ecn1=1;etm1=0;eid1=11;
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
64c38ad2-37b4-46bf-8129-954a08983901
beacon-nf.rubiconproject.com/beacon/v/ Frame 983E 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/v/64c38ad2-37b4-46bf-8129-954a08983901?oo=0&accountId=24548&siteId=427180&zoneId=2436742&sizeId=277&e=F2CC43C24558FA15C186975077611471443791BBDE4180C04D0E5A579A52CBAF55EA24AF1F878B6DAAF3145249F18F5DA2639E60186246263677EEBE1842E808BA7C998DD14C95E24F651F3EAC8A5ADF086EE7C5F3A07E5975A7A6AC1FF8C69D4EB5A54A416556B4A4BE2E3A8817B1373C618849DF35BA05E8C79F463573B5FCFDC7548137E43A743B28458BFCE29CE670BFE902E24FBAFB3017E0C452CA49E31FF6A0DEEEA22BD2F64C24F2795691B35EAC93C1C2E7D7E5
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.68 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:47 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZub...
ade.googlesyndication.com/ddm/activity/ Frame 983E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZubyIvznxbhCtR1KNuMYAQ;eps=CIBhEAEYXzICigI6AoBA;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D987,1404,1085,1577%26tos%3D8,0,0,0,0%26mtos%3D8,8,8,8,8%26amtos%3D0,0,0,0,0%26mcvt%3D8%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D8%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D8%26dfvs%3D8%26dvpt%3D8%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D222%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D890046390%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1375%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1678153786749;ecn1=1;etm1=0;eid1=16;
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
events.missena.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,HEAD,PUT,DELETE,PATCH
Access-Control-Allow-Origin
https://win2012r2.com
Connection
keep-alive
Date
Tue, 07 Mar 2023 01:49:47 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
events
events.missena.io/v1/ 		0
377 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/renderer-sticky-video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/msgpack

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:47 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:47 GMT
Vary
Origin
Access-Control-Allow-Origin
https://win2012r2.com
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
events
events.missena.io/v1/ 		0
377 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/renderer-sticky-video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/msgpack

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:48 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:48 GMT
Vary
Origin
Access-Control-Allow-Origin
https://win2012r2.com
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
events
events.missena.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,HEAD,PUT,DELETE,PATCH
Access-Control-Allow-Origin
https://win2012r2.com
Connection
keep-alive
Date
Tue, 07 Mar 2023 01:49:47 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame EA8E 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
348371
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 01:03:36 GMT
expires
Sat, 02 Mar 2024 01:03:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 83FB 		95 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=5358275005561920827
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5575624622
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/png
date
Tue, 07 Mar 2023 01:49:48 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame EA8E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
match
ads.betweendigital.com/ Frame CDAC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D1299ab47-06b6-4413-9268-36e9fe4c618...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e1b36406-9833-4700-987f-7a2b103fd427&expires=30&ssp=between&bsw_param=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d
Date
Tue, 07 Mar 2023 01:49:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
reporter
srv.imonomy.com/internal/ 		43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.imonomy.com/internal/reporter?v=2&subid=&format=0&ai=990&ctxu=https%3A//win2012r2.com/&fb=false&cid=11,22,26,30,35,57&ab=&cbs=0.8426216888903135&sid=14567609857&terms=&httpsite=true&keywords=&dm=win2012r2.com&charset=UTF-8&timepreload=1678153787117&ptaken=1218&ttaken=1218&ttkan_x=0&sum_ttkan_x=0&ttl=Windows%20%u5B9F%u8DF5%u30AC%u30A4%u30C9&cqt=99&ln=ja&ct=0&w=1600&h=1200&pxr=1&ppi=96&loc=https%3A//win2012r2.com/&dm=win2012r2.com&rtb_highest_price=&rim=true
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.73.116 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip-158-69-73.eu
Software
nginx/1.16.1 /
Resource Hash
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:48 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Etag
"ad6fdcd6bc9b5969566123ca061bde27f6f197cf"
Content-Length
43
Vary
Accept-Encoding
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA8E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.560.0&bgai=Bir16OpgGZIDtJ7aP29gPm721OAAAAAA4AeAEAg&bg=!XV6lXgrNAAbv3-2Ez987ADkAdvg8WqdedWff2fNE1RmS5lmY8AbUayHL0poab3SKe7Hn6SZcNV_w8XTlFxJTwa6PW01CJOSg8jgCAAAAR1IAAAADaAEHCgBPOHvbr-D8dcJGh63CLwa9uLq1u4PhsV1VETxd4fYjsOun4f1hKziAtBigNQ77ePy1gc4kZe_RYQMCNBp477Tsfr5Wrn7XJ_ZsGtKxyczVpJkCzbunb_O2V203TlC0lIFLW4R8UDu0-Fq0Cxf6l5kOdzX5ja10-NHhFfsNJJP9H1gM1eXTn3URRuR3Zsq3FSOoatKuOroRpkrMjp7M67z_YP71Vzo2IG7BjtSxlSbKLW3MrJgtGJHEGYfIP5BI8I62aOpwv7B4gTOWWQRYUym40g-GTR_sWokWA03yhPDuepyNBcxjG-g3JMBcTYUyFv2xYMMwJPUu6m3QkvHOhFfB9-Vzv4sX9o9g2LQKOyJtu-oPBsrflcjH9EHoI5sCjaabbwGeIFS2-BrHV3VbitK_jcLer9ZuqvsT9npCLWMIb6IMVw6H4x7nAq-xExf5Ji15DYSJgludFeHA3yNkAjBBmyNWdKUFnx6DHdorg7P8wC-fWyPWTBXVv3dkDrJCCv6IkfZLyZld9YySw756A4mYHJSQ211LvXf-GbQMHWHK9dLtpps-7B-1mQtiNtvpruWH8-UPhcUlv9D0wtfkuT9yyjDlnEtGGuwTrwlf6j6NxlfdWzCtR79NKjRRkSDy8JBJgaJIGM1a4XOUzyRPJRoe6yvEkN3pau1szlxp9-db77snuLAlXG3tPW8bqqQkak93VAvUZHKFT9woOzHJiAhxL8Q4k9oGXtUA32bA89FQ4EoaSv6J2Y4sW1egmKdHNlEkxUZa4_QfR77-hSILFnAkT9lSvN8E7CQ-zmsGA7U4b0J6m21jaW_ZLHSveUgGKc_SCYL96dgE2bSZ40Q07w5D8NIkDnuc1nA_4SbZwOEkRWSaTWPhL43QdDgqbhxoYNM79eaL0nI_cY6DqUOJ71X7jZT7vMTk0tTDs9S-YfI5Pw9dH6afxlZHypwsnjmh7Xe92b36DYGUvjebBtcIG05YuxAAIiK1rT_HUmtyzh0PSUfgtBNKD4NyN6rTATM2c15lhEmHjafRnLL1kEc9BtcvLy95KpfPpEzvqwTUgxyOUw
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
58b85996-bc8a-11ed-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame CDAC
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARi9sJqgBqIBEFi4WZa8ihHthuAAJZDAZHw*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=58b85996-bc8a-11ed-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=58b85996-bc8a-11ed-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=lYDBIytCbnUOcnCeKPvx3w&
  • https://an.yandex.ru/mapuid/adsniperis/58b85996-bc8a-11ed-86e0-002590c0647c
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/58b85996-bc8a-11ed-86e0-002590c0647c
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Mar 2023 01:49:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 01:49:52 GMT

Redirect headers

Date
Tue, 07 Mar 2023 01:49:52 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://an.yandex.ru/mapuid/adsniperis/58b85996-bc8a-11ed-86e0-002590c0647c
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
sync
fo-ssp-us-west-2.omnitagjs.com/fo-ssp/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-ssp-us-west-2.omnitagjs.com/fo-ssp/sync?attempt=358244ced8d36b2066f77b0b79783e0b
Requested by
Host: fo-static.omnitagjs.com
URL: https://fo-static.omnitagjs.com/fo-static/ot_multi_template.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a2172cdf2408dd9eb7993ac8bc01508fe43164d7ebdb4817d031ec335f6c5827
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:49 GMT
via
kong/2.8.3
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
application/javascript; charset=UTF-8
x-kong-upstream-latency
11
cache-control
no-cache, no-store, must-revalidate
content-length
1123
expires
0
sync.html
s.spotim.market/ Frame EC03 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: fo-ssp-us-west-2.omnitagjs.com
URL: https://fo-ssp-us-west-2.omnitagjs.com/fo-ssp/sync?attempt=358244ced8d36b2066f77b0b79783e0b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.202 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ccc90e84c1edafc202c26371dec791ae548efed7007f434adaece90c508a0506

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://win2012r2.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1166
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Mar 2023 01:49:49 GMT
Server
Adtelligent
X-Robots-Tag
noindex
usync.html
eus.rubiconproject.com/ Frame 50D2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: fo-ssp-us-west-2.omnitagjs.com
URL: https://fo-ssp-us-west-2.omnitagjs.com/fo-ssp/sync?attempt=358244ced8d36b2066f77b0b79783e0b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:49 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 4F24
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Requested by
Host: fo-ssp-us-west-2.omnitagjs.com
URL: https://fo-ssp-us-west-2.omnitagjs.com/fo-ssp/sync?attempt=358244ced8d36b2066f77b0b79783e0b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:49 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
server
AkamaiGHost
sync
vid.vidoomy.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D8fbd69cc083d6399099e25c303aa5e32%26visitor%3D%7B%7BVID%7D%7D%26name%3DVIDOOMY&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.160.31 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
205049845.tyo.cdn77.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
/
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=fa95a31fe9d38e7279f1ac94b98aeaf9
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63538
cksync.php
contextual.media.net/ 		237 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=fa95a31fe9d38e7279f1ac94b98aeaf9
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.108.29 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-108-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 01:49:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Tue, 07 Mar 2023 01:49:49 GMT
adyoulike
s.seedtag.com/cs/cookiesync/ 		0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adyoulike?channeluid=fa95a31fe9d38e7279f1ac94b98aeaf9&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:49 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
sync
visitor.omnitagjs.com/visitor/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D171e1b3d878c5443361586e41274318e%26name%3DADMIXER%...
  • https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:49 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
2
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Date
Tue, 07 Mar 2023 01:49:49 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor.omnitagjs.com/visitor/sync?uid=171e1b3d878c5443361586e41274318e&name=ADMIXER&visitor=d9a6ad880e994b38bee62819bc63d3d1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
711333.gif
id.rlcdn.com/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
matching.ivitrack.com/ 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=ayl&uid=fa95a31fe9d38e7279f1ac94b98aeaf9
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:49 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
activeview
pagead2.googlesyndication.com/pcs/ Frame 983E 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth3LEoFv8iF2qeucu8uneRp6mqpRzdt9MPoVkwXn2s8OZYkPWRW29ADS_LfQFiaaeM6cF7Y_NuAJXMZ18J2P9pA5ZZzvoDHkc&sig=Cg0ArKJSzLLMo713AXnbEAE&id=lidarv&acvw=sv%3D949%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D987,1404,1085,1577%26tos%3D2025,0,0,0,0%26mtos%3D2025,2025,2025,2025,2025%26amtos%3D0,0,0,0,0%26mcvt%3D2025%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2025%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D610%26pst%3D409%26dur%3D30037%26vmtime%3D1856%26dtos%3D2025%26dtoss%3D1%26dvs%3D2017%26dfvs%3D2017%26dvpt%3D2017%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D222%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D16,0,0,0,0%26avms%3Dexc%26qi%3D890046390%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3392%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2025&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1678153786749
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZub...
ade.googlesyndication.com/ddm/activity/ Frame 983E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZubyIvznxbhCtR1KNuMYAQ;eps=CIBhEAEYXzICigI6AoBA;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D987,1404,1085,1577%26tos%3D2025,0,0,0,0%26mtos%3D2025,2025,2025,2025,2025%26amtos%3D0,0,0,0,0%26mcvt%3D2025%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2025%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D610%26pst%3D409%26dur%3D30037%26vmtime%3D1856%26dtos%3D2025%26dtoss%3D1%26dvs%3D2017%26dfvs%3D2017%26dvpt%3D2017%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D222%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D16,0,0,0,0%26avms%3Dexc%26qi%3D890046390%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3392%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2025;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1678153786749;ecn1=1;etm1=0;eid1=200000;
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 50D2 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:49 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21972
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
/
onetag-sys.com/usync/ Frame A9CB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
2218c3ab5ba3a95c5cf8f5ba21269a2236aff62cc9a736681e26fdfb2ea48af2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1147
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 08A1
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=undefined
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Mar 2023 01:49:50 GMT
Etag
0fdd95ba7a4ee43a
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Mar 2023 01:49:49 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9199 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144877
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Mar 2023 01:49:49 GMT
expires
Wed, 08 Mar 2023 18:04:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame C1BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Mar 2023 01:49:50 GMT
Etag
0fdd95ba7a4ee43a
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
85120255-bed7-41e1-8446-dd304443065a
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:49 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection
0
csync
sync.spotim.market/ Frame 8A04
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1678153790691
  • https://ad.turn.com/r/cs?pid=45&rndcb=3010694811
  • https://sync.1rx.io/usersync/turn/7529250236723202089?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-575679b3-c0d2-4e16-9483-d...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:52 GMT
Server
Adtelligent
Etag
0fdd95ba7a4ee43a
Content-Length
0

