points-pay.com Open in urlscan Pro
183.90.240.5 Public Scan

Software

cafe /

Resource Hash

054ddfc88afa04c0a4ac6bea6f1b6f07afea3b283f8680e21798318d1003888e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51265
x-xss-protection: 0
server: cafe
etag: 11455561638679795152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 977 KB
268 KB 451ms
60ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:100,200,300,400,500,600,700,800,900

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f10.1e100.net

Software

ESF /

Resource Hash

c968daadf3b8fdd5db40b375544d689a7f56a1c8bf3cf2a8fb189a4113f92d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 21:31:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:49 GMT

GET
H2 200 style.min.css
points-pay.com/wp-content/themes/the-thor/ 170 KB
28 KB 46ms
44ms Stylesheet
text/css 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor/style.min.css
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: c248960d14061958c1f810733cbc9b86256320cc28faa6abd9e1e3f23357fd82

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
etag: W/"2a6ef-5f9fedc1394ed"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 407ms
20ms Script
text/javascript 172.217.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 11:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 11:33:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 435ms
64ms Script
application/javascript 142.251.42.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-133825760-2

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b7dcdfe980a49f5313ed3160d4c13e8197f57a5c669081d547a9f39853cdb9ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66688
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 21:09:17 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Aug 2023 23:10:50 GMT

GET
H2 200 vcdal.js Show response
aml.valuecommerce.com/ 34 KB
35 KB 382ms
32ms Script
application/javascript 143.204.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aml.valuecommerce.com/vcdal.js
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-129.nrt12.r.cloudfront.net
Software: UploadServer /
Resource Hash: 6c588aa6f9d444b6f2c7804c090846197f2d66280471c9677ee6779c90cd4a2b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:08:10 GMT
via: 1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
age: 159
x-guploader-uploadid: ADPycdttFUGOrfzzcRyawZiBNl5QGdymlefunfxq6xfsDNfmtzCQ-XszmQKV6JOw5LKNldVWr2EvFtxuGIaZhvV94nfxr9rYr5Fc
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35074
last-modified: Mon, 17 Jan 2022 07:06:41 GMT
server: UploadServer
etag: "681c1b1ecd9c2e0dd35da7c074214531"
vary: Accept-Encoding
x-goog-hash: crc32c=2VymBw==, md5=aBwbHs2cLg3TXafAdCFFMQ==
x-goog-generation: 1642403201413885
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 35074
accept-ranges: bytes
x-amz-cf-id: F9syUw7fFNNFT0wUh5-KP9ZHExsm1-BnV0lSgHfJVVrKVaJdfX-nbg==
expires: Wed, 16 Aug 2023 23:13:10 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 375ms
16ms Script
text/html 212.102.50.12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.12 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 422668507.tyo.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-nzt: AdRmMgrUbpv/ra0AAA
x-accel-expires: @1692787788
date: Wed, 16 Aug 2023 23:10:49 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: db6831196c1046d47957dd645e096117
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 44461
x-accel-date: 1692182988

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 90 KB
16 KB 382ms
24ms Script
text/html 212.102.50.12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.12 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 422668507.tyo.cdn77.com
Software: CDN77-Turbo /
Resource Hash: c0a0262ac31e050783ee7e8f7acb9aaec71af4fd1667d420524f37c7ac63a454

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-nzt: AdRmMgp7sR//l6wAAA
x-accel-expires: @1692788066
date: Wed, 16 Aug 2023 23:10:49 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: db6831196c1046d47957dd647f306717
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 44183
x-accel-date: 1692183266

GET
H2 200 391ea000ac4673a89b7dc562347de185.png
points-pay.com/wp-content/uploads/2020/06/ 50 KB
50 KB 53ms
51ms Image
image/png 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-content/uploads/2020/06/391ea000ac4673a89b7dc562347de185.png
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: b83ed657c8b356ab3877f2baa7a850346a841bca127f1bd4c045e0d0131f0138

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Fri, 12 Jun 2020 15:46:30 GMT
server: nginx
accept-ranges: bytes
etag: "c73a-5a7e4fb1c67d3"
content-length: 51002
content-type: image/png

GET
H2 200 dummy.gif
points-pay.com/wp-content/themes/the-thor/img/ 462 B
596 B 53ms
52ms Image
image/gif 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-content/themes/the-thor/img/dummy.gif
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: a3b8bd5090982564613967ee6ee5b7458f0e704ba1dd7c1540352f75dd6141bf

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
accept-ranges: bytes
etag: "1ce-5f9fedc114ee6"
content-length: 462
content-type: image/gif

GET
H2 200 icons.css
points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 37 KB
9 KB 27ms
27ms Stylesheet
text/css 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 0c087c3e6882fae966a431bb979d17bf8af58ce38101213a5eafa6c10bf7e0ac

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Tue, 01 Aug 2023 02:10:46 GMT
server: nginx
etag: W/"9273-601d30e19e3bc"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 shortcodes.css
points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 44 KB
9 KB 28ms
27ms Stylesheet
text/css 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.13.2
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Tue, 01 Aug 2023 02:10:46 GMT
server: nginx
etag: W/"b1e3-601d30e19e3bc"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 thickbox.js Show response
points-pay.com/wp-includes/js/thickbox/ 13 KB
4 KB 28ms
26ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Mon, 07 Nov 2022 16:13:15 GMT
server: nginx
etag: W/"33ba-5ece3b370548b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
points-pay.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 54ms
52ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Mon, 07 Aug 2023 06:04:23 GMT
server: nginx
etag: W/"2a12-6024f049c7b3b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
points-pay.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 50ms
48ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Mon, 07 Aug 2023 06:04:23 GMT
server: nginx
etag: W/"328f-6024f049c7b3b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 e-202333.js Show response
stats.wp.com/ 7 KB
3 KB 89ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202333.js
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT nrt
date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684465049230.6233
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 12 Aug 2024 06:28:48 GMT

GET
H2 200 ads.js Show response
points-pay.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 564 B
706 B 50ms
48ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.73
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 807ed4ca4c6a8566827bc04a5ec021855a34fb36baf5d724635034952b1c490c

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Mon, 17 Jul 2023 04:26:00 GMT
server: nginx
accept-ranges: bytes
etag: "234-600a73216c1ce"
content-length: 564
content-type: application/javascript

GET
H2 200 index.js Show response
points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 15 KB
5 KB 54ms
52ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=5.13.2
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: a14d7aa713df1750803daa3bf7d7449b982797e66ad0be8ca78c2a1721aaab43

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Tue, 01 Aug 2023 02:10:46 GMT
server: nginx
etag: W/"3da1-601d30e19e3bc"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 smoothlink.min.js Show response
points-pay.com/wp-content/themes/the-thor/js/ 762 B
905 B 53ms
52ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor/js/smoothlink.min.js?ver=6.3
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 84d790bfb606ec0859a07b0966783b723a99a11500ec59b7444645b4882fed62

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
accept-ranges: bytes
etag: "2fa-5f9fedc136225"
content-length: 762
content-type: application/javascript

GET
H2 200 fit-sidebar.min.js Show response
points-pay.com/wp-content/themes/the-thor/js/ 3 KB
1 KB 76ms
75ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor/js/fit-sidebar.min.js?ver=6.3
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 479829330f0b859d72e818b8c07641091f7abe3d1b5ffb26581a0e18b28f6874

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
etag: W/"a33-5f9fedc134ab5"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 layzr.min.js Show response
points-pay.com/wp-content/themes/the-thor/js/ 3 KB
1 KB 75ms
74ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor/js/layzr.min.js?ver=6.3
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 4303e07273d0acff2ee4c976af29ab2f2c8f6320d41bf0ddf4cb6f7068d44dc8

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
etag: W/"aaa-5f9fedc13566d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 offline.min.js Show response
points-pay.com/wp-content/themes/the-thor/js/ 88 B
229 B 53ms
52ms Script
application/javascript 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor/js/offline.min.js?ver=6.3
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: c271a615ac35fe45ae21ae6089de9c2b44390eef017b63295e194676fb8a1732

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
accept-ranges: bytes
etag: "58-5f9fedc135a55"
content-length: 88
content-type: application/javascript

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/ Frame 10BB 10 KB
5 KB 389ms
15ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 84097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 23:49:13 GMT
etag: 13776922816869014096
expires: Tue, 29 Aug 2023 23:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 369ms
25ms Script
application/javascript 143.204.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46e88e046c7b0280977db49b01afb130893a58e4be04ecbbdf641b71c479076c

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:09:54 GMT
content-encoding: br
via: 1.1 3fa2b0ecfcbadde1c11e5ba46e1b6308.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 23:42:39 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 56
x-amz-server-side-encryption: AES256
etag: W/"01b6c6a58ccc382e297b2a5b1aecdf2b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ca59_kcjHezBDwhEo2DKsF77RTrFHqSexnSW9YRlWbIAo-0AWU1eQg==

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 369 KB
125 KB 136ms
136ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddce356d773febe370227349fd77e9052769bee135e775dd146047934bd8fdc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128199
x-xss-protection: 0
server: cafe
etag: 16080614284206377645
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:49 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 1061ms
508ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=113011&f=6&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
server: nginx
x-iplb-request-id: 99F0AE85:9926_36264064:01BB_64DD577A_670E6D0:162F3
x-iplb-instance: 38442
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
793 B 20ms
19ms Script
application/javascript 212.102.50.12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.12 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 422668507.tyo.cdn77.com
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 44459
x-accel-date: 1692182990
x-77-nzt: AdRmMgr86Vj/q60AAA
pragma: public
x-accel-expires: @1692269390
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: db6831196c1046d47957dd6414c92926
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Thu, 17 Aug 2023 10:49:50 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 110 KB
37 KB 86ms
33ms Script
application/javascript 23.56.227.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.227.71 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-56-227-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c0df6138992189efffefdbe9173df743253fecb3f07ffeae59a5296597680667

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37188
Expires: Thu, 17 Aug 2023 01:10:49 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
306 B 364ms
21ms Script
text/javascript 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 180199
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 385ms
33ms Script
application/javascript 104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains; preload
age: 5568
cf-polished: origSize=62056
cf-bgj: minify
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://gameisbest.jp
cache-control: public, max-age=21600
access-control-allow-credentials: true
cf-ray: 7f7d5a5a786ef5f5-NRT
access-control-allow-headers: *
expires: Thu, 17 Aug 2023 03:38:02 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 1123ms
262ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:50 GMT
Last-Modified: Thu, 07 Oct 2021 11:26:48 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: 99F0AE85:992A_91EFC0A6:01BB_64DD577A_2C978AFD:1A293
ETag: "615ed978-15ab"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame BF2D 4 KB
2 KB 1078ms
531ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

783aca8367873b850449216ba8a843539c270a2b8105eb37c4f88b6460d3a6c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1376
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 677ms
154ms Script
application/javascript 103.229.10.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 23 Aug 2023 23:10:50 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12762/ 4 KB
2 KB 745ms
245ms Script
application/javascript 54.229.255.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12762/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.255.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-255-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f9feb0d6627eee56ce4fea329b9318cb672972595debe6452991cbad5e0c6bd9

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
content-encoding: gzip
cache-control: max-age=2419200, public
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 97ms
22ms Script
text/javascript 65.9.37.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.37.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-37-94.nrt12.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 16:07:17 GMT
Via: 1.1 f9a6fbdc46b65c8be9b0284d9b2a6634.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: NRT12-C5
Age: 25412
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: aYff2ZyTNc3ubqMmiu_ogE-5vHtbZRea88fDiGyLS50Tf9-lftOTHg==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid8_6/build/dist/ 554 KB
180 KB 29ms
29ms Script
application/javascript 212.102.50.12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.12 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 422668507.tyo.cdn77.com
Software: CDN77-Turbo /
Resource Hash: a61e7d1e8802479df737a19888beab540ba1985cb8ae548472bfc5c68057d495

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 44459
x-accel-date: 1692182990
x-77-nzt: AdRmMgrYg+j/q60AAA
pragma: public
x-accel-expires: @1692269390
last-modified: Wed, 02 Aug 2023 20:11:46 GMT
server: CDN77-Turbo
x-77-nzt-ray: db6831196c1046d47957dd6447d8c126
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Thu, 17 Aug 2023 10:49:50 GMT

GET
H2 200 icon.min.css
points-pay.com/wp-content/themes/the-thor/css/ 19 KB
4 KB 45ms
44ms Stylesheet
text/css 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor/css/icon.min.css
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: deaf99307fc761411ba8dbe7dbf8cef6c180e95160c7e35d139ca740037b0a14

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
etag: W/"4c5a-5f9fedc112fa6"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 4 KB
544 B 57ms
56ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ecab19181cc1d7980c6b9eb7a269182b3da33a563686e861322920e427d06e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 23:01:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
584 B 93ms
92ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c49d86e59d9e270c849e4f402f809b8cd80c49fba704ccbc843ffb1b31a69fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 21:54:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:49 GMT

GET
H2 200 style-user.css
points-pay.com/wp-content/themes/the-thor-child/ 0
120 B 44ms
43ms Stylesheet
text/css 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor-child/style-user.css?1583607807
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Sat, 07 Mar 2020 19:03:27 GMT
server: nginx
accept-ranges: bytes
etag: "0-5a0486cd8f025"
content-length: 0
content-type: text/css

GET
H2 200 forkawesome-webfont.woff2
points-pay.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 107 KB
108 KB 43ms
43ms Font
application/octet-stream 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by: Host: points-pay.com
URL: https://points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer: https://points-pay.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Origin: https://points-pay.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Tue, 01 Aug 2023 02:10:46 GMT
server: nginx
accept-ranges: bytes
etag: "1ad5c-601d30e1a129c"
content-length: 109916

GET
H2 200 icomoon.ttf
points-pay.com/wp-content/themes/the-thor/fonts/ 103 KB
50 KB 28ms
27ms Font
application/font-sfnt 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://points-pay.com/wp-content/themes/the-thor/fonts/icomoon.ttf?cyzug3
Requested by: Host: points-pay.com
URL: https://points-pay.com/wp-content/themes/the-thor/css/icon.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 77c0b6ba36b62072af6e27681d431fbd6a6f5fcfe4e8fd79371964bc13f96d68

Request headers

Referer: https://points-pay.com/wp-content/themes/the-thor/css/icon.min.css
Origin: https://points-pay.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 11:04:52 GMT
server: nginx
etag: W/"19b9c-5f9fedc11432e"
vary: Accept-Encoding
content-type: application/font-sfnt

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 399ms
21ms Font
font/woff2 142.251.42.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.195 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://points-pay.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 12:13:10 GMT
x-content-type-options: nosniff
age: 39460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 12:13:10 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 409ms
33ms Font
font/woff2 142.251.42.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.195 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://points-pay.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 21:45:07 GMT
x-content-type-options: nosniff
age: 350743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 21:45:07 GMT

GET
H2 200 Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 44 KB
44 KB 350ms
24ms Font
font/woff2 142.251.42.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.195 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f10.1e100.net

Software

sffe /

Resource Hash

43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://points-pay.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:40:13 GMT
x-content-type-options: nosniff
age: 1837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44584
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:40:13 GMT

GET
H2 200 54425994a86fe4d78e86130d1e8587c5-375x210.jpeg
points-pay.com/wp-content/uploads/2023/06/ 12 KB
12 KB 26ms
25ms Image
image/jpeg 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-content/uploads/2023/06/54425994a86fe4d78e86130d1e8587c5-375x210.jpeg
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 252bcbcce3632ca7232ebfaaa89738f03dcb21264416ff7ce325b37009511501

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Tue, 01 Aug 2023 02:52:38 GMT
server: nginx
accept-ranges: bytes
etag: "2fe3-601d3a3cfdb6e"
content-length: 12259
content-type: image/jpeg

GET
H2 200 AdobeStock_277018214-1280x720.jpeg
points-pay.com/wp-content/uploads/2020/10/ 105 KB
106 KB 46ms
45ms Image
image/jpeg 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-content/uploads/2020/10/AdobeStock_277018214-1280x720.jpeg
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 66e204169512203cf4cf67e539c8216c32ab5c6a8de369a0108fe54de74d3cd9

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Thu, 15 Oct 2020 19:33:21 GMT
server: nginx
accept-ranges: bytes
etag: "1a544-5b1bab8815a0a"
content-length: 107844
content-type: image/jpeg

GET
H2 200 AdobeStock_277018214-768x432.jpeg
points-pay.com/wp-content/uploads/2020/10/ 56 KB
57 KB 52ms
52ms Image
image/jpeg 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-content/uploads/2020/10/AdobeStock_277018214-768x432.jpeg
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 3a2416661cbed4b7ac381d4ab8c3205bb63d525db4aa2e38ba370e336f7772c5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Thu, 15 Oct 2020 19:33:20 GMT
server: nginx
accept-ranges: bytes
etag: "e161-5b1bab87a552a"
content-length: 57697
content-type: image/jpeg

GET
H2 200 69a895ebe3970131484c4415bce4a692-375x250.jpeg
points-pay.com/wp-content/uploads/2022/11/ 17 KB
17 KB 45ms
44ms Image
image/jpeg 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-content/uploads/2022/11/69a895ebe3970131484c4415bce4a692-375x250.jpeg
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: c19f71059468565123de9027110dbcff1fa62e41d4dd558ccc5fb247beb41594

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Sun, 13 Nov 2022 18:27:39 GMT
server: nginx
accept-ranges: bytes
etag: "4232-5ed5e471e2bb0"
content-length: 16946
content-type: image/jpeg

GET
H2 200 9712a1ef65b0a5ed57f7db7302fe1aad-375x250.jpeg
points-pay.com/wp-content/uploads/2022/08/ 25 KB
26 KB 45ms
45ms Image
image/jpeg 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-content/uploads/2022/08/9712a1ef65b0a5ed57f7db7302fe1aad-375x250.jpeg
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: d0a3e471e91018996f1f7954cf88f6c87a2fa4ebe3d99569c134fdc64784b562

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Tue, 23 Aug 2022 17:02:03 GMT
server: nginx
accept-ranges: bytes
etag: "65eb-5e6eb86006f14"
content-length: 26091
content-type: image/jpeg

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 14ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=178777582&post=8806&tz=9&srv=points-pay.com&j=1%3A12.4&host=points-pay.com&ref=&fcp=1362&rand=0.43203418817173866
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Aug 2023 23:10:49 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 loadingAnimation.gif
points-pay.com/wp-includes/js/thickbox/ 15 KB
15 KB 37ms
37ms Image
image/gif 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://points-pay.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2204.xserver.jp
Software: nginx /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:49 GMT
last-modified: Wed, 13 Nov 2019 00:52:25 GMT
server: nginx
accept-ranges: bytes
etag: "3b86-5972fc735c440"
content-length: 15238
content-type: image/gif

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 13ms
13ms Script
text/javascript 172.217.175.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 12:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 12:13:14 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
44 KB 34ms
33ms Script
text/javascript 143.204.86.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-8.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e70200a467f4f91f09892f187585ec6cf3e9a547d6a7d0b777cb3d29b3fb1e9

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:50:32 GMT
content-encoding: br
via: 1.1 3fa2b0ecfcbadde1c11e5ba46e1b6308.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C2
age: 1218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 19 Jul 2023 15:20:44 GMT
server: AmazonS3
etag: W/"026eba20342f30aabe41750a59561693"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: o3SHG3UHDHoramHAXmGHLIkYcYAmyGD75RtmRaj7ZDd37mufgupqxQ==

GET
H/1.1 200
OK bf.png
a.imgvc.com/i/ 107 B
405 B 92ms
22ms Image
image/png 210.140.252.199
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.140.252.199 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 3eda6de66ef8a33e081bc600935aaef845576cb04a18ac6616e67aab4472832e

Request headers

Referer: https://points-pay.com/
Origin: https://points-pay.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Fri, 15 Aug 2025 23:10:50 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
920 B 1042ms
252ms XHR
application/x-javascript 52.49.119.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.119.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-119-245.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 23:10:50 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://points-pay.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 358ms
20ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpoints-pay.com%2F&domain=points-pay.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://points-pay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 16 Aug 2023 23:10:50 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 143478
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 370 B
672 B 13ms
13ms XHR
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpoints-pay.com%2F&domain=points-pay.com&cw=1&lsw=1&gdpr=0

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

d07478a56ddbd627e5931443f9f117f70d4891aee80107e25778bb3201e83d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 524434
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 134 B
542 B 1072ms
532ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 411ms
67ms Script
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:50 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 472292
ETag: W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP26XvGYqs6AsObMsrbSDPP3WeOOCYsKIILdoxQI%2Bib6dbb6n4YbLin9O7iy3%2BCO6Bl1iChnPISzdzb9Rj%2BIC4xKMdgPmbaaPAMJB0Og5Xi0GtxFaGIv5%2FT7%2BZ4%2FK6AZ"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7f7d5a5d5dcc20a7-NRT

GET
H/1.1

200

10.gif
id5-sync.com/c/12/10/0/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdp...
https://id5-sync.com/c/12/108/8/2.gif?puid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-d38apgEdASK1sgN1ridnbKoa2EzcTeUDgpkxTF5vUg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
https://id5-sync.com/c/12/3/7/3.gif?puid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/2/6/4.gif?puid=4025780564652432430&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
https://id5-sync.com/c/12/108/5/5.gif?puid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F4%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/12/112/4/6.gif?puid=D10C51BF7C1E2B3E&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F3%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/12/123/3/7.gif?puid=18a009dc333-735e0000010e52b9&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/2/8.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/19/2/8.gif?puid=ffba83607eb69056d3fa59813357800&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://id5-sync.com/k/155.gif?puid=AADsTE7Juq8AACWxR0r9_w&id5AccountNum=155&numCascadesAllowed=9
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F0%2F10.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/12/10/0/10.gif?puid=8985651341537093146&gdpr=0&gdpr_consent=

43 B
2 KB

267ms
266ms

Image
image/gif

162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/12/10/0/10.gif?puid=8985651341537093146&gdpr=0&gdpr_consent=

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

HTTP/1.1

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

210-140-225-158.newton.jp-east.compute.idcfcloud.net

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 16 Aug 2023 23:10:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://id5-sync.com/c/12/10/0/10.gif?puid=8985651341537093146&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET /
spl.zeotap.com/ 0
0

GET
H/1.1 200
OK app3 Show response
dalc.valuecommerce.com/ 2 KB
3 KB 93ms
24ms Script
application/javascript 210.140.225.158
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=886880010&_s=https%3A%2F%2Fpoints-pay.com%2F&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ98PJxBTHkVAyOn%2B8z%2Fz9PfMFz49ZKBMe%2FAiv8MQp8YVPXSGAAZVA7l2Io9WAAAAABJRU5ErkJggg%3D%3D

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.158 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

86f24851652693191615e072c7a831429ece6913a06f8485b31ade14bfa4051b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8;
cache-control: private, max-age=0, no-cache
content-length: 2300

GET
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 1 KB
1 KB 1038ms
509ms XHR
application/json 51.15.145.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fpoints-pay.com%2F

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.115 , France, ASN12876 (Online SAS, FR),

Reverse DNS

kube-rr.sirdata.fr

Software

nginx/1.20.2 /

Resource Hash

93827435be62796f4dcc7d49f2cad66abd1b2f9822f6acba5d059e20b5fff57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 16 Aug 2023 23:10:50 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://points-pay.com
Cache-Control: private, max-age=60
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 56ms
56ms Script
application/javascript 142.251.42.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PCLG1875QJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133825760-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.136 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1c6e45b58c5793109b3a153b513d3681bfd6eea13f11cc4648aecaea7ba6d98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 16 Aug 2023 23:10:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 393ms
24ms Script
text/javascript 142.251.42.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133825760-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.174 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Aug 2023 21:44:47 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 16 Aug 2023 23:44:47 GMT

POST
H2 200 admin-ajax.php Show response
points-pay.com/wp-admin/ 0
313 B 100ms
100ms XHR
text/html 183.90.240.5
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://points-pay.com/wp-admin/admin-ajax.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.90.240.5 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv2204.xserver.jp

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://points-pay.com/
X-Requested-With: XMLHttpRequest
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 b2
dalb.valuecommerce.com/ 43 B
248 B 59ms
19ms Image
image/gif 52.194.49.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dalb.valuecommerce.com/b2?2821580,2201292,886880010,3556586,PHNwYW4gc3R5bGU9InRleHQtZGVjb3JhdGlvbjogdW5kZXJsaW5lOyI-WWFob28h44K344On44OD44OU44Oz44KwPC9zcGFuPg,https%3A%2F%2Fshopping.yahoo.co.jp%2F=1&_p=886880010&_r=ZN1XegACwLqZ8K6FwKhvIcCob0qotg&_t=64dd577a&_du=https%3A%2F%2Fpoints-pay.com%2F

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.194.49.76 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-194-49-76.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
x-content-type-options: nosniff
server: nginx
front-end-https: on
p3p: CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin: *
content-type: image/gif
cache-control: private, max-age=0, no-cache
content-length: 43

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 269ms
59ms Ping
text/plain 142.251.42.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PCLG1875QJ&gtm=45je3890&_p=1851341934&cid=1781342283.1692227450&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692227450&sct=1&seg=0&dl=https%3A%2F%2Fpoints-pay.com%2F&dt=%E3%82%B5%E3%83%A0%E3%83%9A%E3%82%A4-SumPay-%E5%90%84%E7%A8%AE%E3%81%8A%E5%BA%97%E3%81%AE%E6%94%AF%E6%89%95%E3%81%84%E6%96%B9%E6%B3%95%E3%82%92PayPay%E3%83%BBQR%E3%82%B3%E3%83%BC%E3%83%89%E3%83%BB%E9%9B%BB%E5%AD%90%E3%83%9E%E3%83%8D%E3%83%BC%20%E3%83%BB%E3%82%AF%E3%83%AC%E3%82%AB%E5%88%A5%E3%81%AB%E7%B4%B9%E4%BB%8B%E2%94%82%E3%82%B5%E3%83%A0%E3%83%9A%E3%82%A4-SumPay-%E5%90%84%E7%A8%AE%E3%81%8A%E5%BA%97%E3%81%AE%E6%94%AF%E6%89%95%E3%81%84%E6%96%B9%E6%B3%95%E3%82%92PayPay%E3%83%BBQR%E3%82%B3%E3%83%BC%E3%83%89%E3%83%BB%E9%9B%BB%E5%AD%90%E3%83%9E%E3%83%8D%E3%83%BC%20%E3%83%BB%E3%82%AF%E3%83%AC%E3%82%AB%E5%88%A5%E3%81%AB%E7%B4%B9%E4%BB%8B&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCLG1875QJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.174 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 419ms
25ms Script
application/javascript 65.9.42.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-7.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:03:45 GMT
content-encoding: gzip
via: 1.1 f9a6fbdc46b65c8be9b0284d9b2a6634.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 426
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: CRA8sFoqCY93fgbKZuBJuJTJ9Oo1e94UnZZRoauhGt2PQm7BSxNcsQ==

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
575 B 398ms
192ms XHR
application/json 103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:50 GMT
an-x-request-uuid: 040e88d8-e7ee-4a33-8b62-6d997a76bacf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://points-pay.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 65ms
26ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: bb537a2d410b68d5f41d5624fda49cc81bb68986c3aa0ba53a63b1edc673c33b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://points-pay.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 15 Sep 2023 23:10:50 GMT