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
date
Tue, 07 Mar 2023 01:49:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX575679b3c0d24e169483d85e06d0731f004
content-type
text/html
csync
sync.spotim.market/ Frame 8A04
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:50 GMT
Server
Adtelligent
Etag
0fdd95ba7a4ee43a
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
2mbt7fv92gurdbqcu7qeifr57jtkuau6
csync
sync.spotim.market/ Frame 8A04
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdp...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
0
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:50 GMT
Server
Adtelligent
Etag
0fdd95ba7a4ee43a
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
visitor-fra02.omnitagjs.com/visitor/ Frame 8A04
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a&name=OPENWEB
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:51 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:51 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://visitor-fra02.omnitagjs.com/visitor/sync?name=OPENWEB&uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a
x-kong-upstream-latency
15
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame 4F24 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:49 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21972
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
csync
sync.spotim.market/ Frame 2D61
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Mar 2023 01:49:50 GMT
Etag
0fdd95ba7a4ee43a
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Mar 2023 01:49:49 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=1085003678217635962130
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.spotim.market/ Frame EC03
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1678153790691
  • https://ad.turn.com/r/cs?pid=45&rndcb=107356698
  • https://sync.1rx.io/usersync/turn/7529250236723202089?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-575679b3-c0d2-4e16-9483-d...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:52 GMT
Server
Adtelligent
Etag
0fdd95ba7a4ee43a
Content-Length
0

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004
date
Tue, 07 Mar 2023 01:49:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX575679b3c0d24e169483d85e06d0731f004
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF4F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.52.240 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-52-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144877
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 07 Mar 2023 01:49:49 GMT
expires
Wed, 08 Mar 2023 18:04:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame B6D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Mar 2023 01:49:50 GMT
Etag
0fdd95ba7a4ee43a
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
f48a0823-c450-407e-bf72-17e9d2b69463
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:49:49 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=6358988783605550458
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
223.216.76.27; 223.216.76.27; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame E3A4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
2218c3ab5ba3a95c5cf8f5ba21269a2236aff62cc9a736681e26fdfb2ea48af2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1147
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
visitor.omnitagjs.com/visitor/ Frame EC03
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a&name=OPENWEB
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
44.229.137.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-137-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-kong-upstream-latency
4
date
Tue, 07 Mar 2023 01:49:51 GMT
via
kong/2.8.3
x-kong-proxy-latency
0
content-length
0
l5d-proxy-error
Connection refused (os error 111)

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a&name=OPENWEB
Date
Tue, 07 Mar 2023 01:49:51 GMT
Server
Adtelligent
Etag
0fdd95ba7a4ee43a
Content-Length
0
csync
sync.spotim.market/ Frame EC03
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:50 GMT
Server
Adtelligent
Etag
0fdd95ba7a4ee43a
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=19ff7e6c-480a-4e61-95dc-83628b0994c8
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
1i2k3e1ceesnsuo9bpkjt5rnbogvd7o4
csync
sync.spotim.market/ Frame EC03
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%240%26gdpr_consent...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
0
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:50 GMT
Server
Adtelligent
Etag
0fdd95ba7a4ee43a
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:50 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50&gdpr=$0&gdpr_consent=$
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame 88E4 		0
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Mar 2023 01:49:50 GMT
Etag
b24bb1beb10b7b48
Server
Adtelligent
/
onetag-sys.com/match/ Frame A9CB
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=undefined
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
17c962550296893d145ef1b8078fc6d6
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A9CB 		42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=K5k0_T6fSwf13jiurof3auOODCAsESp6Y3bM7M0m6Uo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame A9CB
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=undefined&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
date
Tue, 07 Mar 2023 01:49:49 GMT
content-length
0
/
onetag-sys.com/match/ Frame A9CB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=undefined&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
date
Tue, 07 Mar 2023 01:49:48 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame A9CB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=undefined
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
date
Tue, 07 Mar 2023 01:49:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
odr.mookie1.com/t/v2/ Frame A9CB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=undefined
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1299ab47-06b6-4413-9268-36e9fe4c618d&ssp=onetag&gdpr=0&gdpr_consent=undefined
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1299ab47-06b6-4413-9268-36e9fe4c618d&ssp=onetag&gdpr=0&gdpr_consent=undefined
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.79.111.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:50 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1299ab47-06b6-4413-9268-36e9fe4c618d&ssp=onetag&gdpr=0&gdpr_consent=undefined
Date
Tue, 07 Mar 2023 01:49:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame A9CB 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=K5k0_T6fSwf13jiurof3auOODCAsESp6Y3bM7M0m6Uo&gdpr=0&gdpr_consent=undefined&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.172.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-172-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:51 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame E3A4 		42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=K5k0_T6fSwf13jiurof3auOODCAsESp6Y3bM7M0m6Uo
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame E3A4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LEXLFK09-7-IR3B&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
/
onetag-sys.com/match/ Frame E3A4
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6496980970204499328
date
Tue, 07 Mar 2023 01:49:49 GMT
content-length
0
/
onetag-sys.com/match/ Frame E3A4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
date
Tue, 07 Mar 2023 01:49:50 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame E3A4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
date
Tue, 07 Mar 2023 01:49:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame E3A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-gLp_2phE2pkR4qBMxzwpQjCtP1FRyjKuDPi4Pw--~A&expires=5&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=1299ab47-06b6-4413-9268-36e9fe4c618d&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 07 Mar 2023 01:49:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame E3A4 		0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=K5k0_T6fSwf13jiurof3auOODCAsESp6Y3bM7M0m6Uo&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.172.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-172-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:51 GMT
content-length
0
csync
sync.spotim.market/ Frame 3982 		0
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=FD8C9FF8-8C80-4874-B028-DB9B00308CE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 07 Mar 2023 01:49:50 GMT
Etag
b24bb1beb10b7b48
Server
Adtelligent
reporter
srv.imonomy.com/internal/ 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.imonomy.com/internal/reporter?v=2&format=1&ai=989&subid=comp_static.criteo.net&sid=14567609857&terms=windows%20%u5B9F%u8DF5%u30AC%u30A4%u30C9%2C%20%u7B2C5%u4F4D%20%u9054%u4EBA%u30D7%u30ED%u30B0%u30E9%u30DE%u30FC%2C%20%u9054%u4EBA%u30D7%u30ED%u30B0%u30E9%u30DE%u30FC%20%u7B2C4%u4F4D%2C%20%u7B2C4%u4F4D%20%u30DE%u30B9%u30BF%u30EA%u30F3%u30B0tcp/ip%u3000%u5165%u9580%u7DE8%2C%20%u30DE%u30B9%u30BF%u30EA%u30F3%u30B0tcp/ip%u3000%u5165%u9580%u7DE8%20%u7B2C3%u4F4D&httpsite=true&keywords=windows%20%u5B9F%u8DF5%u30AC%u30A4%u30C9%2C%20%u7B2C5%u4F4D%20%u9054%u4EBA%u30D7%u30ED%u30B0%u30E9%u30DE%u30FC%2C%20%u9054%u4EBA%u30D7%u30ED%u30B0%u30E9%u30DE%u30FC%20%u7B2C4%u4F4D%2C%20%u7B2C4%u4F4D%20%u30DE%u30B9%u30BF%u30EA%u30F3%u30B0tcp/ip%u3000%u5165%u9580%u7DE8%2C%20%u30DE%u30B9%u30BF%u30EA%u30F3%u30B0tcp/ip%u3000%u5165%u9580%u7DE8%20%u7B2C3%u4F4D&dm=win2012r2.com&charset=UTF-8&timepreload=1678153787117&ptaken=3223&ttaken=3223&ttkan_x=0&sum_ttkan_x=0&ttl=Windows%20%u5B9F%u8DF5%u30AC%u30A4%u30C9&cqt=99&ln=ja&ct=0&w=1600&h=1200&pxr=1&ppi=96&loc=https%3A//win2012r2.com/&dm=win2012r2.com&rtb_highest_price=&rim=true
Requested by
Host: win2012r2.com
URL: https://win2012r2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.73.116 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip-158-69-73.eu
Software
nginx/1.20.1 /
Resource Hash
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 01:49:50 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.20.1
Etag
"ad6fdcd6bc9b5969566123ca061bde27f6f197cf"
Content-Length
43
Vary
Accept-Encoding
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 170E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d43443fb-392d-5442-9fa1-7e87fba7e6b2&CACHEBUSTER=122028
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:49:52 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Mar 2023 01:49:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 170E 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.26.240.67 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-26-240-67.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:52 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 07:56:48 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=21969
content-length
10006
expires
Tue, 07 Mar 2023 07:56:01 GMT
match
ads.betweendigital.com/ Frame 170E
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&gdpr_consent=undefined&gdpr=0&khaos=LEXLFK09-7-IR3B
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LEXLFK09-7-IR3B&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
122028
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame CDAC
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/122028
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/122028
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/122028
Protocol
H2
Server
194.226.130.229 -, , ASN (),
Reverse DNS
Software
ms-counter-4.0.4/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:55 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:54 GMT
strict-transport-security
max-age=2678400
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/122028
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230302&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
107ae395415625135f529e5749bca7121ebbc29c2050207875e4b39fa35d4b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11204
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 33A7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=win2012r2.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0553908ed23b6f479104f6c06a6119ae89aafb26085c5bae840faa7948a56a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:52 GMT
server
Kestrel
server-processing-duration-in-ticks
393529
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_fy2021.js?bust=31072787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 01:49:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B89 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
63192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 08:16:41 GMT
expires
Tue, 05 Mar 2024 08:16:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7B67 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f4.1e100.net
Software
GSE /
Resource Hash
1caefa38ab700dc4ae5279c482a22eff1ca626d325dc4bea94a6c8ff01890c63
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VhNCpuL7bnXkDnGzuGR7oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win2012r2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-VhNCpuL7bnXkDnGzuGR7oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 01:49:53 GMT
expires
Tue, 07 Mar 2023 01:49:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 7B67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230302&jk=3727815103390617&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
pagead2.googlesyndication.com/bg/ Frame 5B89 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:16:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 5B89 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rKhZnA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
json
gum.criteo.com/sid/ Frame 33A7 		441 B
563 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=win2012r2.com&sn=ChromeSyncframe&so=3&topUrl=win2012r2.com&bundle=a_c3JV9FUVlROFN5QWZrNUxoaEpOWmxCYWk2UzE2bnRmcTRoS0lCMndoVnRKWTA0dW93TVZ1aFEySk5CZkEzRlBVZ2pHJTJGSlRKV21pUlcwNWhWUFBueUJDcGRyOTBtcDZDVDROMmNXTUhaaGJxNk5hcmRZcXRJbyUyQiUyQmZwNnQyUTJDUDNwQw&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=win2012r2.com&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
8c0df8591d96be7b5e74924bfa549d5ece5a65717469a14ac7dcdcfb8572af9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=win2012r2.com&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1319965
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230302&jk=3727815103390617&bg=!Dg2lDVnNAAbv3-2Ez987ADkAdvg8WoF_l17jC7nplKwlFV717SC9cfQNn_VL-2cDBUssjt6KEjLKlQbiuqnFs-hBogy0_VHI56YCAAAAT1IAAAAIaAEHmQKh44KkLZ9-k-SrTHY0aquTQRIE8_6iZ2I9NwiYTP2yfqFQpAyOeXQbVyT1ds2a-pMY59m8scdg_UkqBDN6kG7dhFsCRvAs5oo0V63FI4AQsoUnnNYds3fitIV43ynznIqFf6PcsE8Yzrb0pGsLLkn45CHIrgUH5WGAwJnVbub7wb509xL-jcWFArYhAgnQF--Wn3_LRVkUv6uscwW7T4C8yRzDfkOV5JPAYfsFDskjiXijapLIFxtJV6WRRaan2SUCUSM6ANxSUZAvCWB-coKdnNHhAZ6ykpVEmpZZLvJcaTmuH3HZAwrSxEdlUhXzlNP5OimrW3ivdYWb9tIeb4CERa7Yuyq1S5Es7xKt-hwcb9p-6P0xerSHpY2hElX_31VvKmQa6CYa8_VvVbuB8ClqM_z1Ixb1VbvlQLZklM7WouZTamROcMzhWPcLseKNTd1hRYMrTsdNa6Z9sDQ2ioBU-tU-84qGN88pxaR0OZroQNBo5D_0qAwB4SS42rThYu3-JfWMi4HNf-4nitQMs2WoYF_memEGTU3-mx3umeY9mBEeSR2af7TSrt19bO0FJq9_hNEnW9TQyZbOWOsWQ6vnq1j-r-2eHTG2DxweT3m7c3OSHF2Y9NeLyMZrvJpvthKsjCtYxOWLowYs2h8T-9O_7P-zbfoXiFvaInjqNANSNajrTmheO4Altj7qtTluaM1tLxXTRatz9J3M3oZBLSLy0ZOqx_ne0WGgw8mwew2IY8akoeLxtTbs4qwbYWHZaPNJDbQqlVy5CFBA5AJPkeHYYLaXoWW1pIzO2eTNjm-mhacdPv373cC8UIcU0p80CYzoMuWlGHXmknBlVii0klEKLWgaq2aRmDfvBvZxzaUHLUzHBjnW8aaO-pfdG_oBlUp_qQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lexlfp1j&c=1312555354233&slotId=656277677116.5&met.4=hvd_lc.lexlfp1i~hvd_src.lexlfp1i&ps=173x98
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.126.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
oa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://win2012r2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZub...
ade.googlesyndication.com/ddm/activity/ Frame 983E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgPLTgtrI_QIVtscWBR2bXg0HEAAYACDBy-NZOhoI-Z708QIQ0cLfmKcEGLXSiOIDIL_ezIuqEUITCOTvhYDayP0CFcGbZAoddLQKUA;dc_rmcid=CAQSQADUE5ymAbnifhIiCLGvx6no6-qaoqgmKuZAFwgV-IAwgeCi99No4Ihbmm2wui3HVsWHZubyIvznxbhCtR1KNuMYAQ;eps=CIBhEAEYXzICigI6AoBA;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D987,1404,1085,1577%26tos%3D7740,0,0,0,0%26mtos%3D7740,7740,7740,7740,7740%26amtos%3D0,0,0,0,0%26mcvt%3D7740%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7740%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2015%26pst%3D409%26dur%3D30037%26vmtime%3D7697%26dtos%3D5715%26dtoss%3D2%26dvs%3D5715%26dfvs%3D5715%26dvpt%3D5715%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D7740,7740,7740,7740,7740%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D222%26femvt%3D0%26emc%3D45%26emuc%3D0%26emb%3D44,0,0,0,0%26avms%3Dexc%26qi%3D890046390%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D9107%26pngs%3D9s,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7740;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1678153786749;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
events.missena.io/v1/ 		0
377 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/renderer-sticky-video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win2012r2.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/msgpack