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 635 B
1 KB 678ms
528ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a74991c0c41871e96506a8258e92778561fa117f40716d9c9979c814a6afa730

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://points-pay.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 423ms
57ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=points-pay.com&callback=_gfp_s_&client=ca-pub-1473205167498500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

7f352f80ed68bef7158295b2072cf0320ca593ae44d356f441ad5f17155c3c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BADD 582 KB
106 KB 1066ms
1065ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&adk=1812271804&adf=3025194257&lmt=1692195050&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fpoints-pay.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227449624&bpp=5&bdt=605&idt=329&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5272764844345&frm=20&pv=2&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f14.1e100.net

Software

cafe /

Resource Hash

28d07dfd9c336d226cca9c55761231338ab66805af3a35b5bed7afd949438337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 108627
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: Wed, 16 Aug 2023 23:10:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
434 B 385ms
26ms Script
application/javascript 104.18.23.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
last-modified: Mon, 14 Aug 2023 12:28:03 GMT
server: cloudflare
age: 0
etag: W/"c33119e4566ec99f3327d83c499e437882fc6da2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 7f7d5a5ff95df62d-NRT
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 413ms
71ms Fetch
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:50 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 471880
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
Server: cloudflare
ETag: W/"9d36e722f929b1726cf2a9cba00af489"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6uyETxozTSNvZfR%2FDCzeGirnGhOwUFCG34DwiuHINTXhNK8uSYoLjoY894qYJiU0UVmLfw6Nw2O0I8HreEE%2BvKcPJuwk9kJR6%2B5U5qkKw1Rfb%2B4b9W8w2lulnN4RT%2B8"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7f7d5a6018c7f6e5-NRT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 51ms
50ms XHR
text/plain 142.251.42.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1851341934&t=pageview&_s=1&dl=https%3A%2F%2Fpoints-pay.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B5%E3%83%A0%E3%83%9A%E3%82%A4-SumPay-%E5%90%84%E7%A8%AE%E3%81%8A%E5%BA%97%E3%81%AE%E6%94%AF%E6%89%95%E3%81%84%E6%96%B9%E6%B3%95%E3%82%92PayPay%E3%83%BBQR%E3%82%B3%E3%83%BC%E3%83%89%E3%83%BB%E9%9B%BB%E5%AD%90%E3%83%9E%E3%83%8D%E3%83%BC%20%E3%83%BB%E3%82%AF%E3%83%AC%E3%82%AB%E5%88%A5%E3%81%AB%E7%B4%B9%E4%BB%8B%E2%94%82%E3%82%B5%E3%83%A0%E3%83%9A%E3%82%A4-SumPay-%E5%90%84%E7%A8%AE%E3%81%8A%E5%BA%97%E3%81%AE%E6%94%AF%E6%89%95%E3%81%84%E6%96%B9%E6%B3%95%E3%82%92PayPay%E3%83%BBQR%E3%82%B3%E3%83%BC%E3%83%89%E3%83%BB%E9%9B%BB%E5%AD%90%E3%83%9E%E3%83%8D%E3%83%BC%20%E3%83%BB%E3%82%AF%E3%83%AC%E3%82%AB%E5%88%A5%E3%81%AB%E7%B4%B9%E4%BB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2021917687&gjid=1117310467&cid=1781342283.1692227450&tid=UA-133825760-2&_gid=1061921339.1692227451&_r=1&gtm=457e3890&jsscut=1&z=1801999496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.174 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=458767948;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpoints-pay.com%2F;uht=2;fpan=1;fpa=P0-104599775-1692227450319;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509...
pixel.quantserve.com/ 35 B
372 B 100ms
94ms Image
image/gif 103.229.10.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=458767948;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpoints-pay.com%2F;uht=2;fpan=1;fpa=P0-104599775-1692227450319;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=points-pay.com;dst=0;et=1692227450741;tzo=-540;ogl=site_name.%E3%82%B5%E3%83%A0%E3%83%9A%E3%82%A4-SumPay-%E5%90%84%E7%A8%AE%E3%81%8A%E5%BA%97%E3%81%AE%E6%94%AF%E6%89%95%E3%81%84%E6%96%B9%E6%B3%95%E3%82%92PayPay%E3%83%BBQR%E3%82%B3%E3%83%BC%E3%83%89%E3%83%BB%E9%9B%BB%E5%AD%90%E3%83%9E%E3%83%8D%E3%83%BC%08%E3%83%BB%E3%82%AF%E3%83%AC%E3%82%AB%E5%88%A5%E3%81%AB%E7%B4%B9%E4%BB%8B%2Ctype.article%2Ctitle.%E3%82%B5%E3%83%A0%E3%83%9A%E3%82%A4-SumPay-%E5%90%84%E7%A8%AE%E3%81%8A%E5%BA%97%E3%81%AE%E6%94%AF%E6%89%95%E3%81%84%E6%96%B9%E6%B3%95%E3%82%92PayPay%E3%83%BBQR%E3%82%B3%E3%83%BC%E3%83%89%E3%83%BB%E9%9B%BB%E5%AD%90%E3%83%9E%E3%83%8D%E3%83%BC%08%E3%83%BB%E3%82%AF%E3%83%AC%E3%82%AB%E5%88%A5%E3%81%AB%E7%B4%B9%E4%BB%8B%2Cdescription.%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%AB%E5%88%A5%E3%81%A7%E6%8E%A2%E3%81%99%20%E3%81%8A%E6%8E%A2%E3%81%97%E3%81%AE%E3%82%B8%E3%83%A3%E3%83%B3%E3%83%AB%E3%82%92%E3%82%AF%E3%83%AA%E3%83%83%E3%82%AF%E3%81%A7%E8%A9%B3%E7%B4%B0%E3%81%8C%E9%96%8B%E3%81%8D%E3%81%BE%E3%81%99%E3%80%82%20%C2%A0%20%C2%A0%20%E3%81%8A%E5%BE%97%E3%81%AA%E3%81%8A%E6%94%AF%E6%89%95%E3%81%84%E6%96%B9%E6%B3%95%E3%81%AE%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%E6%83%85%E5%A0%B1%202023%E5%B9%B43%E6%9C%88%E7%8F%BE%E5%9C%A8%E3%80%81%E8%B6%85%E3%81%8A%E5%BE%97%E3%81%AA%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%E3%82%92%E8%A1%8C%E3%81%A3%E3%81%A6%E3%81%84%2Curl.https%3A%2F%2Fpoints-pay%252Ecom%2F%2Cimage.https%3A%2F%2Fpoints-pay%252Ecom%2Fwp-content%2Fuploads%2F2020%2F06%2Fcropped-1b9e40a7d2b9c5177f6d3e;ses=bf0b334b-2602-4cdf-aaa0-21270767c42f;mdl=

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame BF2D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=1&gdpr_consent=

0
291 B

501ms
501ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Wed, 16 Aug 2023 23:10:50 GMT
Server: MT3 1031 59fd23a master nrt nrt-pixel-x16 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 16 Aug 2023 23:10:49 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame BF2D 0
239 B 1159ms
240ms Image
image/gif 213.19.162.80
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame BF2D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4025780564652432430

0
291 B

346ms
346ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4025780564652432430

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:50 GMT
an-x-request-uuid: aecce63c-fd7a-4df0-bee9-aa9889fbcfbc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4025780564652432430
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame BF2D 42 B
775 B 375ms
82ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=oJPMYdT2oTDRQ57ehIkXtk2NVgB3QPDcc2n8_hpmvkg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BF2D
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABigCduSeyp-rDUKjpCzJLgW3jAiPI6QSRJA

170 B
188 B

53ms
53ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABigCduSeyp-rDUKjpCzJLgW3jAiPI6QSRJA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABigCduSeyp-rDUKjpCzJLgW3jAiPI6QSRJA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame BF2D 0
75 B 755ms
99ms Image
text/plain 23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame BF2D
Redirect Chain

https://id.rlcdn.com/711916.gif?ct=4&cv=
https://id.rlcdn.com/1000.gif?memo=COy5KxoNCPqu9aYGEgUI6AcQAEIASgA
https://onetag-sys.com/match/?int_id=110&uid=

0
291 B

435ms
435ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=110&uid=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date: Wed, 16 Aug 2023 23:10:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/match/?int_id=110&uid=
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame BF2D
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=oJPMYdT2oTDRQ57ehIkXtk2NVgB3QPDcc2n8_hpmvkg

43 B
479 B

727ms
184ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=oJPMYdT2oTDRQ57ehIkXtk2NVgB3QPDcc2n8_hpmvkg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T2NMF4T3QDRSDZF16QGR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=oJPMYdT2oTDRQ57ehIkXtk2NVgB3QPDcc2n8_hpmvkg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame BF2D 0
42 B 56ms
18ms Image
text/plain 207.65.34.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:50 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame BF2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEB_vhVx1ooY0a4tt7Ti2d7c&google_cver=1

0
291 B

360ms
360ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEB_vhVx1ooY0a4tt7Ti2d7c&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEB_vhVx1ooY0a4tt7Ti2d7c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame BF2D 0
125 B 368ms
174ms Image
text/plain 13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame BF2D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=

0
291 B

532ms
532ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame BF2D 43 B
235 B 288ms
16ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1692227449634
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 fire.js Show response
s.cpx.to/ 48 B
333 B 757ms
249ms XHR
text/plain 54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12762&url=https%3A%2F%2Fpoints-pay.com%2F&hn_ver=57&fid=2a00943d-3a74-4025-90f1-ed7db8cd2469&dsp=TTD&dsp_uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 51fe35f9f293d0af74764de6035eaa1d0a3f04de69998dcdbb31e93a73eafdcf

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:51 GMT
access-control-allow-credentials: true
expires: Wed, 16 Aug 2023 23:10:51 GMT
content-length: 48
vary: Origin
p3p: CP="NOI DEV ADM"

POST
H/1.1 204
No Content / Show response
bid.missena.io/ 0
195 B 451ms
392ms XHR
text/plain 13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.missena.io/?t=PA-63549366
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://points-pay.com
Date: Wed, 16 Aug 2023 23:10:51 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H2 200 c Show response
prebid.a-mo.net/a/ 1 KB
1 KB 276ms
95ms XHR
application/json 131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: 4c325d813ddf8aa6c61e53418ed4f25191e0d555dd39176b59303a2874ba7231

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://points-pay.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
content-length: 530

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
531 B 1333ms
369ms XHR
text/plain 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 13 KB
6 KB 853ms
296ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25230&site_id=474108&zone_id=2822050&size_id=15&alt_size_ids=2%2C55%2C58%2C221&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,102232,1,,,&eid_pubcid.org=2a260daf-2488-456f-afd6-6f96cab1b684%5E1&rf=https%3A%2F%2Fpoints-pay.com&kw=113011&tg_i.domain=points-pay.com&tg_i.page=https%3A%2F%2Fpoints-pay.com%2F&tg_i.name=points-pay.com&tg_i.siteid=113011&tg_i.pbadslot=%2F113011%2Fpoints-pay.com%2Fdesktop%2F26328&tk_flint=pbjs_lite_v8.6.0&l_pb_bid_id=8921993c79f651&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F113011%2Fpoints-pay.com%2Fdesktop%2F26328&slots=1&rand=0.2656622905264343
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a28575faac33e121433af1c22e09ed2a1dec8efbd961e6291e89bc48322e5abe

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 730 B
860 B 440ms
269ms XHR
application/json 52.74.162.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.162.67 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-162-67.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3f71f0dae5b890d5bea724a8d71e43c8c7db91ad5edc43b45fd69b4df0ac3eff

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://points-pay.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 492

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 869ms
194ms XHR
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=23329877982&lsavail=1&bundle=_J_8f19FNTA5JTJCYjB6Mm5hVnFNbHRlS05BeXFZSyUyQiUyRm4lMkJrSmNtMnI2VXY1TTdaMFhhT1VuUU5HZG9EUXRYOThRZGlac0lBQ3VwWmExamk3cHFZaGhnSFQ5ZXYwTkVldFduZGxSVW0lMkI2TlNDcWNQYlcxdFlXWG02WmtXNiUyQkJGcWk0ZW8yZA

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:51 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
257 B 211ms
180ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 6e15655036c6ea71fd12192e2f0003e1d8e5c9bb854b4d71e41c334f2b4ddaa8

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://points-pay.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
mp.4dex.io/ 4 KB
2 KB 362ms
24ms XHR
application/json 104.18.3.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 321a1903be381f9d16b5c4969bf575ef08056eab6dff5072db7d49a5a17fede3

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-tyo
date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
via: 1.1 google
x-err: Shapings: no adunits with size and seat and mapping
cf-cache-status: DYNAMIC
x-warn: Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Seats Booster. unable to get the seat booster engine for organization: 1015
content-length: 1026
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7f7d5a63af4daf94-NRT
expires: 0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
308 B 316ms
277ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f7d5a61db54e07e-NRT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 269ms
269ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-35-162-18-62.us-west-2.compute.amazonaws.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://points-pay.com
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 339 B
591 B 355ms
23ms XHR
text/html 212.102.50.12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=113011&adid=6&formatid=26328&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.12 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 422668507.tyo.cdn77.com
Software: CDN77-Turbo /
Resource Hash: c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AdRmMgryber/TAgAAA
x-accel-expires: @1692830127
date: Wed, 16 Aug 2023 23:10:51 GMT
x-77-pop: tokyoJP
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: db683119541005e47b57dd64e0d4cc1b
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://points-pay.com
x-77-cache: HIT
cache-control: max-age=604800
x-age: 2124
x-accel-date: 1692225327

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
177 B 269ms
87ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
699 B 549ms
291ms XHR
application/json 35.162.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpoints-pay.com%2F&PageUrl=https%3A%2F%2Fpoints-pay.com%2F&PageReferrer=https%3A%2F%2Fpoints-pay.com%2F&CanonicalUrl=https%3A%2F%2Fpoints-pay.com%2F

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.162.18.62 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1ca31468f92e0e3ace5818cb7a4605515d2fc2975dbe8e159482ebad1c92f00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 170
content-length: 180
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 13 KB
6 KB 784ms
237ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39550&zone_id=1124636&size_id=15&alt_size_ids=2%2C55%2C58%2C221&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,102232,1,,,&eid_pubcid.org=2a260daf-2488-456f-afd6-6f96cab1b684%5E1&rf=https%3A%2F%2Fpoints-pay.com&kw=113011&tg_i.domain=points-pay.com&tg_i.page=https%3A%2F%2Fpoints-pay.com%2F&tg_i.name=points-pay.com&tg_i.siteid=113011&tg_i.pbadslot=%2F113011%2Fpoints-pay.com%2Fdesktop%2F26328&tk_flint=pbjs_lite_v8.6.0&l_pb_bid_id=286df7a4be260ee&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F113011%2Fpoints-pay.com%2Fdesktop%2F26328&slots=1&rand=0.30190637099902107
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 590e53031dfb15c8b75824f91b61af5344467407ff4f976fd23804eee30c6424

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://points-pay.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
shb.richaudience.com/hb/ 0
264 B 1712ms
1070ms XHR
text/plain 103.253.24.74
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.74 , Indonesia, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:52 GMT
access-control-allow-credentials: true
server: nginx/1.14.1
access-control-max-age: 86400

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 1003ms
339ms XHR
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=85038837010&lsavail=1&bundle=_J_8f19FNTA5JTJCYjB6Mm5hVnFNbHRlS05BeXFZSyUyQiUyRm4lMkJrSmNtMnI2VXY1TTdaMFhhT1VuUU5HZG9EUXRYOThRZGlac0lBQ3VwWmExamk3cHFZaGhnSFQ5ZXYwTkVldFduZGxSVW0lMkI2TlNDcWNQYlcxdFlXWG02WmtXNiUyQkJGcWk0ZW8yZA

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:51 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 826ms
274ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

c0362e0cc741e264ce750dba7662bec8cd7d10876ce5cf5531d8c2528d126eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1

400

8.gif
id5-sync.com/c/102/112/1/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*utHhM_pdSGt1zmrkxbE0QuuBgDEk4CTQNNnvTrpssNtbrEx4ZoxAbvYH3aJn0nY7W63LXFiY6grzxW6x1nnSVg&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-0b44cO6dbP99v-NPAuFFYTJVNq5T8de-ajpJMN9l3A&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=20908764573421091&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/2/6/3.gif?puid=4025780564652432430&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&ttl=%%TTL%%
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-d38apgEdASK1sgN1ridnbKoa2EzcTeUDgpkxTF5vUg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F4%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/102/3/4/5.gif?puid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?puid=AADsTE7Juq8AACWxR0r9_w&id5AccountNum=155&numCascadesAllowed=9
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/123/2/7.gif?puid=18a009dc333-735e0000010e52b9&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F1%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/112/1/8.gif?puid=${UIPID}&gdpr=0&gdpr_consent=

0
0

270ms
270ms

Image
text/html

162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id5-sync.com/c/102/112/1/8.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: HTTP/1.1
Server: 162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: ns31533571.ip-162-19-138.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location: https://id5-sync.com/c/102/112/1/8.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
uip-response-status: FallbackResponse
date: Wed, 16 Aug 2023 23:10:27 GMT
frontend-id: 0
content-length: 0
routing-server-id: 1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8EE6 15 KB
6 KB 83ms
40ms Document
text/html 23.32.13.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.13.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-13-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124859
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: Fri, 18 Aug 2023 09:51:50 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://s.cpx.to/sync?dsp_uid=CAESECjhX3H9DW0Uf7g4YkDAeo4&dsp=dbm&google_cver=1

0
305 B

472ms
472ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESECjhX3H9DW0Uf7g4YkDAeo4&dsp=dbm&google_cver=1
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Wed, 16 Aug 2023 23:10:51 GMT
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESECjhX3H9DW0Uf7g4YkDAeo4&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=cd520b12-d2c9-4dd2-b5b4-734e81ab17d5

0
311 B

489ms
489ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=OPENX&dsp_uid=cd520b12-d2c9-4dd2-b5b4-734e81ab17d5
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Wed, 16 Aug 2023 23:10:52 GMT
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.cpx.to/sync?dsp=OPENX&dsp_uid=cd520b12-d2c9-4dd2-b5b4-734e81ab17d5
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12762%26url%3Dhttps%253A%252F%252Fpoints-pay.com%252F%26hn_ver%3D57%26fid%3D2a00943d-3a...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4025780564652432430&pid=12762&url=https%3A%2F%2Fpoints-pay.com%2F&hn_ver=57&fid=2a00943d-3a74-4025-90f1-ed7db8cd2469&dsp=TTD&dsp_uid=08d07bda-0ec8-4f0...

38 B
38 B

416ms
415ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4025780564652432430&pid=12762&url=https%3A%2F%2Fpoints-pay.com%2F&hn_ver=57&fid=2a00943d-3a74-4025-90f1-ed7db8cd2469&dsp=TTD&dsp_uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
date: Wed, 16 Aug 2023 23:10:51 GMT
content-length: 38
expires: Wed, 16 Aug 2023 23:10:51 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
an-x-request-uuid: 731e31ec-5ce8-4948-8a46-b3733f937d5f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4025780564652432430&pid=12762&url=https%3A%2F%2Fpoints-pay.com%2F&hn_ver=57&fid=2a00943d-3a74-4025-90f1-ed7db8cd2469&dsp=TTD&dsp_uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=0872408D-2430-40B4-871D-333E6C4BB9D0

0
313 B

432ms
432ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=0872408D-2430-40B4-871D-333E6C4BB9D0
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Wed, 16 Aug 2023 23:10:51 GMT
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=0872408D-2430-40B4-871D-333E6C4BB9D0
date: Wed, 16 Aug 2023 23:10:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8EE6 5 KB
6 KB 63ms
20ms Script
text/html 207.65.34.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30044792&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: cbb58f5ac57c26b1ec7d13cfdc45e71ca852e2bf2beec3f9b6d2ccf1728ae4a8

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 154 KB
53 KB 72ms
71ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2883375468d3e90a1686cd04089615b8772d27b4ce7a2fcb819c93af6a320095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53700
x-xss-protection: 0
server: cafe
etag: 18027094464599979511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:51 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E49F 122 KB
41 KB 1407ms
1406ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1551a97b7c25fabf575dcfae8d4e71b10bff022300163e40e0904f360810ae9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71E2 121 KB
41 KB 848ms
848ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=1841496142&pi=t.aa~a.912835033~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280&nras=3&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qEwKHEhqnx&p=https%3A//points-pay.com&dtd=55

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e40f5f05d43d431aa4098209a861592e8377893ce23b360eb1246a5ce98b01a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42194
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D05 123 KB
42 KB 915ms
915ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

cafe /

Resource Hash

cd6e8ceafea25612bb37dfbf6d1ca0cd30a0dc9840c552afdd7fca52824362e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 43099
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7960
Redirect Chain

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ab8NARKpYFQAks8AD7P3p8QDtM8AAAGKAJ276A

42 B
212 B

19ms
19ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ab8NARKpYFQAks8AD7P3p8QDtM8AAAGKAJ276A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=Ab8NARKpYFQAks8AD7P3p8QDtM8AAAGKAJ276A
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 90fa5c5ef559c4e8601bb399752b00bc.cloudfront.net (CloudFront)
x-amz-cf-id: 5mT5Fa_uSurxx2v8AIsqr3KpQsnZD7OjNRwvlnHyOsTAnnSKvfMwEA==
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2D1A 43 B
363 B 72ms
16ms Document
image/gif 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: Wed, 16 Aug 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 188040
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 84B2
Redirect Chain

https://ds.uncn.jp/pm/0/sync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_9f19e32f-8640-4809-bac9-06c80a9f8f68

42 B
344 B

15ms
15ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_9f19e32f-8640-4809-bac9-06c80a9f8f68
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Aug 2023 23:10:51 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_9f19e32f-8640-4809-bac9-06c80a9f8f68
Server: Apache

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 31B9
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4025780564652432430&gdpr=0&gdpr_consent=

42 B
218 B

15ms
14ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4025780564652432430&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 1230980e-f7c4-43c5-8013-f2b7d40bdef6
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4025780564652432430&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 52D5
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=1ea9642...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=3EIkggnjKOk

42 B
289 B

18ms
18ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=3EIkggnjKOk
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
Date: Wed, 16 Aug 2023 23:10:52 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=3EIkggnjKOk
Pragma: no-cache
Server: nginx
expires: -1

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1310
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=I5YGayCVVW44wVBpJJRPayCTWjg4lFc6c8TB4MdC

42 B
342 B

15ms
14ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=I5YGayCVVW44wVBpJJRPayCTWjg4lFc6c8TB4MdC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=I5YGayCVVW44wVBpJJRPayCTWjg4lFc6c8TB4MdC
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 89D6
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1hoa7tyw6m5v

42 B
230 B

29ms
12ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1hoa7tyw6m5v
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Wed, 16 Aug 2023 23:10:52 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1hoa7tyw6m5v
lws: 123
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 52A7 43 B
214 B 106ms
53ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0B41
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=140e903a2f654e20b4d9a23aaa7325cc

42 B
300 B

19ms
18ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=140e903a2f654e20b4d9a23aaa7325cc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=140e903a2f654e20b4d9a23aaa7325cc
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2 200 pxd Show response
dps.jp.cinarra.com/ Frame 3665 0
38 B 71ms
18ms Document
text/plain 54.65.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-44-129.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

content-length: 0
date: Wed, 16 Aug 2023 23:10:51 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 65A4
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=

42 B
297 B

26ms
26ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Aug 2023 23:10:52 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 0ECA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

175ms
175ms

Document
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN1XewAAA1wlVQA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-nrt-rjtf7700039-NRT
x-timer: S1692227452.048164,VS0,VE156

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Wed, 16 Aug 2023 23:10:52 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN1XewAAA1wlVQA4
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-nrt-rjtf7700039-NRT
x-timer: S1692227452.867656,VS0,VE161

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 668C
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eeZD5ajdAT-nP4zye1fdZA

42 B
199 B

16ms
16ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eeZD5ajdAT-nP4zye1fdZA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eeZD5ajdAT-nP4zye1fdZA
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6D07
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU3171357b04e64b4eada7f6d7e45176e3&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D

42 B
113 B

18ms
18ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU3171357b04e64b4eada7f6d7e45176e3&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 168
content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU3171357b04e64b4eada7f6d7e45176e3&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma: no-cache
server: Tengine

GET /
csync.loopme.me/ Frame 8813 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4D46
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084070896325300

42 B
194 B

14ms
14ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084070896325300
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Wed, 16 Aug 2023 23:10:52 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084070896325300
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 21D9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:sFvmdLYC1QwpFa5&gdpr=0&gdpr_consent=

42 B
220 B

16ms
15ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:sFvmdLYC1QwpFa5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 16 Aug 2023 23:10:51 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:sFvmdLYC1QwpFa5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-073c42d2ed4223780@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7609
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE9C1A4860CC4A47B21D38F066F4D271&gdpr=0&gdpr_consent=

1 B
53 B

23ms
22ms

Document
text/html

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE9C1A4860CC4A47B21D38F066F4D271&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 16 Aug 2023 23:10:52 GMT
expires: Tue, 15 Aug 2023 23:10:52 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE9C1A4860CC4A47B21D38F066F4D271&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 setuid Show response
u.4dex.io/ Frame 49BA 0
1 KB 77ms
16ms Document
text/plain 34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 16 Aug 2023 23:10:51 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8EE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LhvRbKmLTXi3Ca7aeN2Vbg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

37ms
37ms

Image
text/html

23.32.13.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 23.32.13.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-13-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:51 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=124859
accept-ranges: bytes
content-length: 5606
expires: Fri, 18 Aug 2023 09:51:50 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 8EE6
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&ttd_puid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf%2C%2C

95 B
124 B

59ms
59ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&ttd_puid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf%2C%2C

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&ttd_puid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 8EE6
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&gdpr=0&gdpr_consent=&ct=y

49 B
544 B

251ms
251ms

Image
image/gif

13.229.173.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 13.229.173.169 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-229-173-169.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.7.150
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.1.73
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 8EE6
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

68ms
68ms

Image
image/gif

119.9.108.211
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: HTTP/1.1
Server: 119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:25 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:25 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkUxQkQxNkMtQTk4Qi00RDc4LUI3MDktQUVEQTc4REQ5NTZF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

22ms
20ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM6TU1EHzAm6qIEBitdsd5c&google_cver=1

42 B
266 B

21ms
19ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM6TU1EHzAm6qIEBitdsd5c&google_cver=1
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM6TU1EHzAm6qIEBitdsd5c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8EE6 43 B
609 B 402ms
170ms Image
image/gif 34.126.167.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.126.167.117 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

117.167.126.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 15 Aug 2023 23:10:52 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZN1Xe8Co8XoAAC3CkKMAAAAA

42 B
260 B

15ms
15ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZN1Xe8Co8XoAAC3CkKMAAAAA
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 16 Aug 2023 23:10:51 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"153.240.174.133","key":"ZN1Xe8Co8XoAAC3CkKMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40192"}
X-SO-Key: ZN1Xe8Co8XoAAC3CkKMAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40192
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZN1Xe8Co8XoAAC3CkKMAAAAA
Cache-Control: private
X-SO-HostName: a-ad40192.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 9
Content-Length: 0
X-SO-LB-Hostname: m-tgng22.dc4p.scaleout.jp
X-SO-IP: 153.240.174.133

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7bdf6130-7843-4383-80c3-958192b3b6e4
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7bdf6130-7843-4383-80c3-958192b3b6e4
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9efa6b02-9fc9-4535-a6c3-11a3ca2b27d5&user_group=1&ssp=pubmatic&bsw_param=7bdf6130-7843-4383-80c3-958192b3b6e4
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
185 B

15ms
15ms

Image
text/html

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 16 Aug 2023 23:10:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=

42 B
278 B

17ms
17ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8985651341537093146

42 B
372 B

16ms
16ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8985651341537093146
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8985651341537093146
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 2E1BD16C-A98B-4D78-B709-AEDA78DD956E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8EE6 43 B
603 B 649ms
172ms Image
image/gif 13.229.192.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/2E1BD16C-A98B-4D78-B709-AEDA78DD956E?gdpr=0&gdpr_consent=

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.229.192.164 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-229-192-164.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nT.pxo9E2uX1S5Lid3IM.uNYjDa3zQE-~A&gdpr=0

0
260 B

63ms
21ms

Image
text/plain

207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nT.pxo9E2uX1S5Lid3IM.uNYjDa3zQE-~A&gdpr=0
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nT.pxo9E2uX1S5Lid3IM.uNYjDa3zQE-~A&gdpr=0
date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4467779745187181965&gdpr=0&gdpr_consent=&us_privacy=

1 B
255 B

17ms
17ms

Image
text/html

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4467779745187181965&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4467779745187181965&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8EE6
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6c0a7ebc2c8d24ea&is_secure=true&networkId=17100&version=1&nuid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANIlBQ0hB9igMG7jKVAAAAAAA&expiration=1692313853&nuid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&...

42 B
265 B

15ms
14ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANIlBQ0hB9igMG7jKVAAAAAAA&expiration=1692313853&nuid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 16 Aug 2023 23:10:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANIlBQ0hB9igMG7jKVAAAAAAA&expiration=1692313853&nuid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame 0A0B 10 KB
5 KB 18ms
17ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 13213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 19:30:38 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 19:30:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame 395C 10 KB
4 KB 26ms
24ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 13213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 19:30:38 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 19:30:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame BCBA 10 KB
4 KB 24ms
23ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 13213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 19:30:38 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 19:30:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/ Frame 640F 10 KB
4 KB 23ms
23ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 13213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 19:30:38 GMT
etag: 13776922816869014096
expires: Wed, 30 Aug 2023 19:30:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0A0B 4 KB
767 B 50ms
50ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 21:28:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0A0B 205 B
651 B 402ms
18ms Image
image/png 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:31:12 GMT
x-content-type-options: nosniff
age: 441580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 10 Aug 2024 20:31:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0A0B 604 B
696 B 402ms
19ms Image
image/png 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 15:57:29 GMT
x-content-type-options: nosniff
age: 544403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Aug 2024 15:57:29 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 0A0B 15 KB
7 KB 405ms
23ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e443793c22c99a71ea0ca1ae621676267abbbc301e98d78122bdedcbf6ac893a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6470
x-xss-protection: 0
server: cafe
etag: 4595109392211754618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 09:11:07 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 0A0B 20 KB
8 KB 414ms
32ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 09:11:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 395C 23 KB
9 KB 421ms
46ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7035 143 B
228 B 13ms
12ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 22:54:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 395C 3 KB
1 KB 421ms
47ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 395C 20 KB
8 KB 412ms
38ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 11316033133481150793
tpc.googlesyndication.com/simgad/ Frame 395C 52 KB
52 KB 435ms
62ms Image
image/png 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11316033133481150793?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlEzbMP3F7w3TPcspYKS8ZI3BBf_A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd62b293313c01158f2ae4f632c3ec7eb780f8f0be016fcba968e7a8ef3d0c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 15:36:28 GMT
x-content-type-options: nosniff
age: 200064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52905
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 08:29:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 15:36:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 395C 180 KB
57 KB 56ms
56ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 395C 35 KB
14 KB 439ms
66ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:56:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame BCBA 23 KB
9 KB 408ms
48ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 80AA 143 B
200 B 12ms
12ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 22:54:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BCBA 3 KB
1 KB 408ms
49ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BCBA 20 KB
8 KB 399ms
41ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 11484797535942579283
tpc.googlesyndication.com/simgad/ Frame BCBA 45 KB
45 KB 421ms
63ms Image
image/png 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11484797535942579283?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmnDeK9aBI0pEDro86F6-NJw38cSw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ee1e15f18e97b4a405d5cdcf832b4658c4c9095a269e271ac32f9018a4bcae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 15:41:35 GMT
x-content-type-options: nosniff
age: 545357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46035
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 04:20:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Aug 2024 15:41:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCBA 180 KB
56 KB 157ms
155ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BCBA 35 KB
14 KB 422ms
65ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:56:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 640F 23 KB
9 KB 388ms
47ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D0E 143 B
200 B 13ms
13ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 22:54:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 640F 3 KB
1 KB 388ms
49ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 640F 20 KB
8 KB 372ms
32ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 16163375964968105070
tpc.googlesyndication.com/simgad/ Frame 640F 34 KB
34 KB 388ms
49ms Image
image/png 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16163375964968105070?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkZLhSn5rggB0jXdYBGjusboqshw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353ae920488c68c8b49ab7b741dd33251b32b39c1060ee0f655d41f4633abf31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 15:08:45 GMT
x-content-type-options: nosniff
age: 115327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34336
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 10:10:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 15:08:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 640F 180 KB
56 KB 135ms
135ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 640F 35 KB
14 KB 401ms
63ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:56:37 GMT

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 275ms
274ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a3440d9a5863fc2e80e6d9de1475447da2365f6ee01f2256e7bd10cacbbdba27

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://points-pay.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 4e9503689cc568474c146d9979c074f7.js Show response
www.gstatic.com/mysidia/ Frame D871 9 KB
4 KB 330ms
32ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4e9503689cc568474c146d9979c074f7.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ea77bdbdb2740b6029b3672b833edef7b592763a0ebbad204ef84c211a7c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3932
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 02:13:48 GMT

GET
H2 200 a8025dd731d9f0f846ad4dd7921b9f5e.js Show response
www.gstatic.com/mysidia/ Frame D871 141 KB
52 KB 318ms
20ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a8025dd731d9f0f846ad4dd7921b9f5e.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c97c4749c5f239c28c037cddc5305b70359995f2dfe54764d26c564b1474c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53229
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 05:30:39 GMT

GET
H2 200 3f6818a022f096a38068f5e5ed4a3e10.js Show response
www.gstatic.com/mysidia/ Frame D871 18 KB
8 KB 330ms
32ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3f6818a022f096a38068f5e5ed4a3e10.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94326f0d6d8321e573308469f169da0c54fa0499d36a88834aec7438782cfdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 11:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7796
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 11:10:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D871 1 KB
537 B 56ms
55ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500%2C600&text=%E5%B0%8E%E5%85%A5%E5%88%A9%E5%85%B7%E3%81%AE%E3%81%91%E3%82%92%E3%81%BE%E5%8A%B9%E7%94%A8%E3%82%B9%E3%80%82%E9%87%91%E5%8A%A0n%E5%8F%97%E4%BD%93%E8%B3%87%E3%83%AD%E3%83%80%E3%82%84%E3%83%89%E6%9E%9C%E8%A6%A7i%E3%83%87%E3%81%AB%E3%81%A0%E3%80%81%E3%81%99%E3%83%97%E9%A0%85xo%E3%83%83%E9%96%8B%E3%81%8Fv%E3%81%94%E5%8F%96%E7%9B%AE%E3%81%84%E3%81%9F%E3%82%A6%E7%9A%84%E6%96%99%E6%B1%82%E8%AB%8B%E3%82%BF%E5%8C%96%E3%81%AA%E3%83%B3%E3%83%BC%E6%9B%B8%E3%83%86%E3%81%88

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b6c3b55ecb93cd7f980c24541189517a713f76b49c0e58e5fab99f5fdae755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 23:10:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame D871 2 KB
945 B 341ms
45ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame D871 6 KB
2 KB 329ms
33ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 16:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 16:15:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame D871 23 KB
9 KB 340ms
45ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame D871 3 KB
1 KB 340ms
44ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame D871 20 KB
8 KB 334ms
38ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D871 180 KB
56 KB 88ms
87ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame D871 35 KB
15 KB 28ms
28ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 22:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 22:10:29 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7035
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

65ms
64ms

Document
text/html

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
expires: Wed, 16 Aug 2023 23:10:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 80AA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

63ms
63ms

Document
text/html

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
expires: Wed, 16 Aug 2023 23:10:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D0E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

64ms
64ms

Document
text/html

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
expires: Wed, 16 Aug 2023 23:10:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D871 0
121 B 59ms
59ms Ping
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoSCAEqDmxhbmRzY2FwZVZpZGVvCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRArIQAAAAAAABhAMAQKDRArIQAAAAAAAChAMAEKDRADIQAAADQza3ZAMAQSGkNKU2V4c0NtNG9BREZWVlB3Z1VkZnY4TzFBIid2aWRlb19tcmEvd2ViX2ludGVyc3RpdGlhbF9yYXNwYmVycnlfbXMoEg==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3f6818a022f096a38068f5e5ed4a3e10.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 640F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1047964b6e4d8f416ae18666733e3593c9b4fde787c7aafc882ef5b9a19dec14

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 1169ms
512ms Preflight 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://points-pay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://points-pay.com
date: Wed, 16 Aug 2023 23:10:52 GMT
vary: Origin

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 561 B
1 KB 1102ms
583ms XHR
application/javascript 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: 7254ef7b1be2bae09e198ac85c7f8bd0cd5dfa9cf421ab00a098ca7906de428f

Request headers

Referer: https://points-pay.com/
accept-language: jp-jp,jp;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://points-pay.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 309ms
309ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=113011&f=6&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
server: nginx
x-iplb-request-id: 99F0AE85:9926_36264064:01BB_64DD577C_670E77D:162F3
x-iplb-instance: 38442
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F327
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

281 B
554 B

71ms
26ms

Document
text/html

23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 16 Aug 2023 23:10:52 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Aug 2023 23:10:52 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server: AkamaiGHost

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 640F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoSqdelfdZJf5INWeid4P_v67oA3Vs5mecq_wnZD1EfLd0uCyARABIL6I6yBgidvFhPQToAHilfHPAsgBAqkCi6iAf0FuPT6oAwHIA8kEqgTFAU_QgnzNI6xIrW5Lw93zFKo4tOJKvVP1J6z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x16437e1d1a7e01670000000000000000%22,%222%22:%220xc5322caa64f4726e0000000000000000%22,%225%22:%220x110a67...

0
0

47ms
46ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x16437e1d1a7e01670000000000000000%22,%222%22:%220xc5322caa64f4726e0000000000000000%22,%225%22:%220x110a677d98afad560000000000000000%22},%22debug_key%22:%2217006645976096050724%22,%22debug_reporting%22:true,%22destination%22:%22https://acg-net.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22704400098%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221309773597122144961%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x16437e1d1a7e01670000000000000000","2":"0xc5322caa64f4726e0000000000000000","5":"0x110a677d98afad560000000000000000"},"debug_key":"17006645976096050724","debug_reporting":true,"destination":"https://acg-net.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["704400098"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"1309773597122144961"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 23:10:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x16437e1d1a7e01670000000000000000","2":"0xc5322caa64f4726e0000000000000000","5":"0x110a677d98afad560000000000000000"},"debug_key":"17006645976096050724","debug_reporting":true,"destination":"https://acg-net.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["704400098"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"1309773597122144961"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D871 0
56 B 53ms
53ms Ping
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoSCAEqDmxhbmRzY2FwZVZpZGVvCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAuQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAA0DvwQDAECg0QEiEAAAAAAAAQQDAECg0QEyEAAAAAAAAAQDAECg0QFyEAAABkZr56QDAEEhpDSlNleHNDbTRvQURGVlZQd2dVZGZ2OE8xQSIndmlkZW9fbXJhL3dlYl9pbnRlcnN0aXRpYWxfcmFzcGJlcnJ5X21zKBI=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3f6818a022f096a38068f5e5ed4a3e10.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame B346 37 KB
15 KB 21ms
20ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D871 0
56 B 56ms
56ms Ping
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoSCAEqDmxhbmRzY2FwZVZpZGVvCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRAUIQAAAACgXfNAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAMzMJIBAMAQKDRAyIQAAAAAAAAAAMAQKDRAzIQAAAAAAAAAAMAQKDRA0IQAAAAAAAAAAMAQKDRA1IQAAAAAAAAAAMAQKDRA2IQAAAAAAAAAAMAQKDRA3IQAAAAAAAAAAMAQKDRA4IQAAAAAAAAAAMAQKDRA5IQAAAAAAAAAAMAQKDRA6IQAAAAAAAOA_MAQKDRA7IQAAAAAAAOA_MAQKDRA8IQAAAAAAAOA_MAQKDRA9IQAAAAAAAOA_MAQKDRA-IQAAAAAwM-M_MAQKDRA_IQAAAAAwM-M_MAQKDRBAIQAAAAAwM-M_MAQSGkNKU2V4c0NtNG9BREZWVlB3Z1VkZnY4TzFBIid2aWRlb19tcmEvd2ViX2ludGVyc3RpdGlhbF9yYXNwYmVycnlfbXMoEg==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3f6818a022f096a38068f5e5ed4a3e10.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 140ms
65ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 71E2 868 B
481 B 51ms
50ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%80%8EK%E3%81%97%E4%B8%BB5%E9%A1%94%E8%B3%9B0%E2%80%A69%E5%B8%AB%E3%81%99%E5%8C%BB%E7%9E%AC)2%E3%81%AB%E3%81%84%E8%A3%8F4%E3%82%B4%E3%82%89%E7%9F%A5%E3%80%8D%E3%81%8CH%E6%94%BE%E3%81%A7%E9%80%81%E3%82%8B%E3%80%8F%E7%B5%B6%E5%A9%A6%E8%BF%94%E5%A4%A7%E3%81%AA%E3%81%8F%E3%82%B9%E9%96%8B%E3%81%88%E3%83%9F%E4%BB%A3(%E8%8B%A5%E6%B6%88N%E3%80%8C%E5%89%B2%E6%8A%80%E8%A1%93%E3%82%8A%E3%82%B7%E4%B8%80

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=1841496142&pi=t.aa~a.912835033~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280&nras=3&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qEwKHEhqnx&p=https%3A//points-pay.com&dtd=55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1d4b8f3a53a8b838c27fcf8fa5c75450011352507a7bf5755b686f1ae9f1610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 23:10:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 71E2 7 KB
1 KB 58ms
58ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 21:37:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
DATA 200
OK truncated
/ Frame 395C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d10e543fd8f7af01ce9c7ec10160e4f090178f1b91731f222bc8dc5c326463e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame 12F7 37 KB
14 KB 22ms
21ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 71E2 2 KB
926 B 11ms
11ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 71E2 23 KB
9 KB 17ms
17ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 71E2 3 KB
1 KB 24ms
24ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 651E 1 KB
758 B 17ms
16ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 71822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 03:13:50 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 03:13:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 71E2 20 KB
8 KB 20ms
20ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 71E2 0
0 50ms
49ms Image
text/html 216.58.220.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaaeVWwd5yN_B4QtRVVpqCC18qdllasVl2cMr1ftD6OGPyweiM-uu5jppxHwKJ0XuGvL5H6kSiJjxUDXGiT4KqezLjSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=1841496142&pi=t.aa~a.912835033~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280&nras=3&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qEwKHEhqnx&p=https%3A//points-pay.com&dtd=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.220.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s01-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71E2 180 KB
56 KB 57ms
57ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 71E2 35 KB
15 KB 16ms
16ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 22:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 22:10:29 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 395C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CqGe3elfdZJX5INWeid4P_v67oA34_M6Hcpbo_LXdEdzZHhABIL6I6yBgidvFhPQToAH2nszdA8gBAqkCi6iAf0FuPT6oAwHIA8kEqgTGAU_QgesEsuV9XDVEq9ej_bV8h0fyw1ZynNit0EK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9291941f5052a2cd0000000000000000%22,%222%22:%220x830d7734c48ad2df0000000000000000%22,%225%22:%220x6b6ab2...

0
0

51ms
51ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9291941f5052a2cd0000000000000000%22,%222%22:%220x830d7734c48ad2df0000000000000000%22,%225%22:%220x6b6ab2c15f8f57be0000000000000000%22},%22debug_key%22:%227236161144999834541%22,%22debug_reporting%22:true,%22destination%22:%22https://itsumo365.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001590646%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229452616588536125313%22}&andc=true

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9291941f5052a2cd0000000000000000","2":"0x830d7734c48ad2df0000000000000000","5":"0x6b6ab2c15f8f57be0000000000000000"},"debug_key":"7236161144999834541","debug_reporting":true,"destination":"https://itsumo365.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001590646"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"9452616588536125313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 23:10:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9291941f5052a2cd0000000000000000","2":"0x830d7734c48ad2df0000000000000000","5":"0x6b6ab2c15f8f57be0000000000000000"},"debug_key":"7236161144999834541","debug_reporting":true,"destination":"https://itsumo365.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001590646"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"9452616588536125313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11648000959956126945/ Frame 71E2 172 KB
172 KB 16ms
16ms Image
image/jpeg 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11648000959956126945/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60fbd17375830fbb96cda5ab8200bb8897514bb959c0704820d1b72c0f7dc402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:00:00 GMT
x-content-type-options: nosniff
age: 94252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175888
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 15:21:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 21:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 71E2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 71E2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F327 34 KB
10 KB 44ms
44ms Script
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f0971d13c25353bf0579fdfe95648591c3376e9194cae87adb1c78a0d14d26be

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 20:16:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75949
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 17 Aug 2023 20:16:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2D05 852 B
474 B 59ms
59ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%B8W%E3%83%A7NE%E3%81%99%E3%80%81%E3%82%BC%E9%A8%93%E3%80%82%E3%83%B3%E3%83%BC%E3%82%928%E3%82%BF%E3%83%88%E3%83%AC%E3%81%A7%E8%A1%8C%E3%82%8B%E5%BF%83%E3%81%A8%E8%BB%8A%E4%BD%93%E3%83%8B%E3%81%86%E3%81%8F%E3%81%98%E4%B9%97%E9%96%8B%E8%A9%A6%E5%AE%BF4%E5%A5%AA%E3%83%97%E6%B3%8A%E3%83%A2%20%E3%81%AF%E4%BB%98%E3%82%810

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

314a2484604a0d61f4781692032e6e8607eddbced936e2bbc4324fae638d159c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 23:10:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 2D05 2 KB
926 B 20ms
19ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 2D05 23 KB
9 KB 19ms
19ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 2D05 3 KB
1 KB 20ms
19ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 2D05 20 KB
8 KB 18ms
18ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2D05 0
0 63ms
62ms Image
text/html 216.58.220.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTU1kpyJ9jwHVYd6AqHi3ZadT0cMd5FU27Q1W06kZr4HBI3he0ujCM4TLqN2axiFWolNq_kW281uodUiJ85WAPBdQyIqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.220.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s01-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D05 180 KB
56 KB 86ms
86ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:52 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame 2D05 35 KB
15 KB 16ms
16ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 22:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 22:10:29 GMT

GET
DATA 200
OK truncated
/ Frame BCBA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aea8b80bd697ca00dc02cfc815230d0d2365879c0b4bb09b4e340c51fb063547

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 051D 1 KB
677 B 18ms
18ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 71822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 03:13:50 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 03:13:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame BAF4 37 KB
14 KB 25ms
25ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame A159 37 KB
14 KB 26ms
26ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230815/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10352689060466678082/ Frame 2D05 47 KB
47 KB 13ms
12ms Image
image/jpeg 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10352689060466678082/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1547ab2b7a8957466181dee01fd28884c6f1d70aa278db68737754eda92c0d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 11:29:40 GMT
x-content-type-options: nosniff
age: 214872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48244
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 08:53:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 11:29:40 GMT

GET
DATA 200
OK truncated
/ Frame 2D05 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2D05 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BCBA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAAeXelfdZJb5INWeid4P_v67oA310JXOcdailrSzEdzZHhABIL6I6yBgidvFhPQToAGgk4uwA8gBAqkCi6iAf0FuPT6oAwHIA8kEqgTEAU_QeSY5ErNVAaRf9J40A5soHfGB7T8jhuAqE48...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xeb22c32db23d33860000000000000000%22,%222%22:%220x67781225f7406d630000000000000000%22,%225%22:%220xaff254...

0
0

54ms
54ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xeb22c32db23d33860000000000000000%22,%222%22:%220x67781225f7406d630000000000000000%22,%225%22:%220xaff254c0dcfea3620000000000000000%22},%22debug_key%22:%229230202120957451698%22,%22debug_reporting%22:true,%22destination%22:%22https://sateraito.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22906152352%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227447629934553528305%22}&andc=true

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xeb22c32db23d33860000000000000000","2":"0x67781225f7406d630000000000000000","5":"0xaff254c0dcfea3620000000000000000"},"debug_key":"9230202120957451698","debug_reporting":true,"destination":"https://sateraito.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["906152352"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"7447629934553528305"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 23:10:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 23:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xeb22c32db23d33860000000000000000","2":"0x67781225f7406d630000000000000000","5":"0xaff254c0dcfea3620000000000000000"},"debug_key":"9230202120957451698","debug_reporting":true,"destination":"https://sateraito.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["906152352"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"7447629934553528305"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEP1Uod81QAFfF-P43YgdIbA&google_cver=1&google_push=AXcoOmQpz2t3wTD_L8O4KY2c-z5QkK95qKLC1gdCCL01JKE15iJD4_0exm34_lhPo5NsJ2jxJUNdkDzsaNfoGu2Ond2ocwGqEk5noBY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F81F423087F34EF396B05AD615C52931&google_push=AXcoOmQpz2t3wTD_L8O4KY2c-z5QkK95qKLC1gdCCL01JKE15iJD4_0exm34_lhPo5NsJ2jxJUNdkDzsaNfoGu2...

170 B
188 B

59ms
59ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F81F423087F34EF396B05AD615C52931&google_push=AXcoOmQpz2t3wTD_L8O4KY2c-z5QkK95qKLC1gdCCL01JKE15iJD4_0exm34_lhPo5NsJ2jxJUNdkDzsaNfoGu2Ond2ocwGqEk5noBY

Requested by

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F81F423087F34EF396B05AD615C52931&google_push=AXcoOmQpz2t3wTD_L8O4KY2c-z5QkK95qKLC1gdCCL01JKE15iJD4_0exm34_lhPo5NsJ2jxJUNdkDzsaNfoGu2Ond2ocwGqEk5noBY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 15 Aug 2023 23:10:52 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmTxMYPtac9Xz0lRizpJKllu3JOSGuNfIe4SmAX0MjRgDkDxTG7UInrUIg7t7yGfs6tsZV_JA8jByzyM2cCiweG3uITLsubTZY0&google_gid=CAESEADQvsV7aXY_NlOTFC1E2MA&goo...
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmTxMYPtac9Xz0lRizpJKllu3JOSGuNfIe4SmAX0MjRgDkDxTG7UInrUIg7t7yGfs6tsZV_JA8jByzyM2cCiweG3uITLsubTZY0&google_hm=AfVwMAa-eU16ks8AD7P...

170 B
188 B

55ms
55ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmTxMYPtac9Xz0lRizpJKllu3JOSGuNfIe4SmAX0MjRgDkDxTG7UInrUIg7t7yGfs6tsZV_JA8jByzyM2cCiweG3uITLsubTZY0&google_hm=AfVwMAa-eU16ks8AD7P3p8QDtMA

Requested by

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
via: 1.1 90fa5c5ef559c4e8601bb399752b00bc.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmTxMYPtac9Xz0lRizpJKllu3JOSGuNfIe4SmAX0MjRgDkDxTG7UInrUIg7t7yGfs6tsZV_JA8jByzyM2cCiweG3uITLsubTZY0&google_hm=AfVwMAa-eU16ks8AD7P3p8QDtMA
cache-control: no-cache
content-length: 0
x-amz-cf-id: _nEXiR6B2Ws9BvUdrKpn5GgTgYQrGIGvyCUpyMkNKIbHEz4wum2utA==
expires: -1

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame 651E
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEB7iOKnq6slGJSP0Km7hWEM&google_cver=1&google_push=AXcoOmTIEgrPzLC6mogRZbNq3TFKSU5YFqOhcU13wRM0AzcKuaGvuK36xosvSLOcb8Gyq...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=Wk4xWGZNQ284WG9BQUMzQ2tOSUFBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEB7iOKnq6slGJSP0Km7hWEM&google_cver=1

43 B
987 B

69ms
33ms

Image
image/gif

202.241.208.3
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEB7iOKnq6slGJSP0Km7hWEM&google_cver=1
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: HTTP/1.1
Server: 202.241.208.3 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:53 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEB7iOKnq6slGJSP0Km7hWEM&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"153.240.174.133","key":"ZN1XfMCo8XoAAC3CkNIAAAAA","privacy_sensitive":false,"uid":"ZN1XfMCo8XoAAC3CkNIAAAAA","upstream_id":"a-ad40153"}
X-SO-Key: ZN1XfMCo8XoAAC3CkNIAAAAA
X-SO-Upstream-ID: a-ad40153
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40153.dc2p.scaleout.jp
X-SO-UID: ZN1XfMCo8XoAAC3CkNIAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 153.240.174.133
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 4
X-SO-LB-Hostname: a-ng40015.dc2p.scaleout.jp

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEB7iOKnq6slGJSP0Km7hWEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELfrutpQAgggGc-GiPiWMII&google_cver=1&google_push=AXcoOmS_k8SpZs4wg12REo-YNYNPHq280I2bztlhPrbnUK5rimze6pZORjUtjrddUC1PxyxfYG2zg7fbwIfulCIp9X8ccELF2GYqVQ
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NUEzOUYxQTc5RDQ0M0QwMQ==

170 B
188 B

57ms
57ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NUEzOUYxQTc5RDQ0M0QwMQ==

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NUEzOUYxQTc5RDQ0M0QwMQ==
date: Wed, 16 Aug 2023 23:10:53 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 651E 43 B
641 B 62ms
16ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEN_FQz_by8joVXf9kmYQGoQ&google_cver=1&google_push=AXcoOmSgO6-4IRO_U5EvqlZlR4eCC7MZSSRo-Tn6H6IDlpi9HeFGje_eC6i8BLazFdbwcB6W9pJdOzoWqI4mT3ZkG7iMoiQ3z9KzhOM

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:52 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEHANnsKTn7PEriwQx3_e_14&google_cver=1&google_push=AXcoOmQgyUI-WSE60l4iUwHAM7CJTBhz7cH-ZJJvcHFuwOL8X6H7hJwLTLZ-3g8BeSa56WAA_XmVSQFO9YxplzMDD...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQgyUI-WSE60l4iUwHAM7CJTBhz7cH-ZJJvcHFuwOL8X6H7hJwLTLZ-3g8BeSa56WAA_XmVSQFO9YxplzMDDyYcONNKmgXF7aM&google_hm=AZ8Z4y-GQEgJuskGy...