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:49:55 GMT
Last-Modified
Tue, 07 Mar 2023 01:49:55 GMT
Vary
Origin
Access-Control-Allow-Origin
https://win2012r2.com
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
events
events.missena.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.missena.io/v1/events?ik=1678153781.cg39gdesqcic73bkf0fg&t=PA-25261242
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.236.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-236-196.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://win2012r2.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,HEAD,PUT,DELETE,PATCH
Access-Control-Allow-Origin
https://win2012r2.com
Connection
keep-alive
Date
Tue, 07 Mar 2023 01:49:55 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
sync.ad
sp.gmossp-sp.jp/ads/ Frame CDAC
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d43443fb-392d-5442-9fa1-7e87fba7e6b2&expires=60
  • https://sp.gmossp-sp.jp/ads/sync.ad?dsp=bidswitch&dspuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dsp_uuid=&dsp_id=&rd=0
43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.gmossp-sp.jp/ads/sync.ad?dsp=bidswitch&dspuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dsp_uuid=&dsp_id=&rd=0
Protocol
H2
Server
35.201.98.24 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 01:49:56 GMT
via
1.1 google
server
Google Frontend
content-type
image/gif
x-cloud-trace-context
dca223cfcc039bb5cf12e8f745ba4337
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Tue, 07 Mar 2023 02:49:56 GMT

Redirect headers

Location
//sp.gmossp-sp.jp/ads/sync.ad?dsp=bidswitch&dspuid=1299ab47-06b6-4413-9268-36e9fe4c618d&dsp_uuid=&dsp_id=&rd=0
Date
Tue, 07 Mar 2023 01:49:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
15
r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... 		20 KB
21 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/201A7C4AFB0148AAD49E69BE0A25373FB8FE8BB0.2894ADCDAE52BC12C4034B7B55D991976FB769DA/key/cms1/cms_redirect/yes/mh/8v/mip/223.216.76.27/mm/42/mn/sn-3pm76nes/ms/onc/mt/1678153478/mv/m/mvi/4/pl/15?cpn=_HzJ0GiXfnE-Gaj0&file=file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.106.73 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix05s13-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
18de5845c0dfe60bc8a3622a87ebb2f4b01236237d79d0f62c09f9b0c55ad288
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win2012r2.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=4390926-

Response headers

Date
Tue, 07 Mar 2023 01:49:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Mar 2023 07:44:27 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 4390926-4411524/4411525
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
20599
Expires
Tue, 07 Mar 2023 01:49:56 GMT
/
onetag-sys.com/usync/ Frame 7307 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d43443fb-392d-5442-9fa1-7e87fba7e6b2&CACHEBUSTER=122028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
23da0c46c80e33527eebf3ca1402f906bfc80806ce83de477c262114afc4a0ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
876
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
tap.php
pixel.rubiconproject.com/ Frame 7307 		42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3pSMsbs9mIUikqZeaQ3oT9yEG3-nQdtvBEJUOIUVHjk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
ads.betweendigital.com/ Frame 7307 		68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=129&external_user_id=3pSMsbs9mIUikqZeaQ3oT9yEG3-nQdtvBEJUOIUVHjk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
d43443fb-392d-5442-9fa1-7e87fba7e6b2
an.yandex.ru/mapuid/betweendigitalis/ Frame CDAC
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fd43443fb-392d-5442-9fa1-7e87fba7e6b2
  • https://an.yandex.ru/mapuid/betweendigitalis/d43443fb-392d-5442-9fa1-7e87fba7e6b2
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/d43443fb-392d-5442-9fa1-7e87fba7e6b2
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 01:49:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Mar 2023 01:49:56 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 01:49:56 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/d43443fb-392d-5442-9fa1-7e87fba7e6b2
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame CDAC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F0%2F10.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
Domain
spl.zeotap.com
URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=undefined
Domain
ads.themoneytizer.com
URL
https://ads.themoneytizer.com/media/tm.png
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/sync?vendor=60079&uid=d43443fb-392d-5442-9fa1-7e87fba7e6b2

Verdicts & Comments Add Verdict or Comment

341 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 boolean| credentialless function| gtag object| dataLayer function| __tcfapi function| __uspapi object| google_tag_manager function| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga object| Cookies object| ps_ajax function| onYouTubeIframeAPIReady object| gaGlobal function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| ab_test_iiq number| random_cent_iiq undefined| s undefined| x number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility45111 number| video_div object| video_div2 string| crtg_content string| moneybid object| sc function| isEmpty function| loadScriptTemelio function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter number| nugg_iiq string| pubstack_ab function| whatToLoad object| sublime string| sh object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_video function| refreshVisibility35757 object| inimagejs object| mydiv object| creatediv number| inImageSiteId object| slowBidders object| adsArea35757 object| observers35757 function| refreshQueueManager35757 function| loopChecker35757 function| Adcall_35757 object| adsbygoogle function| refreshVisibility26711 undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv undefined| convertHtmlToText function| Adcall_26711 function| refreshVisibility26328 function| Adcall_26328 object| swv object| wpcf7 object| eazy_ad_unblocker object| eazy_opacity object| eazy_close_btn object| eazy_version object| eazy_unblocker_width object| eazy_ad_unblocker_popupid object| eazy_ad_unblocker_popup_params boolean| eazyAdUnblockerDialogClosed boolean| eazy_ad_unblocker_loaded object| eazy_ad_unblocker_dialog_opener boolean| eazy_ad_unblocker_global_error string| eazyAdUnblockerFlaggedURL string| eazy_ad_unblocker_msg_var object| eazyAdUnblockerHolderDiv object| eazyAdUnblockerEffectiveWidth object| eazyAdUnBlockerHttp function| preventDeleteDialog object| wpASPNG function| stripeHandlerNG function| WPASPClosePaymentPopup function| WPASPAttachToAElement function| WPASPAttach function| WPASPDocReady object| AICP object| Stickyfill object| cocoon_localize_script_options function| MobileDetect object| md function| tmzInimageSetup function| verbose boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| gaplugins object| gaData object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 object| pubstack_publica number| bidder_geo object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| regeneratorRuntime function| __tcfapiui function| mapperjs object| __core-js_shared__ object| el object| lastBidder35757 function| quantserve function| __qc object| ezt object| _qoptions function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| apntag object| _ADAGIO boolean| tmcredentials object| Criteo string| Smart_SR_data object| google_llp undefined| bid undefined| vastUrl object| targetingParams undefined| Adcall_26322 object| ONFOCUS object| adsArea26328 object| observers26328 function| refreshQueueManager26328 function| loopChecker26328 object| adsArea26711 object| observers26711 function| refreshQueueManager26711 function| loopChecker26711 object| libJsLeadPlace object| lastBidder26328 object| lastBidder26711 object| criteo_pubtag object| criteo_pubtag_prebid_134 object| Criteo_prebid_134 object| criteo_syncframe_state object| aylEl object| b string| sMWidth string| sMHeight object| args string| css object| style function| setupFooterSlidein function| bringToFront function| setupSlideIn function| setupFooter function| qcResize function| setupExoticFS object| iframeDoc object| __MISSENA__ object| elList number| k boolean| AylTagLoading object| __SENTRY__ object| Adyoulike object| AylTag object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_515474 object| script object| closure_lm_43274 object| imonomy function| getZIndex function| getElementPosition function| getComputedStylePropertyValue object| brand_name_for_internal string| protocol object| curr_host_split object| g_metadata number| wordscount object| match_dict string| quality_type string| not_first boolean| use_foce_image number| curtop number| cur_width string| imageTitle string| donot_show_id