170 B
188 B

52ms
52ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQgyUI-WSE60l4iUwHAM7CJTBhz7cH-ZJJvcHFuwOL8X6H7hJwLTLZ-3g8BeSa56WAA_XmVSQFO9YxplzMDDyYcONNKmgXF7aM&google_hm=AZ8Z4y-GQEgJuskGyAqfj2g

Requested by

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQgyUI-WSE60l4iUwHAM7CJTBhz7cH-ZJJvcHFuwOL8X6H7hJwLTLZ-3g8BeSa56WAA_XmVSQFO9YxplzMDDyYcONNKmgXF7aM&google_hm=AZ8Z4y-GQEgJuskGyAqfj2g
Date: Wed, 16 Aug 2023 23:10:52 GMT
Server: Apache
Connection: keep-alive
Content-Length: 234
Content-Type: text/html; charset=utf-8

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 651E
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEP_6QOF_RFo_7SzQjr3QbJw&google_cver=1&google_push=AXcoOmQmHfrALFxhNy1-DS4DZW5lQlmstrhrUM13wHY1sA_ZoBiJ-3XXG5GBuXa9P9haMSwm5q8NarzNRYmXkrXzJi5d...
https://sync.gonet-ads.com/match/google?google_gid=CAESEP_6QOF_RFo_7SzQjr3QbJw&google_cver=1&google_push=AXcoOmQmHfrALFxhNy1-DS4DZW5lQlmstrhrUM13wHY1sA_ZoBiJ-3XXG5GBuXa9P9haMSwm5q8NarzNRYmXkrXzJi5d...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NzlhZDdkZTJlY2EzOTM3YQ&google_push=AXcoOmQmHfrALFxhNy1-DS4DZW5lQlmstrhrUM13wHY1sA_ZoBiJ-3XXG5GBuXa9P9haMSwm5q8NarzNRYmXkrXzJi5d-ud...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MTM5OTc4OWUyYWVhZDJkMA&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
102 B

404ms
28ms

Image
image/gif

142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 18:56:46 GMT
x-content-type-options: nosniff
age: 15249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 18:56:46 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 651E 0
12 B 51ms
50ms Image
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJuSyTOPCCyVbP0LPQGfBAsgHxnrnHgYzB-P_upUzAT_Gl3mTW6raJpkiUKUKdL9ECcJYEBA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 52ms
51ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 53ms
52ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 051D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELnuaI5dQ7DY5z4nxafSDr4&google_cver=1&google_push=AXcoOmQOq9kfoml8Dz46iMoJpvr9REVsWqRIjIDR1s_kI0nCEZdrnXm1UY2nlrReZ7JcHpAszpDyJBYeiCnl5yMZHSk6BTvhDun3B...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5NjI4NTEwMTEwMjY3NTM0MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnuaI5dQ7DY5z4nxafSDr4&google_cver=1

43 B
398 B

781ms
183ms

Image
image/gif

50.116.239.135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnuaI5dQ7DY5z4nxafSDr4&google_cver=1
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnuaI5dQ7DY5z4nxafSDr4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECx_9MS85FeX2o4EDYXd8ZY&google_cver=1&google_push=AXcoOmSmh7dEA39lERoNbbSZKLiHdDfP9Zlbv3uKNXHW8lBioBb8WwRxvXj0l75Wv7NmhAwA7KzgMw1YuhQR0SXV...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Expk3Vd6RAClb3NevlKOQg&google_push=AXcoOmSmh7dEA39lERoNbbSZKLiHdDfP9Zlbv3uKNXHW8lBioBb8WwRxvXj0l75Wv7NmhAwA7KzgMw1YuhQR0SXVGLxJ3WJg...

170 B
188 B

57ms
57ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Expk3Vd6RAClb3NevlKOQg&google_push=AXcoOmSmh7dEA39lERoNbbSZKLiHdDfP9Zlbv3uKNXHW8lBioBb8WwRxvXj0l75Wv7NmhAwA7KzgMw1YuhQR0SXVGLxJ3WJg0ZvpGewKszKGFbH1R85fQ9_UoorPv-JPSePMUcG1cHjHhT7TSB6icotx3bB0TA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 16 Aug 2023 23:10:52 GMT
Server: MT3 1031 59fd23a master nrt nrt-pixel-x24 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Expk3Vd6RAClb3NevlKOQg&google_push=AXcoOmSmh7dEA39lERoNbbSZKLiHdDfP9Zlbv3uKNXHW8lBioBb8WwRxvXj0l75Wv7NmhAwA7KzgMw1YuhQR0SXVGLxJ3WJg0ZvpGewKszKGFbH1R85fQ9_UoorPv-JPSePMUcG1cHjHhT7TSB6icotx3bB0TA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 16 Aug 2023 23:10:51 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051D
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENbWQQsjTfuli2G0ixSB1Q4&google_cver=1&google_push=AXcoOmSx4JIGQwspXyTnL6UDs6-pZIPox83ANWaX8zUkl-15S3B28e1P-BkIPlhIANffctx_8zYFgF8vD92vJYauo-...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDhkMDdiZGEtMGVjOC00ZjBmLTg5Y2EtZTQ1OGM0YTUzOGI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7

170 B
188 B

57ms
56ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDhkMDdiZGEtMGVjOC00ZjBmLTg5Y2EtZTQ1OGM0YTUzOGI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDhkMDdiZGEtMGVjOC00ZjBmLTg5Y2EtZTQ1OGM0YTUzOGI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051D
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESECPVEEDxAW4PCcAgVQ_LlO8&google_cver=1&google_push=AXcoOmTvB92tC02-o4opULl5zuSDbZvHSpz22pHh498AKl9swXOFSGj9y4JkvJmQer0fQemHD_0uDFhXhv...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTvB92tC02-o4opULl5zuSDbZvHSpz22pHh498AKl9swXOFSGj9y4JkvJmQer0fQemHD_0uDFhXhv7elC7XStNbIco_GCbCw7Bfuh5hXi-KLyuvJATuGLPQIlQaQ4...

170 B
188 B

55ms
55ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTvB92tC02-o4opULl5zuSDbZvHSpz22pHh498AKl9swXOFSGj9y4JkvJmQer0fQemHD_0uDFhXhv7elC7XStNbIco_GCbCw7Bfuh5hXi-KLyuvJATuGLPQIlQaQ4Ye2qOuWonNg4y9kaieQoUa2lZ1&google_hm=b09lWUw1ZjBCajlaVFllaUs2T2lMQ0xSeVVz&from_google=pc1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:52 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTvB92tC02-o4opULl5zuSDbZvHSpz22pHh498AKl9swXOFSGj9y4JkvJmQer0fQemHD_0uDFhXhv7elC7XStNbIco_GCbCw7Bfuh5hXi-KLyuvJATuGLPQIlQaQ4Ye2qOuWonNg4y9kaieQoUa2lZ1&google_hm=b09lWUw1ZjBCajlaVFllaUs2T2lMQ0xSeVVz&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051D
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDEBphMZZKpn4DJYpAUY4O8&google_cver=1&google_push=AXcoOmQuaPF_4QZ-zxMNvRBNC7A5ErXZ2kIwCwiGAwtjsOo2JHCkzZd9U...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQuaPF_4QZ-zxMNvRBNC7A5ErXZ2kIwCwiGAwtjsOo2JHCkzZd9Uo163DzX2FNCxJl38jr8uXpPo2Z6H_-Q3Im7TnVzec23hXbWk1XrCdoc29x-4ybHSfCHLdj3K...

170 B
188 B

55ms
54ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQuaPF_4QZ-zxMNvRBNC7A5ErXZ2kIwCwiGAwtjsOo2JHCkzZd9Uo163DzX2FNCxJl38jr8uXpPo2Z6H_-Q3Im7TnVzec23hXbWk1XrCdoc29x-4ybHSfCHLdj3KTM9d2ZtjLmP4-wPbxRpbyvYAkmcBCM&google_hm=QlMuYzM2My03NDZjLTQzZjYtYWU2ZQ==

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQuaPF_4QZ-zxMNvRBNC7A5ErXZ2kIwCwiGAwtjsOo2JHCkzZd9Uo163DzX2FNCxJl38jr8uXpPo2Z6H_-Q3Im7TnVzec23hXbWk1XrCdoc29x-4ybHSfCHLdj3KTM9d2ZtjLmP4-wPbxRpbyvYAkmcBCM&google_hm=QlMuYzM2My03NDZjLTQzZjYtYWU2ZQ==
Date: Wed, 16 Aug 2023 23:10:53 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051D
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAxzkVvMfY7jpuOCOswzy9o&google_cver=1&google_push=AXcoOmRbluuL6YiRY2iZ6vqJ_depk8K1MXYaZ7RNjMke2NUcHXFdj--JVALjtW4L4n4Cwqu0EB0jkzkg...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEAxzkVvMfY7jpuOCOswzy9o%26google_cver%3D1%26google_push%3DAXcoOmRbluuL6YiRY2iZ6v...
https://rtb2-useast.e-volution.ai/sync?adkuid=A744259914160508407&exchange=193&google_gid=CAESEAxzkVvMfY7jpuOCOswzy9o&google_cver=1&google_push=AXcoOmRbluuL6YiRY2iZ6vqJ_depk8K1MXYaZ7RNjMke2NUcHXFdj...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc0NDI1OTkxNDE2MDUwODQwNw&google_push=AXcoOmRbluuL6YiRY2iZ6vqJ_depk8K1MXYaZ7RNjMke2NUcHXFdj--JVALjtW4L4n4Cwqu0EB0jkzkg...

170 B
188 B

59ms
58ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc0NDI1OTkxNDE2MDUwODQwNw&google_push=AXcoOmRbluuL6YiRY2iZ6vqJ_depk8K1MXYaZ7RNjMke2NUcHXFdj--JVALjtW4L4n4Cwqu0EB0jkzkgWEy7Nd2Rr2WC3cbbjHsMqGu-fWqYuHLFmmWX42gOBSQoyYN5qqZ5glYd56PZTIQb8OytmIB5zN6Gyg

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc0NDI1OTkxNDE2MDUwODQwNw&google_push=AXcoOmRbluuL6YiRY2iZ6vqJ_depk8K1MXYaZ7RNjMke2NUcHXFdj--JVALjtW4L4n4Cwqu0EB0jkzkgWEy7Nd2Rr2WC3cbbjHsMqGu-fWqYuHLFmmWX42gOBSQoyYN5qqZ5glYd56PZTIQb8OytmIB5zN6Gyg
Date: Wed, 16 Aug 2023 23:10:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051D
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEBKMeW42j1CMkD2C3SzJYp8&google_cver=1&google_push=AXcoOmSUAw1AxIyslp0GO5_8jo4TJCGqpNasUiNNqju7Vf26_rLBFGygtdrp89NvAdY_N7rr21eLTumbVnUhl2WTX7wVJpjE3...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSUAw1AxIyslp0GO5_8jo4TJCGqpNasUiNNqju7Vf26_rLBFGygtdrp89NvAdY_N7rr21eLTumbVnUhl2WTX7wVJpjE3CPVPEllc-vP8H07xC-qzxOR0QOk4...

170 B
188 B

58ms
57ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSUAw1AxIyslp0GO5_8jo4TJCGqpNasUiNNqju7Vf26_rLBFGygtdrp89NvAdY_N7rr21eLTumbVnUhl2WTX7wVJpjE3CPVPEllc-vP8H07xC-qzxOR0QOk4StTaVjhpu-GzIgHrK76MnHX8Zh9d3B201M&google_hm=b1e18017754a611d7e06248902935f44

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSUAw1AxIyslp0GO5_8jo4TJCGqpNasUiNNqju7Vf26_rLBFGygtdrp89NvAdY_N7rr21eLTumbVnUhl2WTX7wVJpjE3CPVPEllc-vP8H07xC-qzxOR0QOk4StTaVjhpu-GzIgHrK76MnHX8Zh9d3B201M&google_hm=b1e18017754a611d7e06248902935f44
date: Wed, 16 Aug 2023 23:10:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 051D 0
12 B 53ms
52ms Image
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZuLt4NuB-ZFW1ytedipBpxjxLqGfDxX1C-y66wn75Kld-_5Ui-vkwmx-T28vI1l1jltA7l_kQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

setuid
u.4dex.io/ Frame F327
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&gdpr_consent=undefined&gdpr=0&khaos=LLECJ6H8-20-C8SU
https://u.4dex.io/setuid?bidder=rubicon&uid=LLECJ6H8-20-C8SU&gdpr=0&gdpr_consent=undefined

0
15 B

20ms
19ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=rubicon&uid=LLECJ6H8-20-C8SU&gdpr=0&gdpr_consent=undefined
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://u.4dex.io/setuid?bidder=rubicon&uid=LLECJ6H8-20-C8SU&gdpr=0&gdpr_consent=undefined
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
Expires: 0

GET
DATA 200
OK truncated
/ Frame 2D05 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf1de86a3c61f7a04241af788acf73c6ddbe9a5c1d4a3f73a2ce7e4e27c472d5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 71E2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dd18e1ca13c475bdae51707bc2dc0555c288684a4ae1c2f2eaa69b1bc132eaf

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 71E2 25 KB
25 KB 15ms
14ms Font
text/html 142.251.42.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqs039Mt9ghIeAohNUQVhLcOEx04TOFxSmuoNPz3eitfPPDRkqPjjOFP9KIi0mL1AQgz9NLL2RROiskm4Zx_eLAbtlAvPAYw1Cs0xAEwJwex3Stg65pnthk-soJY30zMJsfpIMu58KWBR5HpjEnV3cBiIJkkvMtFJGsipALQ_T9U7h1hc4KgxgNBQxCOHz7nzkrl5Errf6C1w_s1_SCMDS1AS4nQC33ylY&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%80%8EK%E3%81%97%E4%B8%BB5%E9%A1%94%E8%B3%9B0%E2%80%A69%E5%B8%AB%E3%81%99%E5%8C%BB%E7%9E%AC)2%E3%81%AB%E3%81%84%E8%A3%8F4%E3%82%B4%E3%82%89%E7%9F%A5%E3%80%8D%E3%81%8CH%E6%94%BE%E3%81%A7%E9%80%81%E3%82%8B%E3%80%8F%E7%B5%B6%E5%A9%A6%E8%BF%94%E5%A4%A7%E3%81%AA%E3%81%8F%E3%82%B9%E9%96%8B%E3%81%88%E3%83%9F%E4%BB%A3(%E8%8B%A5%E6%B6%88N%E3%80%8C%E5%89%B2%E6%8A%80%E8%A1%93%E3%82%8A%E3%82%B7%E4%B8%80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.195 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8a0ffe99e232e2a48277434943e627cb2bd6a78d751634c731844301d354d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 21:00:44 GMT
x-content-type-options: nosniff
age: 7809
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25400
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 16 Aug 2023 21:00:44 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 71E2 21 KB
21 KB 20ms
20ms Font
font/woff2 142.251.42.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.195 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 10:17:30 GMT
x-content-type-options: nosniff
age: 478403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 10:17:30 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 2D05 24 KB
24 KB 22ms
22ms Font
text/html 142.251.42.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqq03dVs9JQWo6DTxoRVjbcOUZ04DGFxDeuocvz3fStfOLDRluPjhmFP_qIi3GL1Dogz-RLL01ROgAkmKFx_s7AbeFAv88Yw0Cs0wAEwKAex1Wtg6ZpntBk-sIJYkUzMaofpbAu59aRPgtAnRwgb0MHgpJine8rM5qqoIUNeOP_YK93qugIiAMPPgpACWb5lQwlr74rreGC3Sbs3-WDGSu1KTw&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%B8W%E3%83%A7NE%E3%81%99%E3%80%81%E3%82%BC%E9%A8%93%E3%80%82%E3%83%B3%E3%83%BC%E3%82%928%E3%82%BF%E3%83%88%E3%83%AC%E3%81%A7%E8%A1%8C%E3%82%8B%E5%BF%83%E3%81%A8%E8%BB%8A%E4%BD%93%E3%83%8B%E3%81%86%E3%81%8F%E3%81%98%E4%B9%97%E9%96%8B%E8%A9%A6%E5%AE%BF4%E5%A5%AA%E3%83%97%E6%B3%8A%E3%83%A2%20%E3%81%AF%E4%BB%98%E3%82%810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.195 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d4db715a508937a750b36756feb926dac0063cc3b256873af9135d429927af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 17:37:20 GMT
x-content-type-options: nosniff
age: 20013
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24224
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 16 Aug 2023 17:37:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 71E2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-8S_e1fdZO-bMvOFid4Pt7OGyAj-9ISqcqPJsO3fEdzZHhABIL6I6yBgidvFhPQToAHj3pW5KMgBCakCi6iAf0FuPT6oAwHIA8sEqgTIAU_Q7YTHDg3y2X0otXUq5I7CRL75hATp102kns4...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x237ee1805695b2400000000000000000%22,%222%22:%220xfab65bb44ebf3e860000000000000000%22,%225%22:%220x2fc346...

0
0

54ms
54ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x237ee1805695b2400000000000000000%22,%222%22:%220xfab65bb44ebf3e860000000000000000%22,%225%22:%220x2fc346bfb46571de0000000000000000%22},%22debug_key%22:%2215931304581713795081%22,%22debug_reporting%22:true,%22destination%22:%22https://beautiful-lily.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210857312099%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22113900527093818561%22}&andc=true

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x237ee1805695b2400000000000000000","2":"0xfab65bb44ebf3e860000000000000000","5":"0x2fc346bfb46571de0000000000000000"},"debug_key":"15931304581713795081","debug_reporting":true,"destination":"https://beautiful-lily.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10857312099"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"113900527093818561"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 23:10:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 23:10:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x237ee1805695b2400000000000000000","2":"0xfab65bb44ebf3e860000000000000000","5":"0x2fc346bfb46571de0000000000000000"},"debug_key":"15931304581713795081","debug_reporting":true,"destination":"https://beautiful-lily.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10857312099"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"113900527093818561"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2D05
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CeGgMe1fdZM_UMv2Zid4Pla6CuASB0b6ocqf8wbHEEdzZHhABIL6I6yBgidvFhPQToAHG2Iu8AsgBCakCi6iAf0FuPT6oAwHIA8sEqgTFAU_QNeVdyx37Bk1NmB_20pQg6NqImVg8dp2Z3bZ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd2a13f64241ef4dc0000000000000000%22,%222%22:%220x74b8ad9151f2f6930000000000000000%22,%225%22:%220x6e7ad1...

0
0

53ms
53ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd2a13f64241ef4dc0000000000000000%22,%222%22:%220x74b8ad9151f2f6930000000000000000%22,%225%22:%220x6e7ad130c6cadfab0000000000000000%22},%22debug_key%22:%229295426450133314060%22,%22debug_reporting%22:true,%22destination%22:%22https://peugeot.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22662891590%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215722880951984760801%22}&andc=true

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd2a13f64241ef4dc0000000000000000","2":"0x74b8ad9151f2f6930000000000000000","5":"0x6e7ad130c6cadfab0000000000000000"},"debug_key":"9295426450133314060","debug_reporting":true,"destination":"https://peugeot.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["662891590"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"15722880951984760801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 23:10:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 23:10:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd2a13f64241ef4dc0000000000000000","2":"0x74b8ad9151f2f6930000000000000000","5":"0x6e7ad130c6cadfab0000000000000000"},"debug_key":"9295426450133314060","debug_reporting":true,"destination":"https://peugeot.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["662891590"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"15722880951984760801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame F925 37 KB
14 KB 14ms
13ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5337 37 KB
14 KB 19ms
19ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=3373839512&pi=t.aa~a.3833409619~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=1&bdt=2706&idt=1&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3834&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IrjYGv6rpw&p=https%3A//points-pay.com&dtd=59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 52ms
51ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F327
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/UpRKVyN-96f1xboH5_OUkcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_rf.OC9E2oJseKwUUmniYtIwLQkOgIp.gDZ_4Q--~A

42 B
691 B

84ms
83ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_rf.OC9E2oJseKwUUmniYtIwLQkOgIp.gDZ_4Q--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 16 Aug 2023 23:10:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_rf.OC9E2oJseKwUUmniYtIwLQkOgIp.gDZ_4Q--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F327
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

81ms
81ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F327
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLECJ6H8-20-C8SU&gdpr=0

0
516 B

574ms
202ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLECJ6H8-20-C8SU&gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:53 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 67170E7B412C4BA5BCF5DEC3300198B5 Ref B: TYO01EDGE3218 Ref C: 2023-08-16T23:10:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDEmhGHOh7Arfd3tUL2g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLECJ6H8-20-C8SU&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F327
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDJjN2FkZmI5YzBkNmJjMGM5YmQ5NGUwNDBkYjU4MDIxZjJhZTM2Mg&gdpr=0

170 B
188 B

58ms
57ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDJjN2FkZmI5YzBkNmJjMGM5YmQ5NGUwNDBkYjU4MDIxZjJhZTM2Mg&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDJjN2FkZmI5YzBkNmJjMGM5YmQ5NGUwNDBkYjU4MDIxZjJhZTM2Mg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F327
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMRzSUEhTSS3V8-1q-mJ0PE&google_cver=1

42 B
691 B

150ms
81ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMRzSUEhTSS3V8-1q-mJ0PE&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMRzSUEhTSS3V8-1q-mJ0PE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F327
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0WqeX19fTJa5ZK6iiUlwzQ&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0WqeX19fTJa5ZK6iiUlwzQ&gdpr=0

43 B
479 B

255ms
254ms

Image
image/gif

67.220.228.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0WqeX19fTJa5ZK6iiUlwzQ&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

HTTP/1.1

Server

67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 09A40JHFQ0077216BB5C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0WqeX19fTJa5ZK6iiUlwzQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F327
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uVE6OkrMRUem8QN5XEXq-Q&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uVE6OkrMRUem8QN5XEXq-Q&gdpr=0

43 B
479 B

194ms
192ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uVE6OkrMRUem8QN5XEXq-Q&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VBWVP9D48C551S15GB2H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uVE6OkrMRUem8QN5XEXq-Q&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F327
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExFQ0o2SDgtMjAtQzhTVQ==&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKYqeelHHfMXT0cp3ji7a-Q&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExFQ0o2SDgtMjAtQzhTVQ==&google_push=&gdpr=0

170 B
188 B

48ms
47ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExFQ0o2SDgtMjAtQzhTVQ==&google_push=&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExFQ0o2SDgtMjAtQzhTVQ==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
Expires: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
53ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E49F 794 B
495 B 60ms
60ms Stylesheet
text/css 142.251.42.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%9F%E3%81%AF%E3%82%93%E5%9B%9E%E3%80%8C%E8%A7%A3%E3%82%81%E5%88%86%E3%81%BF%E9%85%8D%E5%AE%B6%E4%B8%80%E5%AE%89%E3%81%8F%E3%81%AA%E9%96%8B%E4%B8%8D%E5%A4%A7%E3%81%A7%E9%87%91%E3%80%8D%E7%AC%AC%E6%9D%A5%E3%81%95%E3%81%AE%E9%81%8B%EF%BC%96%E3%82%92%E3%80%82%E7%94%A8%E3%82%8B%E5%B0%86%E6%AD%A9%E5%B9%B4%E6%B6%88%E4%BA%8C%E7%94%A3%E3%81%99%E8%B3%87

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.138 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85ccad7b6821ffaafea177e8b8b2fc3f45c62bf2bd1d8e0b926107251dca5a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 23:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 23:10:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 23:10:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame E49F 2 KB
931 B 12ms
11ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame E49F 23 KB
9 KB 17ms
16ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:15:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame E49F 3 KB
1 KB 17ms
17ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE12 1 KB
682 B 17ms
17ms Document
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 71823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 03:13:50 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 03:13:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame E49F 20 KB
8 KB 13ms
13ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:42:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E49F 0
0 54ms
53ms Image
text/html 216.58.220.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRALiIkqTFK1jBVKENkZMD9_EMByurSBIjBg4_0SPHE4EzpSeJQnz3lxAs-eG4_f3XsL1PYpoIQtu9CyhFU1gf5QHlo0A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.220.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s01-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E49F 180 KB
56 KB 104ms
103ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:53 GMT

GET
H2 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame E49F 35 KB
15 KB 16ms
15ms Script
text/javascript 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 22:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 22:10:29 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9304999752851185349/ Frame E49F 21 KB
21 KB 19ms
18ms Image
image/png 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9304999752851185349/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4821853f1e0e04a7248eb86f1b78201a96abfacf5fae11b8fd16beae3c7a1b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 15:32:22 GMT
x-content-type-options: nosniff
age: 545911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21268
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 04:11:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Aug 2024 15:32:22 GMT

GET
DATA 200
OK truncated
/ Frame E49F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E49F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E49F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b5fc2613a94678908ea84439c1d0ae3281274abaa592ba8d4050f2c1d3303f

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE12
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK9yDLWMtvpFv9YQFjYNASQ&google_cver=1&google_push=AXcoOmSuoQ3uYUb5FpAl8ohEtamPvYmjH0CdlA9hf_zuzCfZ7X1MXNaVIv...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSuoQ3uYUb5FpAl8ohEtamPvYmjH0CdlA9hf_zuzCfZ7X1MXNaVIvmu_ExJ0SQxpR-GBk0cPM-aGzGUFWTQasRfNtpd1EeOfMk&google_hm=jlV...