251 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQgMiKzuswCgoIgQIQgMiKzuswCgoI4gEQgMiKzuswCgoI5gEQgMiKzuswCgoIhwIQgMiKzuswCgkICRCAyIrO6zAKCQg6EIDIis7rMAoKCIwCEIDIis7rMAoJCF8QgMiKzuswCgkIHxCAyIrO6zA=
win2012r2.com/ Name: PHPSESSID
Value: 7de0c5abad52e542b6680f460346f87c
win2012r2.com/ Name: asp_transient_id
Value: 0f60199a4aab4941f5589a6431ba12c4
.win2012r2.com/ Name: _ga_2G2FZZXW0F
Value: GS1.1.1678153778.1.0.1678153778.0.0.0
.valuecommerce.com/ Name: VCB
Value: ZAaYMwAAGvnf2EwbwKhpvMCoaSfmpQ&c=33980664&v=2&s=959aa483
.win2012r2.com/ Name: _ga
Value: GA1.2.1991005425.1678153779
.win2012r2.com/ Name: _gid
Value: GA1.2.1288256490.1678153780
.win2012r2.com/ Name: _gat_gtag_UA_49545071_4
Value: 1
win2012r2.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.win2012r2.com/ Name: sharedid
Value: 42423dc4-feb4-493b-a722-53bc9a70ea42
.adsrvr.org/ Name: TDID
Value: a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
.mathtag.com/ Name: uuid
Value: e1b36406-9833-4700-987f-7a2b103fd427
.doubleclick.net/ Name: IDE
Value: AHWqTUkHtR2MvDiZGI_jz66gk76-RWZsElswKvtu3-v-k9ILhzCANS6nJ3HfYTUs11Y
.rubiconproject.com/ Name: khaos
Value: LEXLFK09-7-IR3B
.adnxs.com/ Name: uuid2
Value: 6358988783605550458
.win2012r2.com/ Name: cto_bundle
Value: a_c3JV9FUVlROFN5QWZrNUxoaEpOWmxCYWk2UzE2bnRmcTRoS0lCMndoVnRKWTA0dW93TVZ1aFEySk5CZkEzRlBVZ2pHJTJGSlRKV21pUlcwNWhWUFBueUJDcGRyOTBtcDZDVDROMmNXTUhaaGJxNk5hcmRZcXRJbyUyQiUyQmZwNnQyUTJDUDNwQw
.win2012r2.com/ Name: cto_bidid
Value: wOGUr19qYk1VbUd3ZWwlMkJ6MlQ3eDNCU1clMkJ1OUNrVUVOWTZOJTJGcWVpQzFBNUZlS3dLbDRUR1RXc0V5VSUyRnJ4RHpPTW1pV2JiaEVrSWJTYm9GJTJCa0RIMW5nMUN0SWclM0QlM0Q
.rlcdn.com/ Name: pxrc
Value: CLSwmqAGEgUI6AcQABIGCO25KxAA
.quantserve.com/ Name: mc
Value: 64069834-bb9b4-751ed-e6678
.win2012r2.com/ Name: __qca
Value: P0-172796927-1678153780258
.win2012r2.com/ Name: __gads
Value: ID=4013aaeaafc9989e-2218a93eebdb00b1:T=1678153780:RT=1678153780:S=ALNI_MayHfrKK_9VPKu9n5V_qLP1tN9XMQ
.id5-sync.com/ Name: callback
Value:
.win2012r2.com/ Name: __gpi
Value: UID=00000bd3246a12c9:T=1678153780:RT=1678153780:S=ALNI_Mbsm26EsIk9D9cNQh674k5bvMUW5w
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: d43443fb-392d-5442-9fa1-7e87fba7e6b2
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.lijit.com/ Name: ljt_reader
Value: GRKNCBZHu6GmWJstQzOlNICU
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: t3jwFmAqVodQ4udu-iMPXidyFlICSzTYh3IKRJ1yS2sG9zqAB7FwSdKSyyx25NqrXwzt8KdLjzaeZ6fab_hK8vIAnfwW8_EPBqCVXYbNBoM
.gumgum.com/ Name: vst
Value: a_a687b1c2-9942-4019-9b43-8d0d4cea875d
.casalemedia.com/ Name: CMPS
Value: 5459
.casalemedia.com/ Name: CMPRO
Value: 5459
.richaudience.com/ Name: pdid
Value: 6004bbcb-7f27-4c95-94d2-0zz1678153781
.send.microad.jp/ Name: TR
Value: 9e025ce82443cbaaf0ef2bd9487a9848
.smartadserver.com/ Name: pid
Value: 6496980970204499328
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.omnitagjs.com/ Name: ayl_visitor
Value: fa95a31fe9d38e7279f1ac94b98aeaf9
.casalemedia.com/ Name: CMID
Value: ZAaYNYOJJ4ARKje1WrpskQAA
.tapad.com/ Name: TapAd_TS
Value: 1678153781742
.tapad.com/ Name: TapAd_DID
Value: e05eeaac-27c4-48e5-a7db-6c78369e61ae
.360yield.com/ Name: tuuid
Value: d9e95577-1d4d-4c6a-9037-811ae54d6c81
.360yield.com/ Name: tuuid_lu
Value: 1678153781
.prebid.a-mo.net/ Name: __amc
Value: 1_1678153781_1678153781
.a-mo.net/ Name: amuid2
Value: d27bb356-86ab-47b5-b718-4ea1dccfe68c
.prebid.a-mo.net/ Name: sd_amuid2
Value: d27bb356-86ab-47b5-b718-4ea1dccfe68c
.id5-sync.com/ Name: id5
Value: 727d5198-7eb0-7012-882b-0b0c7d1b21c0#1678153780883#3
.media.net/ Name: visitor-id
Value: 3211553829442732000V10
.media.net/ Name: data-g
Value: CAESECmnZ1eNwg6HOJ4sPF14rR4~~3
.c.appier.net/ Name: _gu
Value: CAESEJEo8LM9KpqpruJYb3cK9rY
.c.appier.net/ Name: _auid
Value: 6m3QQUjWAq6a01G0NpgGZA
.cpx.to/ Name: cpSess
Value: 1680d1a4ce139f9d
.openx.net/ Name: i
Value: f38dcefa-5812-427f-a486-8b9f6e7565b8|1678153782
.adform.net/ Name: C
Value: 1
.send.microad.jp/ Name: ASR-g
Value: 1
.ladsp.com/ Name: cr
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FD8C9FF8-8C80-4874-B028-DB9B00308CE4
.pubmatic.com/ Name: DPSync3
Value: 1679356800%3A201_245_226%7C1678752000%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1679443200%3A35%7C1683331200%3A69%7C1679011200%3A63%7C1679356800%3A209_220_21_202_54_7_22_207_76_96_234_8_3_214_5_56_233_107_179_13_71_217_254%7C1678752000%3A2_223_15
.bidswitch.net/ Name: tuuid
Value: 1299ab47-06b6-4413-9268-36e9fe4c618d
.bidswitch.net/ Name: c
Value: 1678153782
.bidswitch.net/ Name: tuuid_lu
Value: 1678153782
.socdm.com/ Name: SOC
Value: ZAaYNsCo5ugAAD2MO1IAAAAA
.sharethrough.com/ Name: stx_user_id
Value: 942d8f61-b63a-4838-8dc0-897bb9a02069
.socdm.com/ Name: SOSYNC
Value: anNvbjp7InB1Ym1hdGljIjoxNjc4MTUzNzgyfQ
.quantserve.com/ Name: d
Value: EMoBDgG6KIEO-TA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e1b36406-9833-4700-987f-7a2b103fd427&KRTB&16736-uid:e1b36406-9833-4700-987f-7a2b103fd427&KRTB&23019-uid:e1b36406-9833-4700-987f-7a2b103fd427&KRTB&23114-uid:e1b36406-9833-4700-987f-7a2b103fd427
.turn.com/ Name: uid
Value: 7529250236723202089
.agkn.com/ Name: ab
Value: 0001%3AE6z4qu%2FoGCddepBbAREyhM0soF70YQ1f
.agkn.com/ Name: u
Value: C|0CEArmVS2K5lUtgAAAAAAAQ13AQCAAQpAAAAAAA
.adform.net/ Name: uid
Value: 5358275005561920827
.pubmatic.com/ Name: KRTBCOOKIE_656
Value: 12671-ZAaYNsCo5s0AACemrnkAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&KRTB&22918-a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32&KRTB&23031-a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6358988783605550458&KRTB&23339-6358988783605550458
.ladsp.com/ Name: smn_uid
Value: MTX7c24GHnsF8xNGMvaglw9bvu_Ib6s
.ladsp.com/ Name: lum
Value: CIaris7rMBIFCAoQ4BI
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.simpli.fi/ Name: suid
Value: 1B32369227AF48F1ABF9116409EA6EC6
.ctnsnet.com/ Name: cid_3a3a2cbe8c104f4f8215414c9c4ae3da
Value: 1
.ctnsnet.com/ Name: cid_72b43c5b52a64c8c818bfb2e0d02a3ad
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq&KRTB&19420-aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq&KRTB&22979-aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq&KRTB&23403-aPdA3mf7Q9xzoRLRPPdd32vyFYxzpkbeaftO5Zkq
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adtdp.com/ Name: uid
Value: ecfe6e23-f069-4e0c-8c82-ce1f8a80e94a
.adtdp.com/ Name: pr
Value: ame
.linkedin.com/ Name: bcookie
Value: "v=2&b4a11c37-b2d3-4f37-8f9a-396934ae4219"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2932:u=1:x=1:i=1678153782:t=1678240182:v=2:sig=AQGn1Lqm3MCzn_67o85bzoBAEyi0hpVV"
.uncn.jp/ Name: t
Value: v_f3c38330-d9e2-4b7c-8f45-d852843b1605
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7745423018836985897&KRTB&23150-7745423018836985897
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5358275005561920827&KRTB&23263-5358275005561920827
.pubmatic.com/ Name: KRTBCOOKIE_629
Value: 11487-AdeaWxWwnu2Pks8AD1u-78hvq88AAAGGucKVhg
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-72b43c5b52a64c8c818bfb2e0d02a3ad&KRTB&23328-72b43c5b52a64c8c818bfb2e0d02a3ad&KRTB&23427-72b43c5b52a64c8c818bfb2e0d02a3ad&KRTB&23445-72b43c5b52a64c8c818bfb2e0d02a3ad
.cpx.to/ Name: dsp_TTD
Value: a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32#1678153782650
.pubmatic.com/ Name: KRTBCOOKIE_1201
Value: 23170-v_f3c38330-d9e2-4b7c-8f45-d852843b1605&KRTB&23180-v_f3c38330-d9e2-4b7c-8f45-d852843b1605
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZAaYNgAKc_wqmQBh
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESECE_1AZHgJbjG94P1rPcib0&KRTB&22987-CAESECE_1AZHgJbjG94P1rPcib0&KRTB&23025-CAESECE_1AZHgJbjG94P1rPcib0&KRTB&23386-CAESECE_1AZHgJbjG94P1rPcib0
.gammaplatform.com/ Name: _aGeoIp
Value: TH|Phetchaburi
.gammaplatform.com/ Name: _aUID
Value: 9hkzd49annu4
.addthis.com/ Name: na_id
Value: 2023030701494200017479117157
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 640698363207b599
.addthis.com/ Name: ouid
Value: 640698360001c66d65344b22fc5afe5b7be28bd046cfd06001e4
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20230307
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.tribalfusion.com/ Name: ANON_ID
Value: aYnseFyKalHobWm8ZbRyZbvyNaQTq5hjtYhJOsqagEGeSvjfY6eYQtZdUVPTrXYJnmE13Ei7yYN77NMYwFtKdmn
.sportradarserving.com/ Name: zuuid
Value: e88aa6a0-c4f3-4f4f-9ec7-3293d82a96f2
.sportradarserving.com/ Name: c
Value: 1678153782
.sportradarserving.com/ Name: zuuid_lu
Value: 1678153782
.uuidksinc.net/ Name: jcsuuid
Value: eBBkvx5sqpYx00d49Nre
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-9hkzd49annu4&KRTB&23446-9hkzd49annu4&KRTB&23465-9hkzd49annu4
.dyntrk.com/ Name: dyn_u
Value: 03010005_64069836bf1ea
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1678153782
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1585
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-6m3QQUjWAq6a01G0NpgGZA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ooPZNzPWRThG0JJktx8E-9_YTBs&KRTB&23334-ooPZNzPWRThG0JJktx8E-9_YTBs&KRTB&23417-ooPZNzPWRThG0JJktx8E-9_YTBs&KRTB&23426-ooPZNzPWRThG0JJktx8E-9_YTBs
.w55c.net/ Name: wfivefivec
Value: Hmgoj69m1Pzmsv5
.cpx.to/ Name: dsp_dbm
Value: CAESEN2xFpObl-mMRNWFJWQ_-9U#1678153782930
fksnk.com/ Name: AWSALBCORS
Value: jsSMtmHwe+b4A/OFprzOmyIqtCk1RRTo/xw7rMCzU7l1ZWquYO+cCxHcWmakVTBzPzrJ3yFNyY6GVDjlpA8IdFOvxCo3i+m9H0gCVkL2fI4q8TJ40ZFKynD8MWQ8
.fksnk.com/ Name: f_001
Value: AC24CAA7E15922F3
.fksnk.com/ Name: g_001
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-645333c5-1119-432a-4a50-24c0017d56e2.3skTk7WjmauLutf1uTp%2B%2BY%2FUtA12K23HPHAGON5bcLM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZFMzxREZQypKUCTAAX1W4t_YTBs.rTiwRxtxeq5Frzep19lTxB8EIYsp%2BVctnjNB7quZWko
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: bf954e9859c420674d8c0186ee097e5a
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:Hmgoj69m1Pzmsv5&KRTB&23457-uid:Hmgoj69m1Pzmsv5&KRTB&23421-uid:Hmgoj69m1Pzmsv5
.yahoo.com/ Name: A3
Value: d=AQABBDeYBmQCEOIGA2KuTcWZ0nauBLwc1IIFEgEBAQHpB2QQZAAAAAAA_eMAAA&S=AQAAAv0q3sjSAbq1rwPVilvuebE
.cpx.to/ Name: dsp_pubmatic
Value: FD8C9FF8-8C80-4874-B028-DB9B00308CE4#1678153783215
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALhGv4L_lq8QNBAKsEAAAAAAA&KRTB&22713-AAALhGv4L_lq8QNBAKsEAAAAAAA&KRTB&22715-AAALhGv4L_lq8QNBAKsEAAAAAAA
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wMy0wN1QwMTo0OTo0MS4zNzE4NTQ3MTVaIiwicHVibWF0aWMiOiIyMDIzLTAzLTA3VDAxOjQ5OjQxLjM3MTgzOTAzMVoiLCJydWJpY29uIjoiMjAyMy0wMy0wN1QwMTo0OTo0MS4zNzE4NDYzNDNaIn0sInVpZHMiOnsiYWRhZ2lvIjp7InVpZCI6IjU2M2IxMDlkLWQ5YjYtNDNkYS1iNWI2LTk3YzFkOTU1MTE1NCIsImV4cGlyZXMiOiIyMDIzLTA1LTA2VDAxOjQ5OjQxLjM2OTM1MjM0M1oifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJaQWFZTllPSko0QVJLamUxV3Jwc2tRQUFGVk1BQUFBQiIsImV4cGlyZXMiOiIyMDIzLTA1LTA2VDAxOjQ5OjQzLjYzNzUxMTE5NVoifSwicHVibWF0aWMiOnsidWlkIjoiRkQ4QzlGRjgtOEM4MC00ODc0LUIwMjgtREI5QjAwMzA4Q0U0IiwiZXhwaXJlcyI6IjIwMjMtMDUtMDZUMDE6NDk6NDIuNzEyMTA4NTY0WiJ9LCJydWJpY29uIjp7InVpZCI6IkxFWExGSzA5LTctSVIzQiIsImV4cGlyZXMiOiIyMDIzLTA1LTA2VDAxOjQ5OjQzLjU2NjIwMTI4NloifX0sImJkYXkiOiIyMDIzLTAzLTA3VDAxOjQ5OjQxLjM2OTIwMzU5OVoifQ==
.eyeota.net/ Name: mako_uid
Value: 186b9c2995a-5dec0000010e5d96
.eyeota.net/ Name: SERVERID
Value: 23958~DM
.cpx.to/ Name: dsp_app_nexus
Value: 6358988783605550458#1678153783573
.dotomi.com/ Name: DotomiTest
Value: 761ce0e4cdc21b35
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5544DC7B5582EA"
.yandex.ru/ Name: yuidss
Value: 5449954101678153783
.yandex.ru/ Name: yandexuid
Value: 5449954101678153783
.semasio.net/ Name: SEUNCY
Value: 196EA5A50FC48E61
.ad-m.asia/ Name: uid
Value: CIgKDyRF4X
.inmobi.com/ Name: idsp_c
Value: 84db0638-417a-497f-b975-ef7701d50521
.bidr.io/ Name: bito
Value: AAC4NE7IDTAAACCtMn4Psg
.bidr.io/ Name: bitoIsSecure
Value: ok
.zemanta.com/ Name: zuid
Value: RMmwO7_haW1b6Co01lSM
.pubmatic.com/ Name: SPugT
Value: 1678153782
.amazon-adsystem.com/ Name: ad-id
Value: A9rTOXTAEU_Aj6CXB0ZIb7o
.flashtalking.com/ Name: _D9J
Value: 20256564ca9c4acb925c88e3f58f0ad4
.smartadserver.com/ Name: vs
Value: 558924=5352589
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308020772%3B%24ql%3DHigh%3B%24qpc%3D461-0013%3B%24qt%3D36_5_126711t%3B%24dma%3D0
.adkernel.com/ Name: ADKUID
Value: A4266243696831783884
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.w55c.net/ Name: matchid5
Value: 5
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A4266243696831783884
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308020772%3B%24ql%3DHigh%3B%24qpc%3D461-0013%3B%24qt%3D36_5_126711t%3B%24dma%3D0&c=1&l=-272456934&lo=-749376494&lt=638137505851904584&o=1
.id5-sync.com/ Name: 3pi
Value: 112#1678153784301#60600206#196EA5A50FC48E61|2#1678153783521#582217449#6358988783605550458|3#1678153783104#-1192397512#e1b36406-9833-4700-987f-7a2b103fd427|19#1678153784725#1300336737#bf954e9859c420674d8c0186ee097e5a|163#1678153785592#-642824461|102#1678153781764#149110591|264#1678153782700#783001306#a1f228b5-35c0-4a6f-aba1-0bc7c9ed8f32|123#1678153783888#1626552891|155#1678153785082#55963438#AAC4NE7IDTAAACCtMn4Psg|108#1678153782184#428883999
.admatrix.jp/ Name: uid
Value: 5b1d594c-ef04-419c-902e-63121be65e5a
.smartadserver.com/ Name: Trk0
Value: Value=1698062&Creation=07%2f03%2f2023+01%3a49%3a45
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1678175386084
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_943
Value: 19522-1O6mHZp4hVj
.pubmatic.com/ Name: PugT
Value: 1678153786
.pubmatic.com/ Name: pi
Value: 159706:3
.missena.io/ Name: msna
Value: cg39gemsqcic73cpo3j0
.3lift.com/ Name: tluid