170 B
188 B

55ms
54ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSuoQ3uYUb5FpAl8ohEtamPvYmjH0CdlA9hf_zuzCfZ7X1MXNaVIvmu_ExJ0SQxpR-GBk0cPM-aGzGUFWTQasRfNtpd1EeOfMk&google_hm=jlVcrWQ3nw_QbtwlIkMU5Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSuoQ3uYUb5FpAl8ohEtamPvYmjH0CdlA9hf_zuzCfZ7X1MXNaVIvmu_ExJ0SQxpR-GBk0cPM-aGzGUFWTQasRfNtpd1EeOfMk&google_hm=jlVcrWQ3nw_QbtwlIkMU5Q
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE12
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENbWQQsjTfuli2G0ixSB1Q4&google_cver=1&google_push=AXcoOmQg9dctevwK3iU88UFvUAT9MB120vPiD-XuHfbz5FlWx7Gysv8S4MrpYVGucNxAJQUIbLESr913nV9hhcE9HU...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDhkMDdiZGEtMGVjOC00ZjBmLTg5Y2EtZTQ1OGM0YTUzOGI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7

170 B
188 B

59ms
57ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDhkMDdiZGEtMGVjOC00ZjBmLTg5Y2EtZTQ1OGM0YTUzOGI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDhkMDdiZGEtMGVjOC00ZjBmLTg5Y2EtZTQ1OGM0YTUzOGI3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H/1.1 200
OK sync_before
tg.socdm.com/rtb/ Frame EE12 43 B
1 KB 21ms
20ms Image
image/gif 124.146.215.46
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEB7iOKnq6slGJSP0Km7hWEM&google_cver=1&google_push=AXcoOmRZuBywYEWgU7QqZkkfC80gXsELNW-ZGoUf2OW4DipSAxDT_taSLynlPCa_HDng3qrQ44Nreg1F8Df-bpbtApnDAO5I_pAc6Cc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:53 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google&sspid=google&google_gid=CAESEB7iOKnq6slGJSP0Km7hWEM&google_cver=1&google_push=AXcoOmRZuBywYEWgU7QqZkkfC80gXsELNW-ZGoUf2OW4DipSAxDT_taSLynlPCa_HDng3qrQ44Nreg1F8Df-bpbtApnDAO5I_pAc6Cc","cluster_id":0,"gdpr":false,"ipv4":"153.240.174.133","key":"ZN1XfMCo8XoAAC3CkNIAAAAA","privacy_sensitive":false,"uid":"ZN1XfMCo8XoAAC3CkNIAAAAA","upstream_id":"a-ad40153"}
X-SO-Key: ZN1XfMCo8XoAAC3CkNIAAAAA
X-SO-Upstream-ID: a-ad40153
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40153.dc2p.scaleout.jp
X-SO-UID: ZN1XfMCo8XoAAC3CkNIAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 153.240.174.133
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 2
X-SO-LB-Hostname: m-tgng22.dc4p.scaleout.jp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE12
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEKY8b5bm8nL4ddVaSCHdD9A&google_cver=1&google_push=AXcoOmQLuwjKmQnO4ZBTJjDuy8_ecAEeBzRUQqDeVUoOIc1sLOHHoA06Bf_Ta95TPgeI73XPTVmvBH8eGPKqmGDXjuXBDTsC2mPBgIw
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZWVaRDVhamRBVC1uUDR6eWUxZmRaQQ%3D%3D&google_push=AXcoOmQLuwjKmQnO4ZBTJjDuy8_ecAEeBzRUQqDeVUoOIc1sLOHHoA06Bf_Ta95TPgeI73XPTVmvBH8eGPKqm...

170 B
188 B

53ms
52ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZWVaRDVhamRBVC1uUDR6eWUxZmRaQQ%3D%3D&google_push=AXcoOmQLuwjKmQnO4ZBTJjDuy8_ecAEeBzRUQqDeVUoOIc1sLOHHoA06Bf_Ta95TPgeI73XPTVmvBH8eGPKqmGDXjuXBDTsC2mPBgIw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 23:10:53 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZWVaRDVhamRBVC1uUDR6eWUxZmRaQQ%3D%3D&google_push=AXcoOmQLuwjKmQnO4ZBTJjDuy8_ecAEeBzRUQqDeVUoOIc1sLOHHoA06Bf_Ta95TPgeI73XPTVmvBH8eGPKqmGDXjuXBDTsC2mPBgIw
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE12
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEHANnsKTn7PEriwQx3_e_14&google_cver=1&google_push=AXcoOmQetE1ARNMW35M2-TB7WllyRVLp2uZr3I5Rj30SYEJeaD2-hoJsZby9ZTCQfsOewqz8Z_PiPgaHVOjqgOhaf...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQetE1ARNMW35M2-TB7WllyRVLp2uZr3I5Rj30SYEJeaD2-hoJsZby9ZTCQfsOewqz8Z_PiPgaHVOjqgOhafe7pvTMv1i22zT0&google_hm=AZ8Z4y-GQEgJuskGy...

170 B
188 B

53ms
52ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQetE1ARNMW35M2-TB7WllyRVLp2uZr3I5Rj30SYEJeaD2-hoJsZby9ZTCQfsOewqz8Z_PiPgaHVOjqgOhafe7pvTMv1i22zT0&google_hm=AZ8Z4y-GQEgJuskGyAqfj2g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQetE1ARNMW35M2-TB7WllyRVLp2uZr3I5Rj30SYEJeaD2-hoJsZby9ZTCQfsOewqz8Z_PiPgaHVOjqgOhafe7pvTMv1i22zT0&google_hm=AZ8Z4y-GQEgJuskGyAqfj2g
Date: Wed, 16 Aug 2023 23:10:53 GMT
Server: Apache
Connection: keep-alive
Content-Length: 234
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE12
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEBKMeW42j1CMkD2C3SzJYp8&google_cver=1&google_push=AXcoOmR4D8LlCTLK4zWe0HzeZMga3EcjbpZCvY5NBUubVT-p39_WVp2wT2fJf3qlWK66qIkk0CUxYoRaib7QFm5fRqyHIwEJh...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR4D8LlCTLK4zWe0HzeZMga3EcjbpZCvY5NBUubVT-p39_WVp2wT2fJf3qlWK66qIkk0CUxYoRaib7QFm5fRqyHIwEJhsrd2oYw&google_hm=b1e1801775...

170 B
188 B

54ms
53ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR4D8LlCTLK4zWe0HzeZMga3EcjbpZCvY5NBUubVT-p39_WVp2wT2fJf3qlWK66qIkk0CUxYoRaib7QFm5fRqyHIwEJhsrd2oYw&google_hm=b1e18017754a611d7e06248902935f44

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR4D8LlCTLK4zWe0HzeZMga3EcjbpZCvY5NBUubVT-p39_WVp2wT2fJf3qlWK66qIkk0CUxYoRaib7QFm5fRqyHIwEJhsrd2oYw&google_hm=b1e18017754a611d7e06248902935f44
date: Wed, 16 Aug 2023 23:10:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2

200

dot.gif
s0.2mdn.net/ Frame EE12
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEP_6QOF_RFo_7SzQjr3QbJw&google_cver=1&google_push=AXcoOmRFU4vEwCGihiL3TZlLLy3EN61mcG9P62SB-RitCjfQVPFZOMcj9h--zQExTPJka7vSd7jBKEg4rjK4J9mgwQ8x...
https://sync.gonet-ads.com/match/google?google_gid=CAESEP_6QOF_RFo_7SzQjr3QbJw&google_cver=1&google_push=AXcoOmRFU4vEwCGihiL3TZlLLy3EN61mcG9P62SB-RitCjfQVPFZOMcj9h--zQExTPJka7vSd7jBKEg4rjK4J9mgwQ8x...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MTM5OTc4OWUyYWVhZDJkMA&google_push=AXcoOmRFU4vEwCGihiL3TZlLLy3EN61mcG9P62SB-RitCjfQVPFZOMcj9h--zQExTPJka7vSd7jBKEg4rjK4J9mgwQ8xKrr...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MTM5OTc4OWUyYWVhZDJkMA&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
182 B

408ms
28ms

Image
image/gif

142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 18:56:46 GMT
x-content-type-options: nosniff
age: 15249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 18:56:46 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EE12 0
12 B 47ms
46ms Image
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWGl8wbhwBFfx1acdUEuMiGE-V4W65LaVf3dAaShF0_bn1tSOf0LSCvw8J5VT-JAUfsj9XlE0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 font
fonts.gstatic.com/l/ Frame E49F 23 KB
23 KB 16ms
16ms Font
text/html 142.251.42.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqA07TlBQmVmDrgQnhzWVe-KCMW9F3n00TMub-Rxo_PYpihZyLtqVznGb7qoDrp-3BC4agpHh4zBFJFm8MQ96ahfZAhrrh52D330X5fz_NHyQjGh_gRgokj35hEaCB-BMdMoNx00LvvGHgOt2x1ZDNwotcVtq9kHN7ugN5dfLaaUtEWnJlrpHl8EE8ZMQ&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%9F%E3%81%AF%E3%82%93%E5%9B%9E%E3%80%8C%E8%A7%A3%E3%82%81%E5%88%86%E3%81%BF%E9%85%8D%E5%AE%B6%E4%B8%80%E5%AE%89%E3%81%8F%E3%81%AA%E9%96%8B%E4%B8%8D%E5%A4%A7%E3%81%A7%E9%87%91%E3%80%8D%E7%AC%AC%E6%9D%A5%E3%81%95%E3%81%AE%E9%81%8B%EF%BC%96%E3%82%92%E3%80%82%E7%94%A8%E3%82%8B%E5%B0%86%E6%AD%A9%E5%B9%B4%E6%B6%88%E4%BA%8C%E7%94%A3%E3%81%99%E8%B3%87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.195 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb90849d0e9a1c31b142627e47944f674d859b33219f7c6b55d5aef31501efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:02:36 GMT
x-content-type-options: nosniff
age: 65297
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23180
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 16 Aug 2023 05:02:36 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E49F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CniNke1fdZMaXMLKSid4P3KiVMISr2aJxlN-tmeIR4sbo1bIQEAEgvojrIGCJ28WE9BOgAa_mlbYCyAEJqQIAZmIRbHM9PqgDAcgDywSqBMgBT9CW2Odz7R6LTaVecg7w6loNW6zU5hnOH8i...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a1da99a4daabd830000000000000000%22,%222%22:%220x199dea12f19784ba0000000000000000%22,%225%22:%220x84d1a5...

0
0

52ms
52ms

Fetch
text/css

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a1da99a4daabd830000000000000000%22,%222%22:%220x199dea12f19784ba0000000000000000%22,%225%22:%220x84d1a59cc0ab02ff0000000000000000%22},%22debug_key%22:%2211081185520628742913%22,%22debug_reporting%22:true,%22destination%22:%22https://minnadeooyasan.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650474287%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226750522360416944945%22}&andc=true

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7a1da99a4daabd830000000000000000","2":"0x199dea12f19784ba0000000000000000","5":"0x84d1a59cc0ab02ff0000000000000000"},"debug_key":"11081185520628742913","debug_reporting":true,"destination":"https://minnadeooyasan.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650474287"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"6750522360416944945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 23:10:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 23:10:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7a1da99a4daabd830000000000000000","2":"0x199dea12f19784ba0000000000000000","5":"0x84d1a59cc0ab02ff0000000000000000"},"debug_key":"11081185520628742913","debug_reporting":true,"destination":"https://minnadeooyasan.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650474287"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"6750522360416944945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame 32DE 37 KB
14 KB 16ms
16ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-1473205167498500&output=html&h=280&adk=2997644794&adf=2047386232&pi=t.aa~a.912835033~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1692195051&rafmt=1&to=qs&pwprc=7213850717&format=1140x280&url=https%3A%2F%2Fpoints-pay.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692227451725&bpp=3&bdt=2705&idt=-M&shv=r20230815&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D63f6b3c6197c9068-228cad54dce200c7%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_Ma1l3n1xiKhveVG_FIH-CC9ZmhLCg&gpic=UID%3D00000c2dc1fe8ba4%3AT%3D1692227450%3ART%3D1692227450%3AS%3DALNI_MZ17go18jRH6WpPiBW56PfSlIbSpA&prev_fmts=0x0&nras=2&correlator=5272764844345&frm=20&pv=1&ga_vid=1781342283.1692227450&ga_sid=1692227450&ga_hid=1851341934&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44798878%2C44759837%2C44759876%2C31077017%2C31077148&oid=2&pvsid=67012304405215&tmod=928374972&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=quaobdSvHD&p=https%3A//points-pay.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 52ms
52ms Preflight
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

setuid
u.4dex.io/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
https://u.4dex.io/setuid?bidder=yahoo&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A&gdpr=0

0
1 KB

22ms
19ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=yahoo&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A&gdpr=0
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:53 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https:///u.4dex.io/setuid?bidder=yahoo&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A&gdpr=0
date: Wed, 16 Aug 2023 23:10:53 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 640F 42 B
108 B 604ms
61ms Fetch
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqRFlUUP1qcZpHid0CwAoyG14yA1ywp9x8uY_zfP6CCqT0rqycsrzXSupMx8zFo-Y1-Jmrym9WXifEP-sMKYiZ9J7qHudtylyjnTcrfuNJUnsOJKUeWVIp6vJGtT2rbIyE8cfEvCsyGw&sai=AMfl-YTerCRB26A2hoIg52c-j8rvW2JBf-QciECry1oL467JykcEUysy_BpNTdeVe7sIJW3Mt8FOVNWaIc15&sig=Cg0ArKJSzKUwFj_cFqOXEAE&cid=CAQSGwBpAlJW_uUfSGMsqqzpO93uBIKyOToqzIk2RBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=426,1000,1000,1000,1000&tos=426,574,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692227451855&rpt=698&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 395C 42 B
404 B 433ms
56ms Fetch
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsube1y_iMn9Aw0sRh3jxqwRQ8nrVSZx5zU5Cyskl3iPZz-A8TXWdwe2X252kiIruKox68h78MflPNdD1jSv8Qq6mDjTVInvNKcZimSyJUvp9RD8AEIx6i7XV20D2HW7GaVTSPecOk9m1g&sai=AMfl-YR1x8JD1c4rW28Oz3Q7ILZQ8v5pS0ZEp1cOEb3D-rYLaZqlnZQgZR9TXxqplK8rahNxKV9cRyKsA0Kf&sig=Cg0ArKJSzHNv61Qz4L8kEAE&cid=CAQSGwBpAlJW_uUfSGMsqqzpO93uBIKyOToqzIk2RBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692227451851&rpt=698&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8EE6 0
128 B 25ms
23ms Script
text/plain 207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCBA 42 B
108 B 335ms
58ms Fetch
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFa9A8hT2jfBejXaUrE-_S5O6jY1iTjHoJ8mMd_Q5wK7Tuh48RVCYVU22AyjHB2L4Yp36UZ30KWnysju-0qAcJEDNe1G3Jj7fYHIRG80qMM6BRd6wqHh9As2ecMS5FlsQSp2xebLXFTHfv_CZK9gwoh5DKmBqDltwSC286vMUAXuHBmM1eN4Vcichr7Ui4EnXDohVJwpeNiPn2_4796E_DQBeiRrK7qHhYKWDQymbpnq6HyNz8Kym7BFGIeEwfkjvJYeQjmPWt3rTddRRvFDtyFZP5hWo1GsjrONwnLCUqQa6d9y8I58gbTX7Sxoy2M6Atdl2EU7jxEmfBGM19rHQD29Xr7kBBcTcHhCyl6T-wLMTRW7Jg5TQ8zPNuOssnPWwjtyZapiDoRoPwtpkjMmzA0gRqJjKc2ViwuqedFPjqi0sDrGUsTXez_oi4sVQl3g887y_KU73ymviI41n54sVr4CLQufRpLxHJzg65MtS0wi0L4S6FfhCgaTKX22aNAESO-LckB0gQKrbQrN7zzsGKjI7QR1P6nFl6czMp8Z14FSyuZafbNhe4o7L3QUVPPcQLW5SrSuvPHpHh8Ylb6rJXB4INRDB68qfq8l6e7XAEWPNagJ37WM0OD0NwpXhYm-pTiSjWJOOnGua3bWC6CjR8GiCmuAz538pnGD_4waOqMc0u2avNZemHkgJ9O7RI-sVZf3_GExxa1Zzw3BpQOaCRN9mu3MNge2p9NtohvHv44dpdJ2l8DV9ZW3cx6lQOGky84hNj3xJ3a3QOBO2t1p7umtxQ3S9u_EuAWcbDCBh6TKLYHk_AQH9u_8baBOug7FibWUlmmtLJfpQL5nT4pDf5x06m-OjMEpI7Z5ixzYRLP6FKlSfb4kzgSLyNoTCFKiEmU6829QDjqbFbhgzfhMdDH6x4i3WsEgEo3eAYbUNtjRuQ-r1YMlyC-6SC2lOQ2Srj8KZJdM_ayMTut_pToVUt7io5JeSPvHNqqxC1X9ry40mYOKqhjRh6uu-UYJHuAtr4lneIaUwDapTEZT5RT0ecN8RhQirrL8sumzI&sai=AMfl-YRuRrZNS35U60dtSR86EDMHZYuIsTLK6cZLSlNIIewRNjryeEDvLQT1_QjPqGbDJ7UoqNPRdSFXDCEVPar-ABHXsItFjb6gTg&sig=Cg0ArKJSzP-wwuxug6cGEAE&cid=CAQSGwBpAlJW_uUfSGMsqqzpO93uBIKyOToqzIk2RBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692227451854&rpt=719&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 375ms
31ms Script
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Aug 2023 23:10:54 GMT

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN1Xfp7OMeq75-IkBP_4twAAFZgAAAIB

0
15 B

16ms
16ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN1Xfp7OMeq75-IkBP_4twAAFZgAAAIB
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZN1Xfp7OMeq75-IkBP_4twAAFZgAAAIB
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 360ms
25ms XHR
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Aug 2023 23:10:54 GMT

GET
H2 200 lib_footer_slidein.js Show response
ads.themoneytizer.com/ 25 KB
4 KB 15ms
14ms Script
application/javascript 212.102.50.12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_footer_slidein.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.12 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 422668507.tyo.cdn77.com
Software: CDN77-Turbo /
Resource Hash: ca039c9541f1a5f8eb157df578e50664f9e775b18c6a3ff4e9fca87701e93557

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Wed, 16 Aug 2023 23:10:54 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 44458
x-accel-date: 1692182996
x-77-nzt: AdRmMgpMQ8j/qq0AAA
pragma: public
x-accel-expires: @1692269396
last-modified: Fri, 02 Jun 2023 13:02:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: db6831196c1046d47e57dd648c2b7030
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Thu, 17 Aug 2023 10:49:56 GMT

GET
H2 200 lib_watermark.js Show response
ads.themoneytizer.com/ 6 KB
2 KB 18ms
18ms Script
application/javascript 212.102.50.12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_watermark.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=113011&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.50.12 Tokyo, Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 422668507.tyo.cdn77.com
Software: CDN77-Turbo /
Resource Hash: a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: tokyoJP
date: Wed, 16 Aug 2023 23:10:54 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 44459
x-accel-date: 1692182995
x-77-nzt: AdRmMgoXji3/q60AAA
pragma: public
x-accel-expires: @1692269395
last-modified: Mon, 24 Apr 2023 13:12:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: db6831196c1046d47e57dd64cdd2c230
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Thu, 17 Aug 2023 10:49:55 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8EE6 47 B
226 B 16ms
16ms Script
text/html 207.65.34.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59903340&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 16 Aug 2023 23:10:54 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AC1A 244 B
289 B 53ms
52ms Document
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrCXBDQhd6yAxir1LHyATAB&v=APEucNVs2XQtAUFiElkZ3UWkGT7jvfcjh73y2u1wzUMf1e1BFBmHSD-fGLutF6rG86vToDUg1DeLkLaAA-PLzWBdOZy6EbSX0KUXdd9bkdTNgxH-Jn0w3lw

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e7ca7bfb8999f27ef2cedc1e55f767bcb003c4ee878a6b343879c952f127530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 117
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:54 GMT
expires: Wed, 16 Aug 2023 23:10:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 16B7 86 KB
30 KB 88ms
86ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:54 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16B7 42 B
110 B 59ms
58ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dqyjtuf7bUnDVKauG-FMyw10IoRufHRh1hJzphuIEsx50IXMjfBm9P8z7h-x_e5U_y1JTdecC8GD38aPstkDOccYc427vr1qjPPMhFbHmGLoZlwxc

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16B7 0
56 B 57ms
56ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13284801177869597784&x=8&ct=2

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5926572a-9390-4740-9496-c8338f0d4b28
beacon-sin1.rubiconproject.com/beacon/d/ Frame 16B7 43 B
227 B 989ms
167ms Image
image/avif 69.173.158.67
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-sin1.rubiconproject.com/beacon/d/5926572a-9390-4740-9496-c8338f0d4b28?oo=0&accountId=11740&siteId=39550&zoneId=1124636&sizeId=15&e=6A1E40E384DA563B981E240DDA480FB5533BAA8B2D55D51AB1FA8CE900BCDCBEE87F3F1087D26D98A6B579DAC00ADF2A4ABBD1449152E873086513EA6F2BAB5F0B9924F9148C5855F7C2ED81E992DD4683976D149397D959A34B20BD9192887F8878610ABD7B3CDD97287F64EC87A152A907B21F7730E9C0298E8B7A42F539101DA768EB4EC3163EA26BA909EF8FBD8A9E72C2762BC0D6432C3C398C91733E4E651B8C57E4330055C956014CC134F7EF8EB7EBAF454C8471CDA10306204D320B

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.173.158.67 , Singapore, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 2 KB
2 KB 624ms
27ms Image
image/png 23.56.227.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.227.72 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-56-227-72.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:55 GMT
Last-Modified: Wed, 20 Oct 2021 08:07:22 GMT
Server: AkamaiNetStorage
ETag: "dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1802

GET
H3 200 setuid Show response
u.4dex.io/ Frame BBB0 0
15 B 20ms
19ms Document
text/plain 34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 16 Aug 2023 23:10:54 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC1A
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=MjliOTk1ODZhN2ZiNmM4ZDYzNThmOTU5OWViOGE0MmY=

170 B
188 B

51ms
50ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=MjliOTk1ODZhN2ZiNmM4ZDYzNThmOTU5OWViOGE0MmY=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrCXBDQhd6yAxir1LHyATAB&v=APEucNVs2XQtAUFiElkZ3UWkGT7jvfcjh73y2u1wzUMf1e1BFBmHSD-fGLutF6rG86vToDUg1DeLkLaAA-PLzWBdOZy6EbSX0KUXdd9bkdTNgxH-Jn0w3lw

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 23:10:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=MjliOTk1ODZhN2ZiNmM4ZDYzNThmOTU5OWViOGE0MmY=
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

/
cs.adingo.jp/sync/ Frame AC1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adingo_dbm&google_cm&google_dbm&gdpr=0
https://cs.adingo.jp/sync/?from=dbm&id=CAESENi_vEK8FAm7qmPfdXDJiWQ&google_cver=1&gdpr=0

43 B
399 B

57ms
18ms

Image
image/gif

54.249.209.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=dbm&id=CAESENi_vEK8FAm7qmPfdXDJiWQ&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrCXBDQhd6yAxir1LHyATAB&v=APEucNVs2XQtAUFiElkZ3UWkGT7jvfcjh73y2u1wzUMf1e1BFBmHSD-fGLutF6rG86vToDUg1DeLkLaAA-PLzWBdOZy6EbSX0KUXdd9bkdTNgxH-Jn0w3lw
Protocol: H2
Server: 54.249.209.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-209-177.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.adingo.jp/sync/?from=dbm&id=CAESENi_vEK8FAm7qmPfdXDJiWQ&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16B7 0
56 B 57ms
56ms Ping
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3795317687083&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16B7 0
56 B 52ms
52ms Ping
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3795317687083&version=m202307240101&ct=2&x=8&cor=13284801177869599000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 16B7 79 KB
37 KB 99ms
98ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhQASQ6hQnfxnIai-YNRdtl6GcJYjokMlXluCyHdCYs2wZxgAQR7SuAKllYW8dYzY-MP0cEyt4fknN4uUHLDkyeHycweHarPR1yCvuplkFXrGuMZBRH7PaNU5ox7Gp_nxf_gSU_sq0sSNcpK6-eMJBiDA5ZALEiRVzF-GlofgjEFZDric&cry=1&dbm_d=AKAmf-BGjlpwHZRTUlS6yZLuDfNKDo2pQgCR3qAiySA7cD6v_dJzetwogLSl_aXjkldWjU3fJmLP5VJgX2fxngESB2sBABw3cASUHMw0N3K4ZICpDvlHJmjz9ZIryKyVyQ8I4ZWbcCu5BUIK9ifo8sU7PylOiSOQbyFs5qOCRf3hRObzNlRA3Iwx2O6zHQ1bJ28Q6VYqs6DzMmWHJpnGgGGEhDFOssMsbXNBPCEA_GHxuuMoa3105p-i-o5NSJ-E0HtDxAQeUlpbpWVwJViZEM2tVSY6laB43813NRaWo_6XryVtloatU-iyxwWZjMmEWzuVeJSHO3wYGZUZHcCma4C7oyZ_HfCUM0eEfatI3z7lHi3owQGCrMFV8aCza2LJUeWAA8aRsTQPwUCuXmz4VpZttHXHK7xUSxlptCha3SDEp4MjGIcfGNkVMiquRaRyeXhV2Si5h3Qcset7iTnvH0-QHCRUYgOubGOhMx_FLcxH8A8riIY8K5--_NmyKJZ2vQOY8_s1HcOiAlg5z0swUS-oJ0hF3r6jztfsmCQILoCJSS0FzTBjSrh6d4B8ZA_-CCwnHQ2TfvZGEAWtuZ7ev54HBmGhfBzaHfzCn_5BUMujGWzfkBEhCEBPpDAY3P5Ow3H4irjEWBSEhxy5TxvxSE8Oq_5JgmqFmaZATeInfS1U_nQknwNA0hxEkJ0J1uJl6wYvAqTXfrbLgSE_wNtA_lNX_g-eHELNKVYenC4HPRiYFoV1RwTSqGnbOnWm1KwhEDdNEA1W8fuQ68JYCgZ07NQpb84yECuwQ2-9ECJ24Op-kwxoYdOcOo2skq8JbYaq8yH-PfsK2KVum2dE6t4qI30gA-3qPOVLpefHuUFVR8AlaI3bZHZplXxlggzMpz-lg0jdFuwy1bCwoKMFlryecW6h3fbNFoNwTxxA1475qa6qoBtZeozk8mXZQzp-4GPLPLX2wa8_b2GlcWNBxUf-VthtTl3YJqP8dLeYWu8PLtBPep3yvnFH-yKsDDvFVli_jW6JVoMV3cHOh51Eqxr_UsteSahiL1k8XBDNt3GoKF6WbcpX-A0EWcZgeAlLCoAMqWkU1yNHMTQ059MZkN8kBpXHwHpuWmpfiGyPgmPptNMgTTIvcdga1PRhXi8ZbUQ3i7UyXvwtMGKkuaftlqSrLqWC8onqKEj-NHfNsNupmoJKJsh3afyCwX8_OetFalYFkQaViF1pvFprvpClFNFFCbdcJPZmTsXzsW6tiNpeLLK03OObL7HB-4vmYJB0bgSZZN8KROrkGH73ySlNXjZbT2IihqRr6BzEyejptxmlLHkpf7eh09eHK93eStK3BNKfy1xWnDDo2KFyhLy11VAxj2rjowpq7AH_SudVLjkkcb69f68Iuei_EG0eU1v85VNvUWAHnUFjmFYQ8C8qVUVotbTep0BIaFjVRQKK2PEUiGZHLyHd2S4JL8Y5jc-ZH38OOBjh2xQiL0lFuZRuC4HGntYdLiF-vxO8S5o_E2xW7tBn8gp2M6FXkyoC1OzrK7LRq3AtVk4ibD4IUbkKhVLE4GfF9Iqpl9-AkBOh_EchXk4mGwasrzLbXdMhv7zn59byaERjNFDDWfxnLcKcy1mhp08JE9-yZZtEc8AwWCMTuGOOZ2rs-iVNafg-aWFrGYyHcGhYYF5OLbeQZe2ZY7m9azlGZNclkYMQ-rfJkDR-jbarDhBWTmcpyimlMuCFDkAB5qeJzrbpChnn_jsaO4KMjpHiRoj2joXfWLlMPz5u__g2phsfI-X2hABJ-3_DDEL-a1fBjl80YvwCxrHOLiosK_h6WXJm5sqP3I40b29mExA-ie8uftVdglyBD_A7v2TMKTOJpkMn0pgIOywUGT6Xv2yeLToan5PA0EU3MO-hF2CC6ALxi5aUbPqBj18gHy8Br6JAHQ-x1W3trJti24eJkqomGHpOTAWqiIf26rOXUTQ-UE79sBuCUqD9nWMxOtyFNgPG9dLmp-kJIVVdb3dZqpMBOma9V_hEISK3tyXsTj9WeL61aP1AAoBBnIB-bbePH7n3Ne17CXwgjPHwri5WfGTeMPmNQNjlHkApWBaXzZqgjBG92hHJhdysumckM2FlGh3IfT5tVJ6STudI8kSRmUAbvkd3NlqsvFHAe-PTm3Qh2Ippoif3t13cKBnM8lWURacXWh1XfeBgl4FSjF-fyS3iQ4ATPdQxY0aMsq0LerZW1HI3ARBO1M8IlKNBXB7U3x0SfmwvCX6S9DOqJPDIPh8On-lobqGAoXBNa-bi9Rqpyv14CvOZHedQGpyI0orT-D6-HMhAkTzdFeI8A1y__W-GlpSBbR140R5EQvYuj3hyajYCw7mEieMJnlHRSe01U1rri2kZR4xz7WUWlppCz9TaLCy9PnqjksHsbQII0BHSOjYraiZWeqHDPjQuUZm5lW89-BL8KNGKDExu0L8ibbPJ-NWRGBajL_t4PeCg7pGfaEQCQBsYqt9fh_yJqxYfEw9GZEQ5eju34Ul_yeoxUCZ94RexK4VQD2sVeUkb20qw8b2C780Ihcl80t8ccC0q_YYCu8DRDm5jxeA34lVldOudPy5bDVO4fQPGhjh_ptwGaXB9W8B4T46qm0zMosbx2JnYWXscjBF3k3yZUe3XGUsFPqnckQ37qRjFB3OXh8J8uo596Sg5EBropLAJ-WJb9FfwiDIcRcyYPXu3YUkDjyNniWHh1HS3EiGTZLFIokSgXSQ_K0QFgm1tvmGIsONuhnYr2Cq-F3bT2l1_QAy9Gt4UsdqU7H0lSmlQ1eVOFzInlGKxk-eixJwvGPO4lY1_-McQS8sekFMfEuseG5JVW9WffKtN_B6isg9sfH4MTLKYmDueSL6Y2Qn3qvJKbeTJjBhDjdgDovhcdvedqMIms-GtEUejkf5hLo-1B9EY29Ct9K64LNQn7hvUOgPAtOjEqKebZVmmn5bnx2q6ERTbsYMmmv1FuRv8sgvcjG_gaG7FxTMLrXOct0Ok-ZJ_JIidk3eBHFl_g92EooJoRCg3En7LYwHau5hc9pIl5mU-s15X6rGP1pnaPSmCLy06yP8kI4MT5QO3G9fC1LDXeY4-b3pqALEFe-Gx7rib3BIgSmvhynDi2PKN4-4_jLJ0MMOoSE5h2n1AKskbYrFiv3VZGZOTK0PdkmWs4T9TEIDqYfqSpLAW0NuupqdrL9o2pnKlWYTdQth4FDmS4-RNsIi8RhUmcBylW3FEGvYCY1tWI-wS0oZTI5uyeskvFjds9KcKjB-1AuaxqrYriZ99hemlMeiSiPmOcpxYiKcbYcQZTg9GpGWxz3QWvX_bwGiGiulGMF6pS8efpypBbAl0SrDM1ZSu5uu3j9RvdI-Gav2JeKuP8oFcjbjpAR70sGQCbCd0XsHEufEwgpC7SJWo9sHlrRcPxdaB0wQ3EqrSHQTJlsYfjacrX-kmbyMOV3xKAK_0ArxOXm7klEMwuySMhHIxF-6Q5WFL9tQ8U_kmOM0QPYju9REQ-aATFYBOEPE_SNZB9Hdr7pJ_Psssp1mrMoF7g55Cdnmj5SM3jB-a4rXSKYhOKV1N8aXGU0caz0dNf3L1t-TjkkaCdnyImqysgDku4MmMIUaOBMPpPzjuwj5JMBOjxaykC84Qd4wT4c2xYhUV-OoD89_P1GGUH-oDuOM9iTwyIPh6JCZTu4KZJabqshQHXm7HfzUI2u--fN_laW3Usy8efW8XiOQukWEV7v6vyVNaUaZCx83FVvJy6Hxg7I0cvQIAcEPxA7047Nnxtri7aF3RoIhA6eB_raNQrDDMt09WfCzcZGjMf1U7x5V8zumDyqCiBjEX5um2LsSJ1P8u4giW46C4BaiFWVyStB3bPXDeLtfWoW53ZORCVXUG1DudYFJbpU3MacZ_h30pgErW2D1ya1-rSNbgK0E78JNa5q8cP_YCNwA5PKOYA9v2iGDFdudytBqsoNg&pr=8%3AEAEE01BC1E7C7202&cid=CAQSMgBpAlJWn017CS9rIodsSpAtx455PbPQn8zQ37dUuKWzDQciphCtHxLUi74DdAHvMdYdGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fpoints-pay.com%2F&ds=l&xdt=0&iif=1&cor=13284801177869599000&adk=2769222191&idt=94&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2d8cc79fef65eac2c8be8e0b7fd9922bba021b552e9cedcd8f189aee23f8eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 16B7 30 KB
11 KB 15ms
14ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhQASQ6hQnfxnIai-YNRdtl6GcJYjokMlXluCyHdCYs2wZxgAQR7SuAKllYW8dYzY-MP0cEyt4fknN4uUHLDkyeHycweHarPR1yCvuplkFXrGuMZBRH7PaNU5ox7Gp_nxf_gSU_sq0sSNcpK6-eMJBiDA5ZALEiRVzF-GlofgjEFZDric&cry=1&dbm_d=AKAmf-BGjlpwHZRTUlS6yZLuDfNKDo2pQgCR3qAiySA7cD6v_dJzetwogLSl_aXjkldWjU3fJmLP5VJgX2fxngESB2sBABw3cASUHMw0N3K4ZICpDvlHJmjz9ZIryKyVyQ8I4ZWbcCu5BUIK9ifo8sU7PylOiSOQbyFs5qOCRf3hRObzNlRA3Iwx2O6zHQ1bJ28Q6VYqs6DzMmWHJpnGgGGEhDFOssMsbXNBPCEA_GHxuuMoa3105p-i-o5NSJ-E0HtDxAQeUlpbpWVwJViZEM2tVSY6laB43813NRaWo_6XryVtloatU-iyxwWZjMmEWzuVeJSHO3wYGZUZHcCma4C7oyZ_HfCUM0eEfatI3z7lHi3owQGCrMFV8aCza2LJUeWAA8aRsTQPwUCuXmz4VpZttHXHK7xUSxlptCha3SDEp4MjGIcfGNkVMiquRaRyeXhV2Si5h3Qcset7iTnvH0-QHCRUYgOubGOhMx_FLcxH8A8riIY8K5--_NmyKJZ2vQOY8_s1HcOiAlg5z0swUS-oJ0hF3r6jztfsmCQILoCJSS0FzTBjSrh6d4B8ZA_-CCwnHQ2TfvZGEAWtuZ7ev54HBmGhfBzaHfzCn_5BUMujGWzfkBEhCEBPpDAY3P5Ow3H4irjEWBSEhxy5TxvxSE8Oq_5JgmqFmaZATeInfS1U_nQknwNA0hxEkJ0J1uJl6wYvAqTXfrbLgSE_wNtA_lNX_g-eHELNKVYenC4HPRiYFoV1RwTSqGnbOnWm1KwhEDdNEA1W8fuQ68JYCgZ07NQpb84yECuwQ2-9ECJ24Op-kwxoYdOcOo2skq8JbYaq8yH-PfsK2KVum2dE6t4qI30gA-3qPOVLpefHuUFVR8AlaI3bZHZplXxlggzMpz-lg0jdFuwy1bCwoKMFlryecW6h3fbNFoNwTxxA1475qa6qoBtZeozk8mXZQzp-4GPLPLX2wa8_b2GlcWNBxUf-VthtTl3YJqP8dLeYWu8PLtBPep3yvnFH-yKsDDvFVli_jW6JVoMV3cHOh51Eqxr_UsteSahiL1k8XBDNt3GoKF6WbcpX-A0EWcZgeAlLCoAMqWkU1yNHMTQ059MZkN8kBpXHwHpuWmpfiGyPgmPptNMgTTIvcdga1PRhXi8ZbUQ3i7UyXvwtMGKkuaftlqSrLqWC8onqKEj-NHfNsNupmoJKJsh3afyCwX8_OetFalYFkQaViF1pvFprvpClFNFFCbdcJPZmTsXzsW6tiNpeLLK03OObL7HB-4vmYJB0bgSZZN8KROrkGH73ySlNXjZbT2IihqRr6BzEyejptxmlLHkpf7eh09eHK93eStK3BNKfy1xWnDDo2KFyhLy11VAxj2rjowpq7AH_SudVLjkkcb69f68Iuei_EG0eU1v85VNvUWAHnUFjmFYQ8C8qVUVotbTep0BIaFjVRQKK2PEUiGZHLyHd2S4JL8Y5jc-ZH38OOBjh2xQiL0lFuZRuC4HGntYdLiF-vxO8S5o_E2xW7tBn8gp2M6FXkyoC1OzrK7LRq3AtVk4ibD4IUbkKhVLE4GfF9Iqpl9-AkBOh_EchXk4mGwasrzLbXdMhv7zn59byaERjNFDDWfxnLcKcy1mhp08JE9-yZZtEc8AwWCMTuGOOZ2rs-iVNafg-aWFrGYyHcGhYYF5OLbeQZe2ZY7m9azlGZNclkYMQ-rfJkDR-jbarDhBWTmcpyimlMuCFDkAB5qeJzrbpChnn_jsaO4KMjpHiRoj2joXfWLlMPz5u__g2phsfI-X2hABJ-3_DDEL-a1fBjl80YvwCxrHOLiosK_h6WXJm5sqP3I40b29mExA-ie8uftVdglyBD_A7v2TMKTOJpkMn0pgIOywUGT6Xv2yeLToan5PA0EU3MO-hF2CC6ALxi5aUbPqBj18gHy8Br6JAHQ-x1W3trJti24eJkqomGHpOTAWqiIf26rOXUTQ-UE79sBuCUqD9nWMxOtyFNgPG9dLmp-kJIVVdb3dZqpMBOma9V_hEISK3tyXsTj9WeL61aP1AAoBBnIB-bbePH7n3Ne17CXwgjPHwri5WfGTeMPmNQNjlHkApWBaXzZqgjBG92hHJhdysumckM2FlGh3IfT5tVJ6STudI8kSRmUAbvkd3NlqsvFHAe-PTm3Qh2Ippoif3t13cKBnM8lWURacXWh1XfeBgl4FSjF-fyS3iQ4ATPdQxY0aMsq0LerZW1HI3ARBO1M8IlKNBXB7U3x0SfmwvCX6S9DOqJPDIPh8On-lobqGAoXBNa-bi9Rqpyv14CvOZHedQGpyI0orT-D6-HMhAkTzdFeI8A1y__W-GlpSBbR140R5EQvYuj3hyajYCw7mEieMJnlHRSe01U1rri2kZR4xz7WUWlppCz9TaLCy9PnqjksHsbQII0BHSOjYraiZWeqHDPjQuUZm5lW89-BL8KNGKDExu0L8ibbPJ-NWRGBajL_t4PeCg7pGfaEQCQBsYqt9fh_yJqxYfEw9GZEQ5eju34Ul_yeoxUCZ94RexK4VQD2sVeUkb20qw8b2C780Ihcl80t8ccC0q_YYCu8DRDm5jxeA34lVldOudPy5bDVO4fQPGhjh_ptwGaXB9W8B4T46qm0zMosbx2JnYWXscjBF3k3yZUe3XGUsFPqnckQ37qRjFB3OXh8J8uo596Sg5EBropLAJ-WJb9FfwiDIcRcyYPXu3YUkDjyNniWHh1HS3EiGTZLFIokSgXSQ_K0QFgm1tvmGIsONuhnYr2Cq-F3bT2l1_QAy9Gt4UsdqU7H0lSmlQ1eVOFzInlGKxk-eixJwvGPO4lY1_-McQS8sekFMfEuseG5JVW9WffKtN_B6isg9sfH4MTLKYmDueSL6Y2Qn3qvJKbeTJjBhDjdgDovhcdvedqMIms-GtEUejkf5hLo-1B9EY29Ct9K64LNQn7hvUOgPAtOjEqKebZVmmn5bnx2q6ERTbsYMmmv1FuRv8sgvcjG_gaG7FxTMLrXOct0Ok-ZJ_JIidk3eBHFl_g92EooJoRCg3En7LYwHau5hc9pIl5mU-s15X6rGP1pnaPSmCLy06yP8kI4MT5QO3G9fC1LDXeY4-b3pqALEFe-Gx7rib3BIgSmvhynDi2PKN4-4_jLJ0MMOoSE5h2n1AKskbYrFiv3VZGZOTK0PdkmWs4T9TEIDqYfqSpLAW0NuupqdrL9o2pnKlWYTdQth4FDmS4-RNsIi8RhUmcBylW3FEGvYCY1tWI-wS0oZTI5uyeskvFjds9KcKjB-1AuaxqrYriZ99hemlMeiSiPmOcpxYiKcbYcQZTg9GpGWxz3QWvX_bwGiGiulGMF6pS8efpypBbAl0SrDM1ZSu5uu3j9RvdI-Gav2JeKuP8oFcjbjpAR70sGQCbCd0XsHEufEwgpC7SJWo9sHlrRcPxdaB0wQ3EqrSHQTJlsYfjacrX-kmbyMOV3xKAK_0ArxOXm7klEMwuySMhHIxF-6Q5WFL9tQ8U_kmOM0QPYju9REQ-aATFYBOEPE_SNZB9Hdr7pJ_Psssp1mrMoF7g55Cdnmj5SM3jB-a4rXSKYhOKV1N8aXGU0caz0dNf3L1t-TjkkaCdnyImqysgDku4MmMIUaOBMPpPzjuwj5JMBOjxaykC84Qd4wT4c2xYhUV-OoD89_P1GGUH-oDuOM9iTwyIPh6JCZTu4KZJabqshQHXm7HfzUI2u--fN_laW3Usy8efW8XiOQukWEV7v6vyVNaUaZCx83FVvJy6Hxg7I0cvQIAcEPxA7047Nnxtri7aF3RoIhA6eB_raNQrDDMt09WfCzcZGjMf1U7x5V8zumDyqCiBjEX5um2LsSJ1P8u4giW46C4BaiFWVyStB3bPXDeLtfWoW53ZORCVXUG1DudYFJbpU3MacZ_h30pgErW2D1ya1-rSNbgK0E78JNa5q8cP_YCNwA5PKOYA9v2iGDFdudytBqsoNg&pr=8%3AEAEE01BC1E7C7202&cid=CAQSMgBpAlJWn017CS9rIodsSpAtx455PbPQn8zQ37dUuKWzDQciphCtHxLUi74DdAHvMdYdGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fpoints-pay.com%2F&ds=l&xdt=0&iif=1&cor=13284801177869599000&adk=2769222191&idt=94&cac=0&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:32:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16B7 180 KB
56 KB 82ms
82ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:55 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 16B7 11 KB
4 KB 20ms
20ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:10:02 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 16B7 0
0 176ms
69ms Fetch
image/gif 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugJj-yHsDn9pX34o3YptBsMt_dKCYwbkNCYug2KFxrlOCq4skRHBAhNE9NGdEw4wrl9bb7Bt-P0fFUn_prY2RFWQrv_jl6e5PWB74l6EIEPr31Geo8--913wIL9uzrb1JiclUeAk2iWdadQ2jBkPoFy_vZmfNmW0Va61p305fyZKHsvsVHo0IRe8CGQ6W_WecMeFowy8QPpn956-lOR_nkekmW65Vbr6aEEgzA5NCThVJrMLdnYaNAkg_OgOKWdlM1Z_ep69acZ5VFTxh0amUyiq-V5jqpIYXPQ6H3sKP20s_9Yqw8697Dl3GNo4E_uW0uT-5xX0Ozw3_ECh7XTIGxf1VO6pGBlkumwAfQrZw5z6NwNgnRmxOqiCURPUcxY3YzxjAFM6-902zJwH07OSeJEoQKUMgqCCiv5lvLLoPr7lyZYNrq6RrD_FTeK2Tsi8MLvGomuQe6jaii_XVdeTcykfguDLynsq9MW3970oXjqeTGpPiSm5HiXWr-r04hNbzId4ZoVD8loEkX2i_J2gvV_ofNImB0aD33ZqWLx4TZEp45_vIkBQNdG6LNiSJ155j0DTcaEZD3glFL3jZPs_uwxsaGujA7H5anp-_Qnlft1QwDxmOa3MAJJp1B1_9svW9u-yGvZ-637g4yOcVyAv-Di0XAPF2NyWKA3bukDYWOqILlE4QXHXEZdID8EoYTqS_beHTqCNODQSt_LCyOlwea0gyEo2d6aoI1IVTLQvYSOifr8YaKSoHf921gzBouZrDTgaHM6Hj6NfnJmAOOPeqbRrhurHGxm1bfW9x1TzK9SHhnkeCAAgEMdUBTgLQaXsxsx8WCxPEeL4r5iu1KXBOQ2umWLHKxZkAXMOUVsVwbcPSOvbgFQsnm_QIHpiUusZlvx1XvJ9vyxO1Kzeoj-U4aL7O9FwPwiWL70F-Bj5JVHwVcTW97MJQ4v56FEFBPUaOqRj4JZ7eN2pKZ4ZV6GtfDFlTeWkT2X03SyN59brdmc4jb6K3Z8r2eefJ7NO2FxkRnBt6nHnyzXBRVnu0qJsLqckuO4yqe96UoUj0t5wvGJ4dGJfN38Rf4QL5YUOIGb8YkUU8ctlOhekq0zbnkswtGPrO_qBLEJFd59qLTQadl3MzPLK-HHTJF5QeQcS896AVtWJhii7IMfUl34Ic59W7wmy-Cp0JALedhCwaYS91CV5989pmnH-3pv7L1KgDumypHMiI&sai=AMfl-YRalp1ZxB-Ie630bEuwPN4JdbSaEi8X2gLOVc93eJ7IOBLabg7EpR-1HM9wEcXwKARBiEA5flSaTfaFWZ6JV4WijiuJmaDXmjD9EUlu2ewzmT_nj3uaXc870JMcTk_DC6NrfvyOV1vS1avKmfyQ03zQF2VviM0KmuyQu9XY3s5J_ATeuomUgq-hNNZUtXyylZL1cAKDYK0sDrhHydPwY7okdG1-sJd3iIa8A1OaR3u7Iwm4O_PLC6q1QgE&sig=Cg0ArKJSzCPQUF0X61LyEAE&uach_m=[UACH]&pr=8:EAEE01BC1E7C7202&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230815.68775&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 23:10:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 16 Aug 2023 23:10:55 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 16B7 41 KB
14 KB 13ms
13ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 04:09:23 GMT

GET
H2 200 3735159339978039636
s0.2mdn.net/simgad/ Frame 16B7 56 KB
57 KB 390ms
19ms Image
image/jpeg 142.250.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3735159339978039636

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f6.1e100.net

Software

sffe /

Resource Hash

86ee6f050826c09a01b3de20a3133c1b73842061f74d927b7fbdbd386490c848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:46:13 GMT
x-content-type-options: nosniff
age: 62682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57523
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 12:51:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 05:46:13 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F4FA 281 B
554 B 39ms
38ms Document
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=jp
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 16 Aug 2023 23:10:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ECC6 22 KB
8 KB 12ms
12ms Document
text/html 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
age: 32806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 14:04:09 GMT
expires: Thu, 15 Aug 2024 14:04:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F4FA 34 KB
10 KB 32ms
31ms Script
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=jp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f0971d13c25353bf0579fdfe95648591c3376e9194cae87adb1c78a0d14d26be

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 20:16:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75946
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 17 Aug 2023 20:16:41 GMT

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame ECC6 37 KB
14 KB 14ms
13ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECC6 0
56 B 50ms
50ms Image
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9UGZflfdZNmAPcespt8P8uye4AcAAAAAOAHgBAI&bg=!BAelB1PNAAZGPLJIZjw7ADkAdvg8WuOlc256MakYLHKdRY5j5gZN8xftNBFPzPi_71pmi_GNKRPTAXDhNzNYQg-bI3zn4vU4XhQCAAAAW1IAAAAFaAEHmQLYXDOCsfv82bxmP_BjfSntWUgUOhW3P4Wy_21FQD6YBEh4Ndnt0qBFYrkHwGnMKaFsnYNAFtMsJDzr4vuL-DCBz8J_l7jYyOTRlwW0C3g6xf4IeFePmjNp_1M6HuCjpK1-B8nL1y5XhQFUiaZIaBxPe6acEBc1Gz7f2fy80KsqtrptYNVSQcVGSM83hbBSKpBAkXMYD3UqAS1bBhWc6vA7AJTZn3EXCmU2XgmwAwCyNFmLA7nnwalbwEO95PiK6fTIflvthB5wLwt0NpwZ9WwLFbn-lRxUPa3VxByFp8p3IJoLg-oPPXInO2v8myIDj4bqYiFOvu8oiRonnZyhbqUWjFn1jMX8BY8PM2qlkeSgXtoJqVJ7SwQHpnn0RsFU27_t-oyfzZh4ljc0fpPCSz604eYE2-ZCRYEjseO9aje1bIs_zhWtlWDYN7jo8wjQ5_YPSQ7Nu14a1Flm-mMDRPYVMTx1fwQiEIVKdNMM4RqmmcCX1V_JjNgm9U1MsGlkcQyFCfG6l-h2fn80MO5loePE9FQ2c9lQeWsoMEcL0PRFnAMvDJj04qjVVHZCqVz4e8LZmXY4XI86wAlXQubb9J6s6_yvP0FC4XgvmHyOzcENCDChw1mlDwPUSVUSAriwLImwdVcz4UO049iRHnZAcFvrumH6uo-Mk4SuQu4SjKbulZAFT_hRFdQni4pPuVD9WmpHwGDy1gqYl-EcRsXzt9rZFB1IT6mWaSGQikNx1V089weYmLmqvi-kEnp6WnpjQ2htqwQ_ChC-rlsfCBHamBQ7344hb3P_cxhmabSmqOJYUN4f8uo-sDB616fLrE-xWCHmqgLSnR7_GLjNnQQ6fgOLgboS5U62calP6WGhNs6Gu6B9stgH3lM6-wtWCozraglPiNqmtc3EO9jXYP4i4BXFNTeIUd0LZsfc1IQ1sQqzyU4eVDh0iyrGCYtr762FLddsOdAr8gz3-Mo

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
hde.tynt.com/deb/ Frame BF30
Redirect Chain

https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1

3 KB
4 KB

460ms
154ms

Document
text/html

67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 746bc5d1c204cc5b5c92b2f51956ddb2e30c5e0445ca3665919fcf710dfa269d

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 2584
content-type: text/html
date: Wed, 16 Aug 2023 23:10:56 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 0
date: Wed, 16 Aug 2023 23:10:55 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1385 3 KB
1 KB 273ms
273ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1692227451391&gdpr=0

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

d450752da3e377c704979bf6fadeafeef9639409ba1061bf66eb381ed5c4ee35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1094
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK iframe Show response
sync.missena.io/ Frame 2671 36 KB
12 KB 80ms
16ms Document
text/html 13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 53e42eac2910d072b26f840249769d3d2158019bf5e2616f98ba1023dff5b88d

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Aug 2023 23:10:55 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin

GET
H2 200 / Show response
csync.smilewanted.com/ Frame C9B5 6 KB
2 KB 294ms
290ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a7cfd43e07e-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:55 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 442B 2 KB
1 KB 1339ms
531ms Document
text/html 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2020065871
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: fbfe89954f418fee71d112b8ae06b7e4e08dd9d99d002d1158debcb95f7d6d9f

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:07:17 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.4

GET
H2 200 isyn Show response
prebid.a-mo.net/ Frame 9D71 2 KB
779 B 88ms
88ms Document
text/html 131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCtsBSg5wb2ludHMtcGF5LmNvbVILYWFzLWNhM2RmNTVaCHBiYTEuMy4zag5wb2ludHMtcGF5LmNvbfoBBTguNi4w6AIBiAP7rvWmBqgDAOoDJGQ0ZGUzNWUzLTYwMzQtNDIwOC05YWNjLTllY2ExMTM3ZDZhOKoEA0lTULIFA1VTRNIFCTEwNTE5OTU0MtgFAeAFAeoFB2Rlc2t0b3D6BQNzZ3DSBiBBQjdBMzI3MDREMDlEQUNGMzUxQ0RCMEJBN0U0OEUzNqoHA3dlYsoHDnBvaW50cy1wYXkuY29t
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: d89d09df9a9486cd1aa4c5a03d966bb4fc43014c015cc232f7a2e1cb6718862a

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 690
content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:55 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 3

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5948 281 B
554 B 26ms
24ms Document
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 16 Aug 2023 23:10:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 pd Show response
moneytizer-d.openx.net/w/1.0/ Frame 7F75 533 B
635 B 61ms
56ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0961c16d23e739344331fbddbb3c2e76735d2b0113c9ce30ec76d97bbbb5c14c

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 323
content-type: text/html
date: Wed, 16 Aug 2023 23:10:55 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58280/ 0
332 B 98ms
97ms Image
text/plain 13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58280/sync?uid=ad7ca3b6-21d3-4e5c-978d-5d8e8040b51b&_origin=1

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D2E1BD16C-A98B-4D78-B709-AEDA7...
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=2E1BD16C-A98B-4D78-B709-AEDA78DD956E

68 B
607 B

447ms
154ms

Image
image/png

52.220.156.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 52.220.156.91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-156-91.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://cms.quantserve.com/pixel/p-_jQ037pSmtjhN.gif?idmatch=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=zJHfMc-SjDTXxokzy5OWMc-Ug2LXk45gnMNnuqSv

68 B
607 B

400ms
155ms

Image
image/png

52.220.156.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=zJHfMc-SjDTXxokzy5OWMc-Ug2LXk45gnMNnuqSv
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 52.220.156.91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-156-91.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://match.sharethrough.com/sync/v1?source_id=mKgSocXAVa8Wq7r1ivjrQDkr&gdpr=0&source_user_id=zJHfMc-SjDTXxokzy5OWMc-Ug2LXk45gnMNnuqSv
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=b1d75770-145b-4a41-9ae4-8026394de706&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}

68 B
605 B

192ms
192ms

Image
image/png

52.220.156.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=b1d75770-145b-4a41-9ae4-8026394de706&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 52.220.156.91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-156-91.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

x-servername: track005-sjc
pragma: no-cache
date: Wed, 16 Aug 2023 23:10:52 GMT
strict-transport-security: max-age=31536000;
content-type: text/html; charset=utf-8
location: https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=b1d75770-145b-4a41-9ae4-8026394de706&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control: private,no-cache
content-length: 296
expires: -1