Value: 1085003678217635962130
.missena.io/ Name: msnapbmcnw
Value: 1
.missena.io/ Name: msnapbmc
Value: FD8C9FF8-8C80-4874-B028-DB9B00308CE4
a-prebid.vidoomy.com/ Name: SSCookie
Value: 1
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.missena.io/ Name: msnampdgnw
Value: 1
.missena.io/ Name: msnampdg
Value: d9e95577-1d4d-4c6a-9037-811ae54d6c81
.bluekai.com/ Name: bku
Value: ikG99e3ROZuvvC1K
.missena.io/ Name: msnayhoonw
Value: 1
.missena.io/ Name: msnayhoo
Value: y-krg0EqVE2uEqUsXBGQXHaNz8DxbDe3ozFa4EZZI-~A
.missena.io/ Name: msnaxndrnw
Value: 1
.missena.io/ Name: msnaxndr
Value: 6358988783605550458
.missena.io/ Name: msnasmwtnw
Value: 1
.missena.io/ Name: msnasmwt
Value: f79db6022e320fafa203ab9e5911702f
.ads.stickyadstv.com/ Name: UID
Value: 4522641d3eddd1ac5c18188ef798b9d0
pool.admedo.com/ Name: tuuid
Value: a5658da7-0350-48b5-88d3-7e514c81a88f
pool.admedo.com/ Name: c
Value: 1678153786
pool.admedo.com/ Name: tuuid_lu
Value: 1678153786
.missena.io/ Name: msnamgntnw
Value: 1
.missena.io/ Name: msnamgnt
Value: LEXLFK09-7-IR3B
.bing.com/ Name: MUID
Value: 155DAE5B1939660A3885BC9618EB67FF
.c.bing.com/ Name: MR
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2In6d6T3h!]tbP6j2F-.aE@%O4WYq=0QH%iK69liU$O(fnQlhjab<E4yl+<kjl^s2d+I(kQKz0P37t>/X+GY1Qw2QE2>1+
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJiOGE3NTg5M2Y2YjIxNWU4NDg1YzY3YzVkNGZlNmUzMSIsImV4cGlyZXMiOiIyMDIzLTA2LTA1VDAxOjQ5OjQ2WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTAzLTA3VDAxOjQ5OjQ2WiJ9
.sitescout.com/ Name: ssi
Value: 58bdd5a7-f192-4e92-86a2-d24dd0e41542#1678153786933
.missena.io/ Name: msnasmrtnw
Value: 1
.missena.io/ Name: msnasmrt
Value: 6496980970204499328
.us.ck-ie.com/ Name: CID
Value: 7118cbae21a305e0d121e3022e684e62c0ec061f
.richaudience.com/ Name: cmpsync
Value: 1
.creativecdn.com/ Name: u
Value: f3nEWoZhxrOawts6P1fR
.creativecdn.com/ Name: ts
Value: 1678153787
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2add:199l~2add:199t~2add:194o~2add"
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGYiOnsidWlkIjoiNTM1ODI3NTAwNTU2MTkyMDgyNyIsImV4cGlyZXMiOiIyMDIzLTAzLTIxVDAxOjQ5OjQ3LjQyOTc3MTMxOVoifSwiYWRueHMiOnsidWlkIjoiNjM1ODk4ODc4MzYwNTU1MDQ1OCIsImV4cGlyZXMiOiIyMDIzLTAzLTIxVDAxOjQ5OjQ2LjI5MjQwMDEzN1oifX0sImJkYXkiOiIyMDIzLTAzLTA3VDAxOjQ5OjQ2LjI5MjM5NzM5M1oifQ==
.spotxchange.com/ Name: audience
Value: 5761c6a6-bc8a-11ed-a1a5-169d53a90107
.advertising.com/ Name: A3
Value: d=AQABBDuYBmQCEHW2DJqEhXN6QnokddLTQNcFEgEBAQHpB2QQZAAAAAAA_eMAAA&S=AQAAAnJ0qDD0lqIWvWymNt0E4aE
.richaudience.com/ Name: avcid-apn-uid
Value: 6358988783605550458
.richaudience.com/ Name: avcid-bsw-uid
Value: 1299ab47-06b6-4413-9268-36e9fe4c618d
.richaudience.com/ Name: avcid-yho-uid
Value: y-Dhmc7DtE2uHt8uDNURDbEiWRS_hg4gHFxJtGQQA-~A
.e-volution.ai/ Name: v_usr
Value: 9285c005-457f-4dae-912f-8d0b873c85f9
.mathtag.com/ Name: mt_mop
Value: 9:1678153787
.smilewanted.com/ Name: sw_user_params_infos
Value: BCwQDB8AIwOCN6jAQsI75o9hcQ0qpScQ4gIQH49aC9c5hiNCZE78a3AY8t5If5UOZArsJ9Ffhk7iOCrZ6u%2BmmAm%2FNZg5sUwhu03xZYJdtIygmpBxyaCfypEqkEvwRJsq7WT%2Basgd7sKkc%2Bt1YYR2NU%2FLsd0ZfWeX%2Fc0%2FmsVRdsXBWg9XJBpcXpMFh5HjQysXls%2BxZQpytO%2FezAiXwhr%2FoMzbxN7PS3tfkpZMd%2B7HOhSyHe8UOtGefSqqzkGglypFWelkn346MtO%2Ba86bG0asr0sV6QcSliSlvxY49NJfvXCty6NzVTRg5TVk4e70cDzPEz4ZjyJYag%2FJkl94UhKothy3BcAMMn5tuzoSnSGsBQoJ%2FyAlEpUs4MJupXFMk9ho
.admanmedia.com/ Name: admtr
Value: a3cf1e83-29af-4774-b174-6bcf5fc376dd
.admanmedia.com/ Name: ac_r
Value: CS126
.smartadserver.com/ Name: csync
Value: 111:ID5-f66f6p8AwwQAt-xqEIltRcwVPRJGDb7PJyOrC5uzJg|116:RMmwO7_haW1b6Co01lSM|117:fa95a31fe9d38e7279f1ac94b98aeaf9|127:AAC4NE7IDTAAACCtMn4Psg
.richaudience.com/ Name: avcid-rub-uid
Value: LEXLFK09-7-IR3B
.adhigh.net/ Name: gi_u
Value: UldjzdLUJN.AikABlGGucKpyw
.adotmob.com/ Name: uid
Value: 08d02204203481a2ac2cf407
.adotmob.com/ Name: uuid
Value: 08d02204203481a2ac2cf407
.adotmob.com/ Name: partners
Value: AYL%3A1678153787917
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIgoqRiIiuzzsQBRIXCghwdWJtYXRpYxILCLylqI6Irs87EAUSFAoFdGFwYWQSCwiov6mQiK7POxAFEhYKB3J1Ymljb24SCwjcxIjAiK7POxAFEhYKB3N2eDl0NTASCwjqqKWziK7POxAFGAEgASgCMgsI4r3M8J6uzzsQBTgBWgVzcG90eGAC
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjEyOTlhYjQ3LTA2YjYtNDQxMy05MjY4LTM2ZTlmZTRjNjE4ZCIsImV4cGlyZXMiOjE2ODA3NDU3ODZ9LCJDRU4iOnsidWlkIjoiNThiZGQ1YTctZjE5Mi00ZTkyLTg2YTItZDI0ZGQwZTQxNTQyLTY0MDY5ODNhLTRhNTAiLCJleHBpcmVzIjoxNjgwNzQ1Nzg4fX19
.richaudience.com/ Name: avcid-adf-uid
Value: 5358275005561920827
.adhigh.net/ Name: btw_sync
Value: LKvC
.betweendigital.com/ Name: ut
Value: ZAaYPAALQtAbYuu-TRlsJKUKt5qpOCYgw5VXJg==
.admixer.net/ Name: am-uid
Value: d9a6ad880e994b38bee62819bc63d3d1
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSkD72DtjK9bdSxXF1MLo-dkUCHrIiBRgr-GaV5owvSx9EBcTSWZYZUck5srMC4Q2
.adingo.jp/ Name: dbm
Value: CAESEHhtvlAkzpfCnmtf35Rg4aY
.ipredictive.com/ Name: cu
Value: 885f04f6-8b17-4ba8-9b33-81eb9264f9ef|1678153788978
.spotxchange.com/ Name: sl
Value: eyJnIjpmYWxzZSwicyI6IjIwMjEwMCIsInNwIjo3LCJpIjp0cnVlLCJscCI6NzMxMCwidXBzIjoiIiwiZ2NzIjoiIiwicGwiOltdLCJzaWQiOiI1NzYxYzZlMy1iYzhhLTExZWQtYTFhNS0xNjlkNTNhOTAxMDciLCJzb2wiOjcsInNsIjowfQ==
.rlcdn.com/ Name: rlas3
Value: 0vYj12GNqBUqmL0tqmwrocO1nMjI+IOFCTLLg7tCd88=
.media.net/ Name: data-ayl
Value: fa95a31fe9d38e7279f1ac94b98aeaf9~~3
.bumlam.com/ Name: suuid3
Value: IiQ1OGI4NTk5Ni1iYzhhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.onetag-sys.com/ Name: OTP
Value: 3pSMsbs9mIUikqZeaQ3oT9yEG3-nQdtvBEJUOIUVHjk
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTY3ODE1Mzc4NzUwMywiNyI6MTY3ODE1Mzc4NzUwMywiNzQiOjE2NzgxNTM3OTAyMDN9
.rubiconproject.com/ Name: audit
Value: 1|AgfQnbOy/iOYFF6p6RnuOYr+YNp8OugmwnyFgaUPFK3wryiATJPNG1VrLcbnVGR3PB3rIuVy+iCM1KxoLazIt6NWShwHx7KI6rocrMY9/A+1h2yObmdWTXFXSGn+9Cn6Lnwiv4RP3Zksefabx4gVcXOZDYtXdgXetlAknOc/bg8j2j+jRnGddh1kcH/OFNCJ3U82t5tZ/hj9W23uEog5JA==
.taboola.com/ Name: t_gid
Value: f832d17c-df6e-4251-8b6b-04bcbeec4239-tuctb001dbe
.aniview.com/ Name: 1_C_20
Value: K5k0_T6fSwf13jiurof3auOODCAsESp6Y3bM7M0m6Uo
sync.aniview.com/ Name: 1_C_20
Value: K5k0_T6fSwf13jiurof3auOODCAsESp6Y3bM7M0m6Uo
.spotim.market/ Name: a271858
Value: 6358988783605550458
.spotim.market/ Name: a644680
Value: 1085003678217635962130
.spotim.market/ Name: a448580
Value: FD8C9FF8-8C80-4874-B028-DB9B00308CE4
.spotim.market/ Name: vmuid
Value: 0fdd95ba7a4ee43a
.aidata.io/ Name: __upin
Value: lYDBIytCbnUOcnCeKPvx3w
.aidata.io/ Name: __upints
Value: 1678153791
.spotim.market/ Name: a482928
Value: 19ff7e6c-480a-4e61-95dc-83628b0994c8
.spotim.market/ Name: a309017
Value: 58bdd5a7-f192-4e92-86a2-d24dd0e41542-6406983a-4a50
x01.aidata.io/ Name: adsnpr
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-575679b3-c0d2-4e16-9483-d85e06d0731f-004%22%2C%22nxtrdr%22%3Afalse%7D

11 Console Messages

Source Level URL
Text
javascript error URL: https://win2012r2.com/
Message:
Access to XMLHttpRequest at 'https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258' from origin 'https://win2012r2.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F0%2F10.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 459)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://match.prod.bidr.io/cookie-sync/aul
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=undefined
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://secure.adnxs.com/gdpr=0&https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6358988783605550458&expires=30
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=0fdd95ba7a4ee43a&name=OPENWEB
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://r4---sn-3pm76nes.c.2mdn.net/videoplayback/id/6c7178ecc84110fa/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709689786/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/201A7C4AFB0148AAD49E69BE0A25373FB8FE8BB0.2894ADCDAE52BC12C4034B7B55D991976FB769DA/key/cms1/cms_redirect/yes/mh/8v/mip/223.216.76.27/mm/42/mn/sn-3pm76nes/ms/onc/mt/1678153478/mv/m/mvi/4/pl/15?cpn=_HzJ0GiXfnE-Gaj0&file=file.mp4
Message:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.c.appier.net
a.sportradarserving.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.jp.ap.valuecommerce.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.themoneytizer.com
adsd-sync.amanad.adtdp.com
adservice.google.co.jp
adservice.google.com
adtrack.adleadevent.com
adx.adform.net
aid.send.microad.jp
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
api-2-0.spot.im
b1h.zemanta.com
b1sync.zemanta.com
beacon-nf.rubiconproject.com
beacon-sjc2.rubiconproject.com
bid.g.doubleclick.net
bid.missena.io
bidder.criteo.com
bttrack.com
c.bing.com
c.eu1.dyntrk.com
c.tmyzer.com
c1.adform.net
c2shb.pubgw.yahoo.com
cache.betweendigital.com
cdn.connectad.io
cdn.doubleverify.com
cdn.flashtalking.com
cdnjs.cloudflare.com
ced.sascdn.com
chat.missena.io
cm-supply-web.gammaplatform.com
cm.adform.net
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
contextual.media.net
cr-p1.ladsp.com
cr-p10.ladsp.com
creativecdn.com
cs.adingo.jp
cs.admanmedia.com
cs.media.net
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d.agkn.com
d.vidoomy.com
d2zur9cc2gf1tx.cloudfront.net
d9.flashtalking.com
dclk-match.dotomi.com
dis.criteo.com
dps.jp.cinarra.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
eus.rubiconproject.com
events.missena.io
fastlane.rubiconproject.com
fksnk.com
fo-api.omnitagjs.com
fo-ssp-us-west-2.omnitagjs.com
fo-static.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
i.imgvc.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
ipac.ctnsnet.com
itx4.smartadserver.com
kvt.sddan.com
lb.eu-1-id5-sync.com
m.media-amazon.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mp.4dex.io
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
post.update.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
r.turn.com
r4---sn-3pm76nes.c.2mdn.net
rtb-csync.smartadserver.com
rtb.openx.net
rtb0.doubleverify.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s-cs.send.microad.jp
s.amazon-adsystem.com
s.cpx.to
s.seedtag.com
s.spotim.market
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s3-eu-west-1.amazonaws.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.flashtalking.com
secure.quantserve.com
servedby.flashtalking.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
sp.gmossp-sp.jp
spl.zeotap.com
srv.imonomy.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.e-volution.ai
sync.ipredictive.com
sync.mathtag.com
sync.missena.io
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tag.imonomy.com
tag.leadplace.fr
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
track.adform.net
tracking-us-west-2.omnitagjs.com
u.4dex.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
usersync.gumgum.com
vid.vidoomy.com
visitor-fra02.omnitagjs.com
visitor-us-west-2.omnitagjs.com
visitor.omnitagjs.com
win2012r2.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
www14.a8.net
www28.a8.net
x.bidswitch.net
x01.aidata.io
ads.themoneytizer.com
c1.adform.net
csync.loopme.me
spl.zeotap.com
t.adx.opera.com
103.229.10.180
103.229.205.242
103.231.99.242
103.231.99.243
103.231.99.80
103.231.99.81
103.43.90.19
103.43.90.21
103.71.26.126
104.17.25.14
104.18.2.114
104.18.25.173
104.22.24.207
104.26.9.169
104.45.178.220
108.177.97.154
109.206.161.21
119.9.108.180
13.107.42.14
13.115.111.66
13.115.212.37
13.115.236.196
13.227.62.95
13.249.167.35
13.250.173.68
13.32.54.58
141.226.231.48
141.95.33.111
142.250.126.120
142.250.199.106
142.250.206.226
142.250.207.2
142.250.207.8
142.250.76.138
142.251.222.2
142.251.222.34
142.251.222.36
142.251.42.138
142.251.42.166
142.251.42.195
142.251.42.206
145.239.193.51
145.40.73.5
145.40.89.200
151.101.129.108
151.101.2.49
158.69.73.116
159.69.59.100
162.19.138.82
162.19.80.92
162.55.236.224
172.105.213.147
172.105.221.29
172.217.161.194
172.217.161.206
172.217.175.67
172.217.26.226
172.217.31.161
172.67.10.198
172.67.13.182
172.67.8.174
174.137.133.49
18.136.64.139
18.138.24.162
18.142.83.213
18.177.128.158
18.182.162.20
18.65.168.114
18.65.178.128
18.65.185.85
18.65.202.64
182.161.74.1
182.161.74.11
182.161.74.16
182.161.74.18
184.26.240.67
185.183.112.155
185.184.8.90
185.255.84.152
185.84.60.21
185.86.139.59
185.86.139.95
193.232.150.70
194.226.130.229
202.233.84.1
202.233.84.8
202.241.208.100
203.195.121.141
204.79.197.200
205.185.216.10
208.115.232.150
209.191.163.208
209.54.182.161
210.152.186.220
213.180.204.90
213.19.162.90
216.58.220.130
220.150.223.50
220.150.223.52
23.10.15.149
23.10.7.250
23.106.127.164
23.106.127.165
23.106.127.52
23.108.103.8
23.206.250.58
23.206.250.88
23.219.68.21
23.227.139.243
23.227.151.202
23.33.33.211
23.44.52.240
23.45.56.56
23.60.108.29
23.62.106.35
23.90.68.235
3.1.224.55
3.223.190.35
31.172.81.159
31.220.27.155
34.111.113.62
34.111.79.67
34.117.157.22
34.126.167.117
34.149.40.38
34.149.43.113
34.149.50.64
34.192.34.224
35.186.193.173
35.190.60.146
35.201.98.24
35.213.12.39
35.213.93.179
35.227.252.103
35.71.178.8
35.73.33.172
37.157.6.248
37.157.6.252
44.194.172.170
44.229.137.213
49.212.180.105
50.116.239.135
51.158.29.13
51.79.234.101
52.17.230.219
52.193.212.189
52.199.19.194
52.199.221.43
52.220.229.2
52.221.107.162
52.223.40.198
52.29.235.130
52.30.197.119
52.45.175.185
52.5.142.231
52.74.13.196
52.76.3.9
52.92.17.208
54.170.157.123
54.238.120.71
54.239.33.159
54.251.27.11
54.254.58.46
54.38.64.100
54.65.69.105
62.33.236.19
64.202.112.63
64.38.119.27
64.74.236.63
65.9.42.11
69.173.158.64
69.173.158.65
69.173.158.68
69.174.120.108
74.125.106.73
8.2.110.114
8.39.36.164
80.77.87.166
89.108.120.76
89.187.160.30
89.187.160.31
89.207.22.140
98.98.134.242
99.84.140.125
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00c52bee8e18843fc615f12e24cfa15a163e9534f26cb2b1937028018de1d96c
00fa6120b93d9ccea850096a871bb3cc7ce0555297b2a5819ae1902e5c87041b
02e77cd454c82ffe01aa74b1e3f3b5c9cc08aa0eb5c8d7feb6b0c21ea77061f6
03d9196c5bb20ddd14f858687cc827133dfb110401d678b90fbacf02c9e26f9a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0553908ed23b6f479104f6c06a6119ae89aafb26085c5bae840faa7948a56a84
05559c248e6d90687ec1638e62d9a1d7d0dbd3e2def71592399cc604f3c3f509
06667cae2685ec6e4631c9020e0e05b99539cf738d48328efe2e19911fbbc30a
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0187c14496be0a2d576250a28683921ce699e78fd4f19c7dd3fbfcd5df4fae
0e2ef69c9890adc07dc34b84ec44ba641bf9e4c3256b3d2857ffe3f465e3f9fe
0f31e2d59cceb2ccbcdd21a9a9c15a2b3c73b040c438262f251a679c124c0721
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
107ae395415625135f529e5749bca7121ebbc29c2050207875e4b39fa35d4b37
11aa7183f02f41e189acb90aed9cf3d3758513016b3779be9661244dcf0a3981
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135b3a640261ceafd61a259c1d282dfafb41ab8f81e7dd6b81b578b69aa09efc
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18de5845c0dfe60bc8a3622a87ebb2f4b01236237d79d0f62c09f9b0c55ad288
193d037de227652528ba8abf818aadb6c4f6ec44399af44f67bd12e914b43d64
1b5e9755b9547326c6bf45e3bc2407bdc27d1939ef96a8d37ade52bde364a273
1c738080dd48220771209cda973d4c909a055e3e2006691a5581d1325f81c614
1caefa38ab700dc4ae5279c482a22eff1ca626d325dc4bea94a6c8ff01890c63
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1d12c59a2e66479798c665a383be7a0e7dd03637ea4fad4011286cf822c0d40b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
1e13ea1327e676b3f97384666a2834444a826a5507a9e54ce6992b5b57ba9cbd
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a
2218c3ab5ba3a95c5cf8f5ba21269a2236aff62cc9a736681e26fdfb2ea48af2
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
23da0c46c80e33527eebf3ca1402f906bfc80806ce83de477c262114afc4a0ba
249ac2aee2d3061e6a34afba8abda50425dcf2b0bc7692065bf6307d1c70d982
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
269f504a8f26cc349d532f359af4fe6ccf8788963f2c902ced82755dca743543
2717805b5508a66115f7cca94821e386db439668fd909b6fd3318a8829c09978
2793a7736c4421efb5ec1f639c9b19a081a6b7a91097d4459149fab67c47b9ae
29f46eaa508c2dd91918388bebf8ccb6ebbfb7acefe4b83e1f1eaae02ec32838
29f668612604b18e636987b3bf1c286fb5470c1c164cb8e0b031529f5f161abc
2a6419cb380a2538694df6c3d119c8324bab120b62f4c340adfa5adf9b32fc37
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab29b642fc6d37e0112f8716d4c4ea067e2552c7698f10192ba7e5ac6ce67e3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b554cebbc01cc56c2a989ba67a4b2def1bf38195d98ce2cecf5b58e92d376dd
2ca1e6a629f1fccf27efc1dd88e8916ec11f43f5f7f48408ba56b3cbc5b3e682
2de97ac8028d131c329657a3b31fb2287e3b4cf0958b8bb813e6bfef3baa83af
2f244986cbced340b386f365a382f0d41f1dd2753b22a3e93dd98af34d8e1551
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3041703924c90e1bed8f34144d43e86bb374609a0e746ace3fa4c4a946b3e787
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c95f6742b44027bd8115dc199b6131d8a938e1be10abbb7ac8bdb0f25f03c3
35407b5004309de20a4856ff8b037c17bca14d45d7be20283a12edef87496f46
3572a010b52464fd20bcf4e411a3c6565f5d0eba9414200bb93d797d9866bb65
3671e6900c159955d63576b8a35ef0011b79382c9d5dcc539361d2659ba9e766
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3798d91a52821f038db87bf0b13e8cb89c1621a9ae179bba739995bd15cd8c55
39d0503278a91ab7a2e95178c369dbdee5918ffdc1c0a292b15c364c23366676
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
3b62c3a6ddf8c5ca6ec5b65e859577d6298ff1eb69eeec422113cc3e714415af
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d577b4b71e11103521a967b505d690ce5b5d0435a61b24cf25ff009ded3b763
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
41420ef7a3ade6dc6163bc626053ca69ebf46d390e77b6dae0b911b9ff7fd9db
4287f33176bce35e77b81e3a822b410dfa99490380a0d034b57383445cdf56b6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
46c7c6094145d8a096060898c054f2a3f14c712b577ca9401b34ccc07f8940ae
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
472bc60688b40262aec022e2a5b9fe8bcf6b7052a77d78326cd99aacb0377a98
481ccb802aabe8d69eb7da4a7a9763f89b2e55f33f63a033aa90b772ea4bfae0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
48b795b64d2d1ada005c2110016af0c5ad5409343d2df62ad5e6ac86a66a1bf3
495998a2923b3907c04b4ae9ad1c088badf029104c91dbb40bbfa48e0c520a32
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee5f61a0845e09676082f22f3b51bee949ac1b7bb36f8151e8ea086edf16fb4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f54637ce1614d87f3454a8f1fcb352391468f2271efe8ccc18cd553465d0e19
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505b274087b2e56ea346ddb01f869049b6601ca0f5638891ef824158351523f3
52f1d8b93a0db657486a481493bb1c0b6944e15f4b451692d3dbec042a419521
53f00ffa5708e1e6017271d794ee7dabe8f6cd21ff80392575af7895b0593271
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568bc60ae6c219c8ff470add5993d417fe35eceb6d3ee839389257b4c911f307
56f998f58e88c1ff0617c4f0dbca8df3199540d7a7fc4814d9080d59033c1aae
5971a5d81647b4a74c7a3899761b71c142586067dd0d29d5fb009b34ad752b25
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59c7d9f6411c0c9b8393724d683dd526523bc8c7beabfa3db2504604faecb508
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923
5e717a37350f710e86b733cad36803b13ff9625ab65523bb8a295482c6e86602
5ed00e5552aaa4690e24a51ec3ac0ede76e19008e675ea85ef4bcf93c6bf56f9
5f3ce4cf85e75c13da918e05577691c3e3d971f273c5b4f3648d7f2878925951
5f686a9634db75a00a92d7e854b6e8589b62598f05b972c577267ccfd53f53ba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
63359089875e34d3768ae1431fed33d68d90d3fe8c8fd28050d3f80c050e8e62
64c4300bf46d8bb268ae4fe8026d464ffdf7e175cfa487250f234aca7faa174c
64db10e0b7d69e7e09ff74743f0259a765585a8967531af4daeb40d258e5bd8b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66d6818017cedc0ba60ab4c12e31e9b4d3014e7989c4c4be89efaf5b0d6cd640
6793ad5b96a05b72150feb11769fcb49a92b244f92d37d666c253614041cb004
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6aac539047711f7990c266f2787c69ecbec346c7d8e7207d2d3c95d6deb45281
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
706e4d8669d29a9e13cfb13a59b6c1341ec80a08c9c10eaa465756366006f327
70cb3ad488703f463eac4a271284d7f3731a96ae478159149867a2ec1e5d7010
70f486d0e03fb30957afc787b028bffb4429c8f37153314ed1a3e2ea716b226e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73607ffdbfe216ea8008cc8d16df159a6f6deafe568bc5d29ed1addfecba124a
740afd6bd16a122ce48e2836117cba1a912ffbd2e1f9e1fefb46dc27504e2362
77d0112eb77b4d93a2999e9bef6f74751472194caee7b45ce4f6a14d95dfd929
77d0e22933dcf5e75373c7417aa5206ee30eb99048881409ab1cbb0f494387d2
79acf10f7d6c86166be06bed49f20fa283015eb981af4b0e45871d7069f48de5
7a3ad20597f3eba4467588004312fcf48919a007b4dd46f8f02416529177d17e
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
841c464534a101e2244f222ad3ec34e68ab681bdf0a2f76d6e3f93cada280833
84bc77202880b6c1adfd8768115613e76ea262daedfd2b3faffd386f02904f7f
851a3b54ab6378ac9fc94bc97231768d2ffe8aab85e8b32036ecd182a447ba18
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
872ecdbd69008948e80bb8487b920b1e01c7fcd8beefcf302fddc7723fbe820e
87b2150756c72e799ce6743c4dccf66b16d7edc967a2e724c710c6f8d843c3cd
8839432fd7bbb63cd88e7a4e45ac8390ef47f88db106149a0e1ec13e71de2a8b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b837d9bb2a8d5a7120a626dfc4ad7cab059d34747a102ec0948a3fabc349b09
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
8c0df8591d96be7b5e74924bfa549d5ece5a65717469a14ac7dcdcfb8572af9c
8cc63bbc0909c61913044fcb995664904cf4f4fdbd91853ea3a4c58a810d93bc
8ce1372a09486ff8cbba844e8f1f973a8783b5d36c20c5bcdd5a0c7ba95f1e16
8e396e2669726bd2ad9e08c1728ec4dae1f1eaa31a8adbf85efe8015367dc2a2
8e6aa90d8bdfba8c5215ef961567b68841fce33ca8c9937ee092bf07bd388635
90bcf964eccf69e68420c35e7120f9f38896ce99896314a84e9be0fedeae2106
930a0e92737bce95c64ab5f3a1c87ae3652e434e609f09b0f63c2df96f0ae046
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
9553c27c85509d3367c6988288eeda65d2dee38656f5345ef4bb8a492f977312
97323dde5928ff80853be723353d13adc90f6ce5fd0b28c0f9e7e58f9b997847
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
993d56622689e36785bbd1ede682348e885732874d3ec16ed637829bb8370983
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab2020dab16b882c3a205ceb9baf3c838923a07dc87a04fe6d8151e02ea64df
9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0
9e9716667eaad14aac31c6e12d94b20670f91df23c3b0b84dfbbea00124eb3ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d4c99d9d9de256fa5e7c72831cead0398bd7599e3669a013a158fd29ed20b0
a2172cdf2408dd9eb7993ac8bc01508fe43164d7ebdb4817d031ec335f6c5827
a28216b5a7d4691697d7bc0c97a8a4e5406e77422d6cb1370e92948ae70c108f
a372b676d0bff01d23b5dc12a7967d08eb423598a69e5253364c58792adfe2af
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a527db552c44a4b096b0bfc58532bfcecafcb6e3959e70b51933eeb969d19066
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6
aa512f97178d2c7d30ce3d246a251c9a55392ca61a8a953af4186a75cb31a51e
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ad0308a16fbf91edefc87db7433a9ee0016c453d0ab1a070fa657d86aab85396
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aef69fbc22d6dee0de5f316a0107336a346fc0c15fbdf2c00752d37d177bc7b5
af8dbcefbaace4d4a2cda5ef51061d1c07cdcfe5114eaeedc8be6b5a5175b91c
afa9c32be463f8f904da58a52ffdd8e60d68273959cae633bd89efbb27fa5b64
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b24263ada9e275545cc5f8774cd5b9463c1fc0d001be524364294a55958f21d1
b31e8bf31360e5a600e94f60971045ba72dc970a440d23d68b6f1942961ec4e1
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5451e775ea83d981789fed51393af23d2a7182da33ecf20619c8e5b2b7ff54f
b6b24af40c417032fe9a1b411ef89871afd6d0d37099ac62be0ff7222eec75cc
b8252beb593c6165be399c340b5f424fa731f3c671037b3c2a5bb9490ef0235a
b82aafb909b90e68b153d39f27ec02f3c0b23ef6a625c1473daa906b367e07e1
b8b0db583acb8255792448212abc01984bed38a2799697ef8b9b09d410b283d0
ba24954758e0a0f6aabe8e5953882fd731597f1bd7fd24912f4bd1f2f2ac7151
bac07df2fdaa2cd30ebd88974bca8d5bcc267d957d71afce1db7eb26b6e0f0e0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc435eb5276db5f823c6792fb9eca869986230a0239b35cd7570b06df829678f
bccf82d43a087f44f18f52a191ab456f4186e4477617fdf09c6b66e3d4470d57
bd232a4b3fec5ca53ecf012406703896fa19f06940a64e4e3fd6728194bb198d
bd6e129e512ddd32dadd6ba493c955d0dd21c2656b469ac1b22bc6eda71754ff
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4e60cd83cedbdbb28a508563eced58dfd9090488180396eeeb0aacaa5131866
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa
c5a988db9f5c8819dfc6d28a01b5172c18ee1638dbfedfde0964e538cd0a9a84
c63e5d0401f888f71163dbb7dac4acd98b10da77d6eab82937adfe1776afe9f3
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c835c89d3368385afcb3f8bc97e31bd0878b329446a8e6c29503023c818c488c
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cb7855254c5dc035b96e46edd2c0986e23dab15c038c02c02854e6ceba5e11a6
ccc90e84c1edafc202c26371dec791ae548efed7007f434adaece90c508a0506
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1a405fbaabdea61f0df360454fa9789c73bf7a37ff67c91088ded727899aaaf
d1c28684c1127f23c6f51ea550fc7878d6e39500ea959250df8247b6799222c2
d1d9d67e6333d7eaf791aee73c45d90ebd213f75a7f835bc1fcddc15cca956c2
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d3af9980d9ee91744cc9f2499d8e6410ee7ccde0d79b6a9e8e626b0897ecac7f
d4483dbd2f64525c66022a32c443c31fcc0ab3b7e4cfa873914e0f48903fcd0e
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d66d1e18d22f12f43a47d8a64ac6d0d67b1f735a9fd3a2ba1216a5602850ed64
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d0671c452bf0fde3ea053e6080c324d1f0a80d211434d821617cbbd2c0cf18
d852f288928e0405b356ad46aca6b9d48f2dbe9634b78aa19f7c83487f9f6849
d90eeab1a8e295fbabf39a603f4508f0646ebd427ab37aed367fa91d1c32e21f
d938b206ce5406bd4d7f8e0a3071e940ce46f8252fbdf935aacb0795cda147b0
da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
dce792814c67bc03cf20b5bb4bf6d317f052add475115e305f0c0924df4ad9f0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df5ac756e2d00b540041f43b21b1849ef6bbb8fff0a0713f3d916f7fe34537be
e07cab4d08ee6e89f8332ac2c7cbc3155ffb2b68d0fe8d4563cb1208c4ae4c01
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e21e901c6a122ee597bd8c9c7c91596e7b8091d4632e41faadcc13c9ecb16aef
e26414960308896fb2016762b5ef96f2e0647f74991d06ebdbd110dd5d857b68
e2ef715665d8210e998e03cb3f1a4357589a49ac7dec42a3513712e8722f7318
e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e51eae5200b5dfba264665a40880e4c2063984f002d00942c77b1b16a718bd3f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6f29a4dd4eea310a6b1a206fa1228f50ed9bd2ea5fda3484bec68c16fe4ddbf
e70ccc38bf898b1817805bd8def4cf0eae93857e93472955187168ba534d319e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ebd85d60de17217f4afb39147b4979cf5ae69f3d9be4725e112b19dd23422e64
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee0d4548f200c2385c845b851da278c193f3cf90a8ce63f7ee8483fb8f79959e
ee2abe6878264e506bff65fdaf8c2432def2440141d783fec3366529650647cd
ee50aa23b033c69ad2cfb3615243795b2b63ed690e788ccf2512c1eeb8a26b00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e0a0c832bb6478bcc7857dbb9c656f7ea8bcc894f427d6edede91e7b6dd6f
f00746dabe8d2f4aca525916be2108075d91d89346b8030ee3947561af90897d
f257cafc900365b71fadba8fc7df0544a501a135b711e2b5d0c74b8689a6757e
f2deef450997edbab9c5766cd19c5a92fab6ad60764cff1e8661f12c87b4e186
f32defa557ae9e3be6dfae8d2f154da0f94eccd13a4fccb8ed8bb6730e578468
f335bf00b9909be022423d5feb6fb1963c940802e6afb3a6e4a3b1ddd29e4abb
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f79678e49957fc03ab94f8c95eaa240ad2fc3ff9235f1d78837b287d219f57dc
f7cea32499cc55e5232ec287c438644afef28297f4248958ee32906dd34ae5f8
fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223
fc88f460ed210bdc5f2535b36ba1a6aa3d84ed621dabab776abcb14ca3440753
fd728b900dde23bf38b8d2d54ee07916b93fa677f448be11d65c9aaa043286d3