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YWQ3Y2EzYjYtMjFkMy00ZTVjLTk3OGQtNWQ4ZTgwNDBiNTFi
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=

68 B
607 B

428ms
155ms

Image
image/png

52.220.156.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 52.220.156.91 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-156-91.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5948 34 KB
10 KB 19ms
19ms Script
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f0971d13c25353bf0579fdfe95648591c3376e9194cae87adb1c78a0d14d26be

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 20:16:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75946
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 17 Aug 2023 20:16:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 16B7 0
0 64ms
63ms Fetch
image/gif 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugJj-yHsDn9pX34o3YptBsMt_dKCYwbkNCYug2KFxrlOCq4skRHBAhNE9NGdEw4wrl9bb7Bt-P0fFUn_prY2RFWQrv_jl6e5PWB74l6EIEPr31Geo8--913wIL9uzrb1JiclUeAk2iWdadQ2jBkPoFy_vZmfNmW0Va61p305fyZKHsvsVHo0IRe8CGQ6W_WecMeFowy8QPpn956-lOR_nkekmW65Vbr6aEEgzA5NCThVJrMLdnYaNAkg_OgOKWdlM1Z_ep69acZ5VFTxh0amUyiq-V5jqpIYXPQ6H3sKP20s_9Yqw8697Dl3GNo4E_uW0uT-5xX0Ozw3_ECh7XTIGxf1VO6pGBlkumwAfQrZw5z6NwNgnRmxOqiCURPUcxY3YzxjAFM6-902zJwH07OSeJEoQKUMgqCCiv5lvLLoPr7lyZYNrq6RrD_FTeK2Tsi8MLvGomuQe6jaii_XVdeTcykfguDLynsq9MW3970oXjqeTGpPiSm5HiXWr-r04hNbzId4ZoVD8loEkX2i_J2gvV_ofNImB0aD33ZqWLx4TZEp45_vIkBQNdG6LNiSJ155j0DTcaEZD3glFL3jZPs_uwxsaGujA7H5anp-_Qnlft1QwDxmOa3MAJJp1B1_9svW9u-yGvZ-637g4yOcVyAv-Di0XAPF2NyWKA3bukDYWOqILlE4QXHXEZdID8EoYTqS_beHTqCNODQSt_LCyOlwea0gyEo2d6aoI1IVTLQvYSOifr8YaKSoHf921gzBouZrDTgaHM6Hj6NfnJmAOOPeqbRrhurHGxm1bfW9x1TzK9SHhnkeCAAgEMdUBTgLQaXsxsx8WCxPEeL4r5iu1KXBOQ2umWLHKxZkAXMOUVsVwbcPSOvbgFQsnm_QIHpiUusZlvx1XvJ9vyxO1Kzeoj-U4aL7O9FwPwiWL70F-Bj5JVHwVcTW97MJQ4v56FEFBPUaOqRj4JZ7eN2pKZ4ZV6GtfDFlTeWkT2X03SyN59brdmc4jb6K3Z8r2eefJ7NO2FxkRnBt6nHnyzXBRVnu0qJsLqckuO4yqe96UoUj0t5wvGJ4dGJfN38Rf4QL5YUOIGb8YkUU8ctlOhekq0zbnkswtGPrO_qBLEJFd59qLTQadl3MzPLK-HHTJF5QeQcS896AVtWJhii7IMfUl34Ic59W7wmy-Cp0JALedhCwaYS91CV5989pmnH-3pv7L1KgDumypHMiI&sai=AMfl-YRalp1ZxB-Ie630bEuwPN4JdbSaEi8X2gLOVc93eJ7IOBLabg7EpR-1HM9wEcXwKARBiEA5flSaTfaFWZ6JV4WijiuJmaDXmjD9EUlu2ewzmT_nj3uaXc870JMcTk_DC6NrfvyOV1vS1avKmfyQ03zQF2VviM0KmuyQu9XY3s5J_ATeuomUgq-hNNZUtXyylZL1cAKDYK0sDrhHydPwY7okdG1-sJd3iIa8A1OaR3u7Iwm4O_PLC6q1QgE&sig=Cg0ArKJSzCPQUF0X61LyEAE&uach_m=[UACH]&pr=8:EAEE01BC1E7C7202&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=400&vt=11&dtpt=399&dett=2&cstd=0&cisv=r20230815.68775&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 23:10:55 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7F75
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4396285101102675341&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

53ms
53ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4396285101102675341&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: moneytizer-d.openx.net
URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://moneytizer-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4396285101102675341&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 16 Aug 2023 23:10:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7F75
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=8d6f2701-ee61-71dd-d722-8be2803c0857&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&ttd_puid=8d6f2701-ee61-71dd-d722-8be2803c0857&gdpr=0&gdpr_consent=

43 B
249 B

70ms
64ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&ttd_puid=8d6f2701-ee61-71dd-d722-8be2803c0857&gdpr=0&gdpr_consent=
Requested by: Host: moneytizer-d.openx.net
URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://moneytizer-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&ttd_puid=8d6f2701-ee61-71dd-d722-8be2803c0857&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 7F75
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZN1XfMCo8XoAAC3CkNIAAAAA

43 B
172 B

58ms
54ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZN1XfMCo8XoAAC3CkNIAAAAA
Requested by: Host: moneytizer-d.openx.net
URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://moneytizer-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 16 Aug 2023 23:10:55 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"153.240.174.133","key":"ZN1XfMCo8XoAAC3CkNIAAAAA","privacy_sensitive":false,"uid":"ZN1XfMCo8XoAAC3CkNIAAAAA","upstream_id":"a-ad40153"}
X-SO-Key: ZN1XfMCo8XoAAC3CkNIAAAAA
X-SO-Upstream-ID: a-ad40153
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40153.dc2p.scaleout.jp
X-SO-UID: ZN1XfMCo8XoAAC3CkNIAAAAA
Connection: keep-alive
Content-Length: 0
X-SO-IP: 153.240.174.133
X-SO-Cluster-ID: 0
Server: nginx
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZN1XfMCo8XoAAC3CkNIAAAAA
Cache-Control: private
X-SO-Ads-Time: 2
X-SO-LB-Hostname: m-tgng22.dc4p.scaleout.jp

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 7F75
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab8NARKpYFQAks8AD7P3p8QDtM8AAAGKAJ3KiA

43 B
106 B

56ms
55ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab8NARKpYFQAks8AD7P3p8QDtM8AAAGKAJ3KiA
Requested by: Host: moneytizer-d.openx.net
URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://moneytizer-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
via: 1.1 293be128029c006d8495321ac10640b4.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT20-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab8NARKpYFQAks8AD7P3p8QDtM8AAAGKAJ3KiA
cache-control: no-cache
content-length: 0
x-amz-cf-id: f9UwbpNUZmfvSLcvXLl_R-T-HmGhTdc-sjN1G4cHM58yPbvK4LvUIA==
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7F75 170 B
188 B 51ms
50ms Image
image/png 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTEwMGY0Y2ItMjcxNi0yZjc5LWMyYzItZDE1YjRhZGVjNjM3

Requested by

Host: moneytizer-d.openx.net
URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://moneytizer-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7F75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHOQf9xwRrTgp-tuH5JaPpo&google_cver=1

43 B
106 B

56ms
56ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHOQf9xwRrTgp-tuH5JaPpo&google_cver=1
Requested by: Host: moneytizer-d.openx.net
URL: https://moneytizer-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://moneytizer-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHOQf9xwRrTgp-tuH5JaPpo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content missena
sync.missena.io/ Frame A1BB 0
0 14ms
13ms Document
text/plain 13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/missena?gdpr=0&gdpr_consent=undefined
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:55 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Pragma: no-cache
Vary: Origin

GET
H2 200 cframe.js Show response
assets.a-mo.net/js/ Frame 9D71 9 KB
4 KB 369ms
26ms Script
text/javascript 104.19.159.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/cframe.js
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCtsBSg5wb2ludHMtcGF5LmNvbVILYWFzLWNhM2RmNTVaCHBiYTEuMy4zag5wb2ludHMtcGF5LmNvbfoBBTguNi4w6AIBiAP7rvWmBqgDAOoDJGQ0ZGUzNWUzLTYwMzQtNDIwOC05YWNjLTllY2ExMTM3ZDZhOKoEA0lTULIFA1VTRNIFCTEwNTE5OTU0MtgFAeAFAeoFB2Rlc2t0b3D6BQNzZ3DSBiBBQjdBMzI3MDREMDlEQUNGMzUxQ0RCMEJBN0U0OEUzNqoHA3dlYsoHDnBvaW50cy1wYXkuY29t
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.19.159.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
via: 1.1 db3d90fd7e6c6a16b47e88be13e9768c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: NRT57-C4
age: 385
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 27 Mar 2023 18:10:34 GMT
server: cloudflare
etag: W/"60125fcf1fcf576eebb45554f83ada73"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 7f7d5a7fa9f9afff-NRT
x-amz-cf-id: V1fA3anQPoZz_BcRq7SF5Wg7dV0rmYR0E3dDpahxsXZARD2fqTYOuA==
expires: Thu, 17 Aug 2023 00:10:55 GMT

GET
H/1.1

204
No Content

249fc30a-3489-4325-a733-3e1be4bd735f
sync.missena.io/improvedigital/ Frame 3B04
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=undefined&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=undefined&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D
https://sync.missena.io/improvedigital/249fc30a-3489-4325-a733-3e1be4bd735f

0
0

15ms
15ms

Document
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/improvedigital/249fc30a-3489-4325-a733-3e1be4bd735f
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:56 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:56 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 16 Aug 2023 23:10:56 GMT
location: https://sync.missena.io/improvedigital/249fc30a-3489-4325-a733-3e1be4bd735f
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AB40
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined

281 B
554 B

39ms
38ms

Document
text/html

23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 16 Aug 2023 23:10:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Aug 2023 23:10:55 GMT
location: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1792 15 KB
6 KB 17ms
16ms Document
text/html 23.32.13.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.13.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-13-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124855
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 16 Aug 2023 23:10:55 GMT
expires: Fri, 18 Aug 2023 09:51:50 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

204
No Content

28114e24-0a69-40b2-b255-0zz1692227452
sync.missena.io/richaudience/ Frame C57E
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&r=https://sync.missena.io/richaudience/%5BPDID%5D
https://sync.missena.io/richaudience/28114e24-0a69-40b2-b255-0zz1692227452

0
0

17ms
16ms

Document
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/richaudience/28114e24-0a69-40b2-b255-0zz1692227452
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:56 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:56 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:07:17 GMT
location: https://sync.missena.io/richaudience/28114e24-0a69-40b2-b255-0zz1692227452
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
x-powered-by: PHP/8.2.4

GET
H/1.1 204
No Content 2E1BD16C-A98B-4D78-B709-AEDA78DD956E
sync.missena.io/pubmatic/ Frame 40C0 0
0 16ms
16ms Document
text/plain 13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/pubmatic/2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:55 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Pragma: no-cache
Vary: Origin

GET
H/1.1

204
No Content

20908764573421091
sync.missena.io/smart/ Frame 5DDE
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=undefined&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D
https://sync.missena.io/smart/20908764573421091

0
0

17ms
17ms

Document
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/smart/20908764573421091
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:56 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:56 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

content-length: 0
date: Wed, 16 Aug 2023 23:10:56 GMT
location: https://sync.missena.io/smart/20908764573421091

GET
H/1.1

204
No Content

0560a2bff1e52ed0b085bb219d939031
sync.missena.io/smilewanted/ Frame 161C
Redirect Chain

https://csync.smilewanted.com/getuid?gdpr=0&gdpr_consent=undefined&pubid=3924&redirect=https%3A%2F%2Fsync.missena.io%2Fsmilewanted%2F%24UID&source=openrtb-via-prebid-server
https://sync.missena.io/smilewanted/0560a2bff1e52ed0b085bb219d939031

0
0

17ms
16ms

Document
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/smilewanted/0560a2bff1e52ed0b085bb219d939031
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:55 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a7e0e20e07e-NRT
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:55 GMT
location: https://sync.missena.io/smilewanted/0560a2bff1e52ed0b085bb219d939031
server: cloudflare

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AB40 34 KB
10 KB 19ms
19ms Script
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f0971d13c25353bf0579fdfe95648591c3376e9194cae87adb1c78a0d14d26be

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 20:16:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75946
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 17 Aug 2023 20:16:41 GMT

GET
H/1.1

204
No Content

4025780564652432430
sync.missena.io/xandr/ Frame 7A67
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.missena.io/xandr/$UID?fu&gdpr=0&gdpr_consent=undefined
https://sync.missena.io/xandr/4025780564652432430?fu&gdpr=0&gdpr_consent=undefined

0
0

20ms
19ms

Document
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/xandr/4025780564652432430?fu&gdpr=0&gdpr_consent=undefined
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:55 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: a2f6ba59-8e4b-47f0-a590-5276d1cbb213
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:55 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://sync.missena.io/xandr/4025780564652432430?fu&gdpr=0&gdpr_consent=undefined
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H/1.1

204
No Content

y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A
sync.missena.io/yahoo/ Frame D521
Redirect Chain

https://ups.analytics.yahoo.com/ups/58673/occ?gdpr=0&gdpr_consent=undefined
https://sync.missena.io/yahoo/y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A?gdpr=0

0
0

32ms
16ms

Document
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/yahoo/y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A?gdpr=0
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:55 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

age: 0
content-length: 0
date: Wed, 16 Aug 2023 23:10:55 GMT
location: https://sync.missena.io/yahoo/y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A?gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.75
strict-transport-security: max-age=31536000

GET
H/1.1

204
No Content

LLECJ6H8-20-C8SU
sync.missena.io/magnite/ Frame AB40
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=missena&gdpr=0&gdpr_consent=undefined&gdpr_consent=undefined&gdpr=0&khaos=LLECJ6H8-20-C8SU
https://sync.missena.io/magnite/LLECJ6H8-20-C8SU?gdpr=0&gdpr_consent=undefined

0
590 B

16ms
15ms

Image
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.missena.io/magnite/LLECJ6H8-20-C8SU?gdpr=0&gdpr_consent=undefined
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:55 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Vary: Origin
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.missena.io/magnite/LLECJ6H8-20-C8SU?gdpr=0&gdpr_consent=undefined
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Expires: 0

GET
H/1.1

204
No Content

e7981fe1d75839673acd3490136f143f
sync.missena.io/adyoulike/ Frame 27D3
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=undefined&uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&url=https%3A%2F%2Fsync.missena.io%2Fadyoulike%2F%7BuserId%7D
https://sync.missena.io/adyoulike/e7981fe1d75839673acd3490136f143f

0
0

17ms
17ms

Document
text/plain

13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/adyoulike/e7981fe1d75839673acd3490136f143f
Requested by: Host: sync.missena.io
URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://sync.missena.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:56 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:56 GMT
Pragma: no-cache
Vary: Origin

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:56 GMT
expires: 0
location: https://sync.missena.io/adyoulike/e7981fe1d75839673acd3490136f143f
p3p: CP="CAO PSA OUR"
pragma: no-cache
vary: Accept-Encoding
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
x-kong-upstream-latency: 5

GET
H/1.1 204
No Content 2E1BD16C-A98B-4D78-B709-AEDA78DD956E
sync.missena.io/pubmatic/ Frame F7C7 0
0 18ms
18ms Document
text/plain 13.115.8.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/pubmatic/2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=undefined&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.8.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-8-252.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:55 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Wed, 16 Aug 2023 23:10:55 GMT
Pragma: no-cache
Vary: Origin

GET
H2

200

/
onetag-sys.com/match/ Frame 1385
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=0

0
291 B

404ms
403ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1692227451391&gdpr=0

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Expires: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 1385 42 B
691 B 94ms
93ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=oJPMYdT2oTDRQ57ehIkXtk2NVgB3QPDcc2n8_hpmvkg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1692227451391&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 1385
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=20908764573421091

0
291 B

463ms
463ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=20908764573421091

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1692227451391&gdpr=0

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=20908764573421091
date: Wed, 16 Aug 2023 23:10:55 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 1385
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E

0
291 B

539ms
539ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1692227451391&gdpr=0

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
date: Wed, 16 Aug 2023 23:10:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 1385
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A

0
291 B

454ms
454ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1692227451391&gdpr=0

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A
date: Wed, 16 Aug 2023 23:10:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 1385
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
https://x.bidswitch.net/sync?dsp_id=70&user_id=8985651341537093146&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&gdpr_consent=&us_privacy=

0
291 B

461ms
461ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1692227451391&gdpr=0

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 16 Aug 2023 23:10:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame C9B5 48 KB
12 KB 38ms
36ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 545826
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f7d5a7edf01e07e-NRT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame B3FA 0
348 B 264ms
263ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a7f2f3ae07e-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:56 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame F67B 3 KB
1 KB 491ms
491ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

Resource Hash

0b031bac808d39e31323c8fc29b92918532e1bd427b92611d6555e5e6b0c56ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1139
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET

pixel
ap.lijit.com/ Frame B5C6
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true

0
0

GET
H2

200

28114e24-0a69-40b2-b255-0zz1692227452 Show response
csync.smilewanted.com/set_partner_userid_get/richaudience/ Frame 70B5
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://csync.smilewanted.com/set_partner_userid_get/richaudience/28114e24-0a69-40b2-b255-0zz1692227452

0
704 B

290ms
289ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/richaudience/28114e24-0a69-40b2-b255-0zz1692227452
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a854c67e07e-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:57 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:07:17 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/richaudience/28114e24-0a69-40b2-b255-0zz1692227452
server: nginx
x-powered-by: PHP/8.2.4

GET

RX-5fbcdccf-3499-4ab7-86d7-8544f4533065-004
sync.targeting.unrulymedia.com/csync/ Frame 8F2F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1692227456249
https://ad.turn.com/r/cs?pid=45&rndcb=3196589952
https://sync.1rx.io/usersync/turn/4396285101102675341?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-5fbcdccf-3499-4ab7-86d7-8544f4533065-004?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-5fbcdccf-3499-4ab7-86d7-854...

0
0

GET match
ads.betweendigital.com/ Frame 49EB 0
0

GET
H2

200

5f67e2844c8619ebec2ea1805d024ab2272d270ef1d880e61c64e0c79eb80f25 Show response
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 071D
Redirect Chain

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5f67e2844c8619ebec2ea1805d024ab2272d270ef1d880e61c64e0c79eb80f25

0
533 B

285ms
284ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5f67e2844c8619ebec2ea1805d024ab2272d270ef1d880e61c64e0c79eb80f25
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a858c9ce07e-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:57 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:56 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5f67e2844c8619ebec2ea1805d024ab2272d270ef1d880e61c64e0c79eb80f25
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2

200

8985651341537093146 Show response
csync.smilewanted.com/set_partner_userid_get/adform/ Frame FCF9
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/adform/8985651341537093146

0
512 B

292ms
292ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adform/8985651341537093146
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a87be4ce07e-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:57 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/plain
date: Wed, 16 Aug 2023 23:10:57 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/adform/8985651341537093146
server: nginx

GET usync
id.a-mx.com/ Frame 9D71 0
0

GET

sync
odr.mookie1.com/t/v2/ Frame 9D71
Redirect Chain

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=85a7fbc8-4497-4c91-a334-a16dae20aee6&gdpr=0&gdpr_consent=&us_privacy=1---
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7bdf6130-7843-4383-80c3-958192b3b6e4&ssp=adaptmx&gdpr=0&gdpr_consent=

0
0

GET
H2

204

yahoo
prebid.a-mo.net/setuid/ Frame 9D71
Redirect Chain

https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=85a7fbc8-4497-4c91-a334-a16dae20aee6
https://prebid.a-mo.net/setuid/yahoo?uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A&gdpr=0

0
112 B

109ms
109ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/yahoo?uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A&gdpr=0
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 5
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid/yahoo?uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A&gdpr=0
date: Wed, 16 Aug 2023 23:10:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 9D71
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
https://prebid.a-mo.net/setuid/magnite?uid=LLECJ6H8-20-C8SU&gdpr=0&us_privacy=1---

0
114 B

109ms
109ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LLECJ6H8-20-C8SU&gdpr=0&us_privacy=1---
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 5
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LLECJ6H8-20-C8SU&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
Expires: 0

GET u
id.a-mx.com/ Frame 9D71 0
0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 9D71
Redirect Chain

https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D85a7fbc8-4497-4c91-a334-a16dae20aee6%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=openx&uid=b4b1a8ce-57fe-4234-bcae-4bf70167cada

0
113 B

148ms
147ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=openx&uid=b4b1a8ce-57fe-4234-bcae-4bf70167cada
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 5
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=openx&uid=b4b1a8ce-57fe-4234-bcae-4bf70167cada
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154

GET
H2

204

setuid
prebid.a-mo.net/ Frame 9D71
Redirect Chain

https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D85a7fbc8-4497-4c91-a334-a16dae20aee6%26bidder%3Dadform%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=adform&uid=8985651341537093146

0
112 B

90ms
90ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=adform&uid=8985651341537093146
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=adform&uid=8985651341537093146
date: Wed, 16 Aug 2023 23:10:57 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H2

204

setuid
prebid.a-mo.net/ Frame 9D71
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D85a7fbc8-4497-4c91-a334-a16dae20aee6%26bid...
https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=smartadserver&uid=20908764573421091

0
115 B

103ms
102ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=smartadserver&uid=20908764573421091
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=smartadserver&uid=20908764573421091
date: Wed, 16 Aug 2023 23:10:55 GMT
content-length: 0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 9D71
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D85a7fbc8-4497-4c91-a334-a16dae20aee6%26bidder%3Dpubmatic%26uid%3D2E1BD16C-A98B-4D78-B...
https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=pubmatic&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E

0
126 B

85ms
85ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=pubmatic&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=pubmatic&uid=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
date: Wed, 16 Aug 2023 23:10:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET usermatchredir
ssum.casalemedia.com/ Frame 9D71 0
0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 9D71
Redirect Chain

https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D85a7fbc8-4497-4c91-a334-a16dae20aee6%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D85a7fbc8-4497-4c91-a334-a16dae20aee6%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=...
https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=sovrn&uid=HKbOTLZHkqCLr9e7REuAFe4T

0
112 B

88ms
88ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=sovrn&uid=HKbOTLZHkqCLr9e7REuAFe4T
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 5
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Wed, 16 Aug 2023 23:10:56 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=sovrn&uid=HKbOTLZHkqCLr9e7REuAFe4T
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ord1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 9D71
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D85a7fbc8-4497-4c91-a334-a16dae20aee6%26bidder%3Dappnexus%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=appnexus&uid=4025780564652432430

0
135 B

102ms
102ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=appnexus&uid=4025780564652432430
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
an-x-request-uuid: ed1faf11-574b-4dc7-a3bb-1a03d59063ed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://prebid.a-mo.net/setuid?A=85a7fbc8-4497-4c91-a334-a16dae20aee6&bidder=appnexus&uid=4025780564652432430
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 9D71 43 B
1 KB 104ms
101ms Image
image/gif 103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=85a7fbc8-4497-4c91-a334-a16dae20aee6

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
an-x-request-uuid: 0fa56004-1a86-425c-b81e-5137cf3733a0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET setuid
ow.pubmatic.com/ Frame 9D71 0
0

GET setuid
prebid-server.rubiconproject.com/ Frame 9D71 0
0

GET user-matching
ads.stickyadstv.com/ Frame A15A 0
0

GET
H2

200

%7BSTX_USER_ID%7D Show response
csync.smilewanted.com/set_partner_userid_get/sharethrough/ Frame 5365
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0

0
379 B

272ms
272ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a8229afe07e-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:56 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Wed, 16 Aug 2023 23:10:56 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/sharethrough/%7BSTX_USER_ID%7D?gdpr=0

GET
H2

200

ad243f2ec7d9b0a0a6fd28f33a905768e7bb1d9f2f07900011f36c2d03e480ea Show response
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 26C4
Redirect Chain

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
https://csync.smilewanted.com/set_partner_userid_get/smartyads/ad243f2ec7d9b0a0a6fd28f33a905768e7bb1d9f2f07900011f36c2d03e480ea

0
494 B

290ms
290ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smartyads/ad243f2ec7d9b0a0a6fd28f33a905768e7bb1d9f2f07900011f36c2d03e480ea
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7f7d5a867d4fe07e-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:10:57 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Wed, 16 Aug 2023 23:10:56 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/smartyads/ad243f2ec7d9b0a0a6fd28f33a905768e7bb1d9f2f07900011f36c2d03e480ea
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2

200

/
onetag-sys.com/match/ Frame F67B
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=1

0
291 B

274ms
274ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Expires: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame F67B 42 B
711 B 98ms
97ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=_B5_boVh3KceSXaH38r53UhMPQqu2D20IPG1mL67cJM
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame F67B 0
75 B 100ms
99ms Image
text/plain 23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:55 GMT
content-length: 0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame F67B 0
39 B 18ms
17ms Image
text/plain 207.65.34.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame F67B 0
15 B 150ms
149ms Image
text/plain 13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F67B 43 B
235 B 17ms
16ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 _B5_boVh3KceSXaH38r53UhMPQqu2D20IPG1mL67cJM&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame F67B 0
408 B 283ms
282ms Image
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/_B5_boVh3KceSXaH38r53UhMPQqu2D20IPG1mL67cJM&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 7f7d5a8249c9e07e-NRT
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
https://u.4dex.io/setuid?bidder=openx&uid=01652394-3909-4315-9b8b-b6c55bbe01bf

0
15 B

16ms
16ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=openx&uid=01652394-3909-4315-9b8b-b6c55bbe01bf
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

date: Wed, 16 Aug 2023 23:10:56 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://u.4dex.io/setuid?bidder=openx&uid=01652394-3909-4315-9b8b-b6c55bbe01bf
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 16B7 42 B
108 B 51ms
51ms Fetch
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3PEMXrWPMskoPp_B_jIevRbZp3hoPRtUJm6BAu1v-4X7aqBvbbKJXVm3TmzxT46PcJR1fodX0ZHvACx3R2PdCkZq5Hwun1kdRYYQGIZJKbfU&sig=Cg0ArKJSzJzoBSZJeQdDEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2769222191&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692227454824&rpt=717&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16B7 0
56 B 58ms
58ms Ping
image/gif 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3795317687083&version=m202307240101&ct=2&x=8&cor=13284801177869599000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-13-114-73-147.ap-northeast-1.compute.amazonaws.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cm Show response
us-u.openx.net/w/1.0/ Frame CEC3 563 B
374 B 55ms
55ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2020065871
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 559c27babdd50dcda1f9c2025552aa769281404e841d4ea7ef9775c233fcfad8

Request headers

Referer: https://sync.richaudience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 355
content-type: text/html
date: Wed, 16 Aug 2023 23:10:56 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7385 15 KB
6 KB 22ms
21ms Document
text/html 23.32.13.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2020065871
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.13.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-13-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://sync.richaudience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124854
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 16 Aug 2023 23:10:56 GMT
expires: Fri, 18 Aug 2023 09:51:50 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 400
Bad Request richaudience&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 442B 29 B
29 B 18ms
17ms Image
text/plain 13.114.73.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=

Requested by

Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2020065871

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.114.73.147 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn /

Resource Hash

5e270cc0c5a4d0571518dbdf4c5f347fdc16b43cdc920837de0e7bd422607ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 29
content-type: text/plain

GET
H2

200

/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame 442B
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HKbOTLZHkqCLr9e7REuAFe4T

95 B
367 B

386ms
386ms

Image
image/png

162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HKbOTLZHkqCLr9e7REuAFe4T
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2020065871
Protocol: H2
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/png
date: Wed, 16 Aug 2023 23:07:18 GMT
server: nginx
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 16 Aug 2023 23:10:56 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HKbOTLZHkqCLr9e7REuAFe4T
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ord1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame 442B
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=20908764573421091

95 B
359 B

443ms
442ms

Image
image/png

162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=20908764573421091
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2020065871
Protocol: H2
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/png
date: Wed, 16 Aug 2023 23:07:18 GMT
server: nginx
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location: https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=20908764573421091
date: Wed, 16 Aug 2023 23:10:56 GMT
content-length: 0

GET

id5
rtb.gumgum.com/getuid/ Frame 442B
Redirect Chain

https://id5-sync.com/s/286/9.gif?puid=28114e24-0a69-40b2-b255-0zz1692227452&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=

0
0

GET
H2 200 / Show response
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 872B 0
482 B 498ms
498ms Document
text/html 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:07:18 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.4

GET
H2 200 /
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame CEC3 95 B
374 B 488ms
487ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=6fc26eeb-b65f-46ab-8c1f-06d9ad7b6b1d
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/png
date: Wed, 16 Aug 2023 23:07:18 GMT
server: nginx
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET cs
bk.r-ad.ne.jp/3/ Frame CEC3 0
0

GET
H2 200 pxd
dps.jp.cinarra.com/ Frame CEC3 0
37 B 15ms
14ms Image
text/plain 54.65.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=ebddba01-f0b4-8b91-dd2a-39b613a0b7a9
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-44-129.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
content-length: 0

GET
H2 200 19a84145-7ecd-e394-e6f5-9d177f6bc51e
pr-bh.ybp.yahoo.com/sync/openx/ Frame CEC3 43 B
602 B 88ms
87ms Image
image/gif 13.229.192.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/19a84145-7ecd-e394-e6f5-9d177f6bc51e?gdpr=0

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.229.192.164 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-229-192-164.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET openx
cs.nex8.net/cs/ Frame CEC3 0
0

GET
H3

200

dds
rtb.openx.net/sync/ Frame CEC3
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=UjmtPUfnyPMxVsdVUyUy7Q==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
58 B

62ms
62ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol: H3
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame CEC3
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=s4Ai-HWIqYW-l

43 B
61 B

50ms
49ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072588&val=s4Ai-HWIqYW-l
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:10:57 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: https://jp-u.openx.net/w/1.0/sd?id=537072588&val=s4Ai-HWIqYW-l
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2 200 / Show response
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 1176 0
482 B 404ms
404ms Document
text/html 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=2E1BD16C-A98B-4D78-B709-AEDA78DD956E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 23:07:18 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.4

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D1B3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
554 B

15ms
14ms

Document
text/html

23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 16 Aug 2023 23:10:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Aug 2023 23:10:57 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H2

200

user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 13ED
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692227457022.4&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D

15 KB
6 KB

21ms
20ms

Document
text/html

23.32.13.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.13.44 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-13-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124853
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 16 Aug 2023 23:10:57 GMT
expires: Fri, 18 Aug 2023 09:51:50 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Wed, 16 Aug 2023 23:10:56 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 40000000008200000A

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame BC1A
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692227457022.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...

1 KB
608 B

51ms
51ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 98f73fba941a830ea850aa4437991b63be2ffd6b668c85b9bd538b5b97058ed1

Request headers

Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 589
content-type: text/html
date: Wed, 16 Aug 2023 23:10:57 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Wed, 16 Aug 2023 23:10:57 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 40000000008200000A

GET
H3

200

setuid
u.4dex.io/ Frame BF30
Redirect Chain

https://ssc-cms.33across.com/ps/?_=1692227457022.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
https://u.4dex.io/setuid?bidder=33across&uid=212239366495711

0
15 B

18ms
17ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=33across&uid=212239366495711
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 100000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://u.4dex.io/setuid?bidder=33across&uid=212239366495711
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame BF30
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
https://x.bidswitch.net/sync?dsp_id=354&user_id=1a0c713fdbd340b2902aaf49a4f59cb8&ssp=the33across&bsw_param=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&consent=&gdpr_pd=&expires=7
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=7bdf6130-7843-4383-80c3-958192b3b6e4
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=7bdf6130-7843-4383-80c3-958192b3b6e4&ts=1692227458&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
126 B

105ms
105ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=7bdf6130-7843-4383-80c3-958192b3b6e4&ts=1692227458&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:58 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=7bdf6130-7843-4383-80c3-958192b3b6e4&ts=1692227458&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame BF30
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692227457022.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4025780564652432430

68 B
126 B

114ms
112ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4025780564652432430
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:57 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
an-x-request-uuid: 7267a70e-ac45-410c-b93b-b8277d310796
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4025780564652432430
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame BF30
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=h7iNa2TdV4CxYZtZJL7MAQ%3D%3D&us_privacy=&_rand=1692227457022.7
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=h7iNa2TdV4CxYZtZJL7MAQ%3D%3D&us_privacy=&_rand=1692227457022.7&expected_cookie=6320d918-8c5a-499f-9c24-d29e88657dff

0
143 B

203ms
203ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=h7iNa2TdV4CxYZtZJL7MAQ%3D%3D&us_privacy=&_rand=1692227457022.7&expected_cookie=6320d918-8c5a-499f-9c24-d29e88657dff
Requested by: Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FE2FD177C30445C18BAA61D9011F15E0 Ref B: TYO01EDGE3218 Ref C: 2023-08-16T23:10:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDEmh6dxmDh69PIEN/dA==

Redirect headers

date: Wed, 16 Aug 2023 23:10:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 718CEE6DDB5647C6AC6112205B942C88 Ref B: TYO01EDGE3218 Ref C: 2023-08-16T23:10:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=15927&puuid=h7iNa2TdV4CxYZtZJL7MAQ%3D%3D&us_privacy=&_rand=1692227457022.7&expected_cookie=6320d918-8c5a-499f-9c24-d29e88657dff
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDEmh3SKfi4BIR8wx1Jg==

GET /
map.go.affec.tv/map/3a/ Frame BF30 0
0

GET

ibs:dpid=540&dpuuid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Dec7d6a44-3851-4...
dpm.demdex.net/ Frame BF30
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=h7iNa2TdV4CxYZtZJL7MAQ%3D%3D&us_privacy=&random=1692227457022.9&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=ec7d6a44-3851-4ef3-9d9e-3645d291bfaf&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...

0
0

GET
H2

200

mapuid
secure.adnxs.com/ Frame BF30
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=h7iNa2TdV4CxYZtZJL7MAQ%3D%3D&us_privacy=&random=1692227457022.10&pu=https%3A%2F%2Fpoints-pay.com%2F
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212239366495711&seg_code=33x&random=1692227457

43 B
853 B

105ms
104ms

Image
image/gif

103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?t=2&member=1001&user=212239366495711&seg_code=33x&random=1692227457

Requested by

Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1

Protocol

Server

103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
an-x-request-uuid: 0b3af49b-f294-47c4-bb7e-d5ca7a1ba8ce
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:56 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 402044000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://secure.adnxs.com/mapuid?t=2&member=1001&user=212239366495711&seg_code=33x&random=1692227457
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D1B3 34 KB
10 KB 18ms
18ms Script
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f0971d13c25353bf0579fdfe95648591c3376e9194cae87adb1c78a0d14d26be

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:10:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 20:16:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75944
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 17 Aug 2023 20:16:41 GMT

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D1B3 0
0

GET match
events-ssc.33across.com/ Frame 0631 0
0

GET match
events-ssc.33across.com/ Frame A79A 0
0

GET
H2 200 match
events-ssc.33across.com/ Frame BC1A 68 B
225 B 152ms
110ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=fb042b6f-30ea-4132-bb15-84328a689a08
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:57 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET

sync
dsp.nrich.ai/bidswitch/ Frame BC1A
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=7bdf6130-7843-4383-80c3-958192b3b6e4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
0

GET /
apsoutheast-match.deepintent.com/usersync/108/ Frame BC1A 0
0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame BC1A
Redirect Chain

https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=240b8079a4a1207b&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALhujUSRMAVgMl58u3AAAAAAA&expiration=1692313857&nuid={OX_USER_ID}&is_secure=true

43 B
61 B

53ms
52ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALhujUSRMAVgMl58u3AAAAAAA&expiration=1692313857&nuid={OX_USER_ID}&is_secure=true
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALhujUSRMAVgMl58u3AAAAAAA&expiration=1692313857&nuid={OX_USER_ID}&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58294/ Frame BC1A 0
358 B 106ms
99ms Image
text/plain 13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=a3aba488-360b-4b94-8405-4ae8179ffc3e

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame BC1A
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=F81F423087F34EF396B05AD615C52931

43 B
61 B

53ms
52ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=F81F423087F34EF396B05AD615C52931
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 23:10:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=F81F423087F34EF396B05AD615C52931
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 15 Aug 2023 23:10:57 GMT

GET redirect
match.rundsp.com/ Frame BC1A 0
0

GET
H/1.1 200
OK 19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame BC1A 0
0 194ms
189ms Image
text/html 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET ping_match.gif
i.w55c.net/ Frame BC1A 0
0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame BC1A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN1XewAAA1wlVQA4

43 B
61 B

50ms
49ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN1XewAAA1wlVQA4
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-nrt-rjtf7700039-NRT
pragma: no-cache
date: Wed, 16 Aug 2023 23:10:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1692227457.475748,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN1XewAAA1wlVQA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET openx
tr.blismedia.com/v1/api/sync/ Frame BC1A 0
0

GET

RX-5fbcdccf-3499-4ab7-86d7-8544f4533065-004
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3690193820
https://sync.1rx.io/usersync/tradedesk/08d07bda-0ec8-4f0f-89ca-e458c4a538b7
https://sync.targeting.unrulymedia.com/csync/RX-5fbcdccf-3499-4ab7-86d7-8544f4533065-004?redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-5fbcdccf-3499-4ab7-86d7-8544f4533065-004

0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 69ms
68ms XHR
application/json 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230815&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f123cfb1581fdecc5b5013a9d2a7de95f49cd264cb998c5d476cbc11dcfd07e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11762
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7CCA 15 KB
6 KB 22ms
22ms Document
text/html 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=points-pay.com&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

570a23389bf64a371b8b32a87c7385b0d463916213dfaf0710ada4f95f759a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 259385
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 7CCA 433 B
571 B 49ms
48ms Fetch
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=points-pay.com&sn=ChromeSyncframe&so=3&topUrl=points-pay.com&bundle=_J_8f19FNTA5JTJCYjB6Mm5hVnFNbHRlS05BeXFZSyUyQiUyRm4lMkJrSmNtMnI2VXY1TTdaMFhhT1VuUU5HZG9EUXRYOThRZGlac0lBQ3VwWmExamk3cHFZaGhnSFQ5ZXYwTkVldFduZGxSVW0lMkI2TlNDcWNQYlcxdFlXWG02WmtXNiUyQkJGcWk0ZW8yZA&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=points-pay.com&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

bf35090820c34e2a12a390eb37b45178bcc15b04ae3025fde178000fbd5186ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=points-pay.com&gdpr=0&gdpr_consent=&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1499688
expires: 0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

1 KB
2 KB

87ms
87ms

Document
text/html

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: dcd521d0e4c575034872921dac1727641629d345eae6ecb8ed3240ddc5feb448

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1308
content-type: text/html; charset=utf-8
date: Wed, 16 Aug 2023 23:10:58 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 16 Aug 2023 23:10:58 GMT
location: /sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 88ms
88ms Script
text/javascript 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 23:10:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB6D 13 KB
5 KB 19ms
14ms Document
text/html 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
age: 57181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 07:17:57 GMT
expires: Thu, 15 Aug 2024 07:17:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 09FD 831 B
989 B 57ms
55ms Document
text/html 216.58.220.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9ed15e1a605f7d45b854ae39765da0e41cc9eaad25078f5edfdf80544f3c08f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gnfCNPaEFXxWamduwSwUEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 532
content-security-policy: script-src 'report-sample' 'nonce-gnfCNPaEFXxWamduwSwUEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 23:10:58 GMT
expires: Wed, 16 Aug 2023 23:10:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame CB6D 37 KB
14 KB 17ms
16ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:36:40 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 09FD 0
0 53ms
52ms Image
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230815&jk=67012304405215&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame CB6D 0
42 B 11ms
11ms Image
text/plain 142.250.198.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Za0o4w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.198.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s58-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
355 B

88ms
87ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 16 Aug 2023 23:10:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzY4NDcyMjQ4Mjk4ODY4NTc4MQ%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

122ms
121ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGCXIobPdD0Hb46s58aYqqM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
355 B

85ms
85ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGCXIobPdD0Hb46s58aYqqM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 16 Aug 2023 23:10:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGCXIobPdD0Hb46s58aYqqM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EA0
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzY4NDcyMjQ4Mjk4ODY4NTc4MQ%3D%3D

170 B
191 B

55ms
54ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzY4NDcyMjQ4Mjk4ODY4NTc4MQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQ2MzY4NDcyMjQ4Mjk4ODY4NTc4MQ%3D%3D
date: Wed, 16 Aug 2023 23:10:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 1EA0 0
142 B 212ms
204ms Image
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1463684722482988685781&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:10:58 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5F5D22A649D0435F881FD12231ED82FB Ref B: TYO01EDGE3218 Ref C: 2023-08-16T23:10:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDEmiSbQw3sz299m2Zsg==

GET
H2

200

xuid
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=1463684722482988685781&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7b204758-db0c-4e99-84c5-a3e9f67a6146&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=7bdf6130-7843-4383-80c3-958192b3b6e4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
355 B

94ms
94ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=7bdf6130-7843-4383-80c3-958192b3b6e4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 16 Aug 2023 23:10:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=7bdf6130-7843-4383-80c3-958192b3b6e4&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Wed, 16 Aug 2023 23:10:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/1463684722482988685781?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.EH50sJE2oSHHn4.oWfCSRsuMWRMIzCx.MAlCB1crA--~A&dongle=0883

37 B
355 B

86ms
86ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-.EH50sJE2oSHHn4.oWfCSRsuMWRMIzCx.MAlCB1crA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 16 Aug 2023 23:10:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 16 Aug 2023 23:10:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-.EH50sJE2oSHHn4.oWfCSRsuMWRMIzCx.MAlCB1crA--~A&dongle=0883
content-length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 1EA0 42 B
688 B 458ms
80ms Image
image/gif 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=1463684722482988685781&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
last-modified: Tue, 06 Jun 2023 16:36:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B2A0E647977E4C1EBD2D91220EA76399 Ref B: TYO01EDGE1717 Ref C: 2023-08-16T23:10:59Z
etag: "7b637fb9498d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
https://eb2.3lift.com/xuid?mid=2711&xuid=c3a0c012-3ad4-441b-b2d4-9afbe1a44893&dongle=013b

37 B
355 B

85ms
85ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=c3a0c012-3ad4-441b-b2d4-9afbe1a44893&dongle=013b
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 16 Aug 2023 23:10:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=2711&xuid=c3a0c012-3ad4-441b-b2d4-9afbe1a44893&dongle=013b
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 785083
content-length: 0
expires: Wed, 16 Aug 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1EA0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4025780564652432430&dongle=4d58&gdpr=0&gdpr_consent=

37 B
355 B

107ms
106ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4025780564652432430&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 16 Aug 2023 23:10:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
an-x-request-uuid: b6854cd7-9392-446e-80ed-51dfd03b09f7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=4025780564652432430&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 setuid
u.4dex.io/ Frame 1EA0 0
15 B 26ms
23ms Image
text/plain 34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=triplelift&uid=1463684722482988685781
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:10:58 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
61ms Image
text/html 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230815&jk=67012304405215&bg=!SkmlSR3NAAZGPLJIZjw7ADkAdvg8WpC3zC6c3bZvhqyNMy5Fqy8e05UEcRgB7xHuItKMTSWQS0nQGzDa0kAhudtNR9xEshCJMa4CAAAAZlIAAAAWaAEHmQLLsCBq486Wk4LOHh-8GPqKwJis5ZEIitv9zwas29NGeUmWiDDOnfY8c09-k23cH9daGn6SB4bzQGlU1pxDtoUlRKXzCfIHos_b7FjdD8N0KhTmAFQFu6L0h3m9t4ATHAhVKyCMvn_zSNSvTPSa1REJq4A9iZAdZ9k1sQqXvNJHeaFZqdyTdaTh_QY0dJUyrDrbE8wnguuOOLXzO-lmF5tGRuZQl3FmrpG0LTRXv1zK7IdANe0ntFORo1Q1Gb4_Q1QpWyzFOMg9238JIPD_gca-a8xusvwXOxjrivDlanY8wlGd0evZyh_9St4WzIUvN2HxmHYqR7teIHBloXg01DqkNhnmizU_6lsFH2Z32wUle471CipC36AYcGUyzqlt_rOn6XPnIEGqr5iiaHT2K6X8hBPACoQY41HS_FbmJiLP1JSd67CUGf8XRq2owoX_T5A2yEfCY5osWxJSq1vq8vCJBl8gwAexKJWWyynNohHZ7CnqiVbakMish9xVYh6p1H4HRZhCuu5BPBcGPq1lEB-GFoh7nmQtOfNPJykheVWxiD-At4K5gGRGCI6WelicakwuhiwLZBBMiOoIWhR5yiHCi-L0Z-DBskiTky_yPPH8aTw90HlBDEhjjfT_0ERlVNDad4chiRHdWGT32nAX8w-C0iAAxGlzp9febE0LkxIfHZR12Kzrqo6MfgGGoYmLwSII_vvJkNm8w5KyI6hKjvU11xKYrxdNDZdHcFqYy53RHGWD3qugAOqDEkmEsMcsWsuYxm72qxRk1Oj5-xgyEmiWzw4JyVXVs_b0pzAx5_rxI3qEjsnNvvf8bshJZWrmzdszTMTTA1QDbUyfielOhfTVmq32GTNVfRP9MtPlklsc3ENRNW8ZreOMwivfz_xJBwB_HemqaxcC3kOpA2rxpgE0f8RL1P_fpe7FNB79t7ZlwJTPbx-zlc1cv5D1qA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s55-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET sync
ssbsync.smartadserver.com/api/ Frame 8F32 0
0

GET
H2

200

be96b820e5daac93 Show response
ads.us.e-planning.net/uspd/1/ Frame DD22
Redirect Chain

https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID

901 B
1 KB

187ms
187ms

Document
text/html

64.120.110.138

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by: Host: points-pay.com
URL: https://points-pay.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.138 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: bbda9de3a48d6d96d7fb03e270802b8a737c9587a6247dffb001f6e432956fc9

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-length: 901
content-type: text/html
date: Wed, 16 Aug 2023 23:11:00 GMT
expires: Wed, 16 Aug 2023 23:11:00 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: SIN-721

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Wed, 16 Aug 2023 23:11:00 GMT
location: /uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: SIN-721

GET
H2

200

um
u-sin01.e-planning.net/ Frame DD22
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd288b2d1fde83df1
https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd288b2d1fde83df1
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=853bd101-0f81-4f40-a359-06e6cdc7dba2-64dd5785-4a50&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=853bd101-0f81-4f40-a359-06e6cdc7dba2-64dd5785-4a50&partner_url=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D853bd101-0f...
https://u-sin01.e-planning.net/um?uid=853bd101-0f81-4f40-a359-06e6cdc7dba2-64dd5785-4a50&dc=0abbcb4eba840e59&fi=d288b2d1fde83df1

42 B
103 B

93ms
93ms

Image
image/gif

64.120.110.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-sin01.e-planning.net/um?uid=853bd101-0f81-4f40-a359-06e6cdc7dba2-64dd5785-4a50&dc=0abbcb4eba840e59&fi=d288b2d1fde83df1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 64.120.110.138 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Wed, 16 Aug 2023 23:11:02 GMT
content-type: image/gif

Redirect headers

date: Wed, 16 Aug 2023 23:11:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://u-sin01.e-planning.net/um?uid=853bd101-0f81-4f40-a359-06e6cdc7dba2-64dd5785-4a50&dc=0abbcb4eba840e59&fi=d288b2d1fde83df1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
u-sin01.e-planning.net/ Frame DD22
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dd288b2d1fde83df1%26uid%3D%24%7BUID%7D
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=d288b2d1fde83df1&uid=b4b1a8ce-57fe-4234-bcae-4bf70167cada

42 B
103 B

239ms
168ms

Image
image/gif

64.120.110.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=d288b2d1fde83df1&uid=b4b1a8ce-57fe-4234-bcae-4bf70167cada
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 64.120.110.138 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Wed, 16 Aug 2023 23:11:01 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:11:01 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=d288b2d1fde83df1&uid=b4b1a8ce-57fe-4234-bcae-4bf70167cada
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame DD22 566 B
521 B 518ms
227ms Script
application/x-javascript 198.206.157.241

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.206.157.241 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:11:01 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Mon, 14 Aug 2028 23:11:01 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 28BB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=apac
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac

281 B
554 B

18ms
18ms

Document
text/html

23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 16 Aug 2023 23:11:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Aug 2023 23:11:01 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
server: AkamaiGHost

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame C1C2 1 KB
1001 B 149ms
24ms Document
text/html 204.93.150.152

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.93.150.152 -, , ASN (),
Reverse DNS
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 1894724
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Wed, 16 Aug 2023 23:11:01 GMT
etag: W/"61ddbb71-5f5"
expires: Mon, 03 Apr 2028 17:32:01 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 90703c96be21f89894f00582c06b70bd
x-cf-tsc: 1682610646
x-cf1: 29080:fD.tko2:co:1585621119:cacheN.tko2-01:H
x-cf2: H
x-cf3: H
x-cff: B

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 3B4A 4 KB
2 KB 269ms
269ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6f0b5186cbbcd071825b26268b68e4cd5c8803881a8100e0209a3ebb1728a4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1283
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 28BB 34 KB
10 KB 31ms
30ms Script
text/html 23.39.217.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.233 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f0971d13c25353bf0579fdfe95648591c3376e9194cae87adb1c78a0d14d26be

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:11:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2023 20:16:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75940
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 17 Aug 2023 20:16:41 GMT

GET
H2

200

um
sync.e-planning.net/ Frame 28BB
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=12186&gdpr_consent=undefined&gdpr=0&khaos=LLECJ6H8-20-C8SU
https://sync.e-planning.net/um?uid=LLECJ6H8-20-C8SU&dc=9bcc91305985f0db&iss=1&gdpr=0&gdpr_consent=undefined

42 B
103 B

365ms
172ms

Image
image/gif

64.120.110.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=LLECJ6H8-20-C8SU&dc=9bcc91305985f0db&iss=1&gdpr=0&gdpr_consent=undefined
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Protocol: H2
Server: 64.120.110.138 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Wed, 16 Aug 2023 23:11:01 GMT
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.e-planning.net/um?uid=LLECJ6H8-20-C8SU&dc=9bcc91305985f0db&iss=1&gdpr=0&gdpr_consent=undefined
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 3B4A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=1&gdpr_consent=

0
291 B

520ms
520ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Wed, 16 Aug 2023 23:11:01 GMT
Server: MT3 1031 59fd23a master nrt nrt-pixel-x17 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=131a64dd-577a-4400-a56f-735ebe528e42&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 16 Aug 2023 23:11:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 3B4A
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=1

0
291 B

288ms
288ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LLECJ6H8-20-C8SU&gdpr=1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 3B4A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4025780564652432430

0
291 B

425ms
424ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4025780564652432430

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:11:01 GMT
an-x-request-uuid: e6234e11-fc82-45f1-977e-8a1123ac857b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4025780564652432430
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 3B4A 42 B
711 B 99ms
94ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=F4dodDgVjWUkZt3LvYS3TiYTfskvISxh885G_AG5JRI
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B4A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABigCeOW9yDZpSqRvf_7dkzh4LwZR6d6_mSw

170 B
192 B

55ms
54ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABigCeOW9yDZpSqRvf_7dkzh4LwZR6d6_mSw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Protocol

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:11:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABigCeOW9yDZpSqRvf_7dkzh4LwZR6d6_mSw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 3B4A 0
75 B 104ms
99ms Image
text/plain 23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.53 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:11:01 GMT
content-length: 0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 3B4A 0
39 B 24ms
19ms Image
text/plain 207.65.34.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:11:01 GMT
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 3B4A 0
38 B 101ms
96ms Image
text/plain 13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:11:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 3B4A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=

0
291 B

509ms
509ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:11:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=08d07bda-0ec8-4f0f-89ca-e458c4a538b7&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3B4A 43 B
235 B 21ms
17ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 23:11:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 um
sync.e-planning.net/ Frame 3B4A 42 B
104 B 227ms
170ms Image
image/gif 64.120.110.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=F4dodDgVjWUkZt3LvYS3TiYTfskvISxh885G_AG5JRI&dc=69e9794bfc7bf740&iss=1
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.138 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Wed, 16 Aug 2023 23:11:01 GMT
content-type: image/gif

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://u.4dex.io/setuid?bidder=appnexus&uid=4025780564652432430

0
15 B

19ms
19ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=appnexus&uid=4025780564652432430
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:11:01 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:11:01 GMT
an-x-request-uuid: 614b0c7e-3b64-470d-a9cb-d031a489916d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u.4dex.io/setuid?bidder=appnexus&uid=4025780564652432430
x-proxy-origin: 153.240.174.133; 153.240.174.133; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame DD22 0
0

GET
H3 200 setuid Show response
u.4dex.io/ Frame EF13 0
15 B 20ms
18ms Document
text/plain 34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=eplanning&uid=AOyFk7bDox-3JvKW
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 16 Aug 2023 23:11:01 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3656
https://u.4dex.io/setuid?bidder=freewheel&uid=5c3950dcc68a86efbe5f3977adc47454

0
15 B

21ms
20ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=freewheel&uid=5c3950dcc68a86efbe5f3977adc47454
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://points-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 23:11:02 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 23:11:02 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://u.4dex.io/setuid?bidder=freewheel&uid=5c3950dcc68a86efbe5f3977adc47454
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1692227462554075-40
Expires: Wed, 16 Aug 2023 23:11:02 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 53C8 2 KB
1 KB 271ms
270ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: points-pay.com
URL: https://points-pay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

afd0646111cd408759155ad41acc0324122dda12ada3f94031b136165167acb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://points-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 909
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 53C8 42 B
711 B 106ms
106ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=tKCvww1lGncwz3UIU8H4y0xHKTn8xq3eO9NTLYO-RxI
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 53C8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A

0
291 B

271ms
270ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-nfDuzKdE2uFGaIUz_.z.1tgKiOC5kUDosHa41PU-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS