urlscan.io logo urlscan.io
SecurityTrails logo

ja.whitefieldfarm.org Open in urlscan Pro
2606:4700:3033::6815:333f  Public Scan

Go To Rescan Add Verdict Report
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Submission: On August 09 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 13 countries across 105 domains to perform 557 HTTP transactions. The main IP is 2606:4700:3033::6815:333f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.whitefieldfarm.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2022. Valid for: a year.
This is the only time ja.whitefieldfarm.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
46 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
9 2404:6800:400... 15169 (GOOGLE)
3 151.101.1.195 54113 (FASTLY)
1 185.177.92.147 39572 (ADVANCEDH...)
2 2600:9000:21c... 16509 (AMAZON-02)
1 12 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 6 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
7 46.4.104.244 24940 (HETZNER-AS)
1 5 2a02:6b8::1:119 208722 (GLOBAL_DC)
10 2404:6800:400... 15169 (GOOGLE)
8 172.217.175.98 15169 (GOOGLE)
3 37.157.4.28 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 145.40.88.5 54825 (PACKET)
11 51.79.234.101 16276 (OVH)
2 5 185.184.8.90 204995 (RTB-HOUSE...)
33 2606:4700:10:... 13335 (CLOUDFLAR...)
8 22 103.43.90.179 29990 (ASN-APPNEX)
3 2a02:fa8:c411... 399104 (CNVR-APAC)
1 2620:0:890::100 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
24 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
20 2404:6800:400... 15169 (GOOGLE)
8 212.77.99.29 12827 (WIRTUALNA...)
2 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 1 202.233.84.8 131957 (MICROAD M...)
14 40 172.217.31.130 15169 (GOOGLE)
2 8 104.18.19.126 13335 (CLOUDFLAR...)
4 142.250.206.194 15169 (GOOGLE)
12 2404:6800:400... 15169 (GOOGLE)
42 104.19.133.78 13335 (CLOUDFLAR...)
2 2 135.125.160.77 16276 (OVH)
4 5 202.131.200.84 17941 (BIT-ISLE ...)
6 6 174.137.133.49 27257 (WEBAIR-IN...)
1 1 18.140.0.140 16509 (AMAZON-02)
3 6 74.118.186.44 26120 (RHYTHMONE)
2 2 35.71.178.8 16509 (AMAZON-02)
2 35.213.109.249 15169 (GOOGLE)
1 2 13.113.235.156 16509 (AMAZON-02)
3 12 34.98.64.218 15169 (GOOGLE)
6 2600:140b:400... 20940 (AKAMAI-ASN1)
1 2 23.194.211.88 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 108.177.125.156 15169 (GOOGLE)
1 2600:9000:21c... 16509 (AMAZON-02)
10 2600:1f13:800... 16509 (AMAZON-02)
6 69.174.120.106 3257 (GTT-BACKB...)
26 104.19.136.78 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 172.104.70.67 63949 (LINODE-AP...)
6 6 18.178.22.21 16509 (AMAZON-02)
2 3 64.74.236.63 19024 (INTERNAP-...)
2 107.151.10.218 55081 (24SHELLS)
4 4 13.228.49.83 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
5 5 141.95.98.68 16276 (OVH)
6 6 35.213.12.39 15169 (GOOGLE)
8 12 8.39.36.142 26667 (RUBICONPR...)
2 103.231.99.242 62713 (AS-PUBMATIC)
2 2 109.206.161.21 50245 (SERVEREL-AS)
2 2 23.106.127.39 59253 (LEASEWEB-...)
3 5 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
5 6 52.223.40.198 16509 (AMAZON-02)
1 104.16.199.73 13335 (CLOUDFLAR...)
1 1 2620:116:800e... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 64.120.110.137 59253 (LEASEWEB-...)
1 23.227.137.178 55081 (24SHELLS)
1 1 67.202.105.33 32748 (STEADFAST)
1 67.202.105.31 32748 (STEADFAST)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 13 23.227.139.243 55081 (24SHELLS)
8 23.207.172.244 16625 (AKAMAI-AS)
1 1 51.83.220.94 16276 (OVH)
3 4 35.186.253.211 15169 (GOOGLE)
6 6 209.191.163.210 14744 (INTERNAP-...)
1 2a02:6ea0:d30... 60068 (CDN77 ^_^)
2 209.197.3.19 20446 (STACKPATH...)
2 2 23.67.161.242 16625 (AKAMAI-AS)
4 23.207.98.70 16625 (AKAMAI-AS)
1 207.198.113.205 13768 (COGECO-PEER1)
3 7 54.175.220.103 14618 (AMAZON-AES)
1 204.93.150.152 23352 (SERVERCEN...)
2 3 52.95.126.138 16509 (AMAZON-02)
2 3 52.46.128.147 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 205.185.216.10 20446 (STACKPATH...)
1 103.231.99.243 62713 (AS-PUBMATIC)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
2 182.161.74.11 55569 (CRITEO-AS...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 151.101.65.108 54113 (FASTLY)
3 122.248.207.73 16509 (AMAZON-02)
1 130.211.115.4 396982 (GOOGLE-CL...)
2 23.45.56.56 20940 (AKAMAI-ASN1)
1 1 18.177.11.95 16509 (AMAZON-02)
2 2 124.146.215.45 2514 (INFOSPHER...)
4 4 52.76.75.16 16509 (AMAZON-02)
6 6 203.195.121.141 7979 (SERVERS-COM)
3 3 23.45.52.26 16625 (AKAMAI-AS)
3 3 50.19.106.30 14618 (AMAZON-AES)
3 3 2600:9000:221... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 212.77.98.32 12827 (WIRTUALNA...)
2 198.206.157.26 399668 (E-PLANNING-)
2 37.157.4.25 198622 (ADFORM)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 23.106.127.52 59253 (LEASEWEB-...)
1 103.231.99.87 62713 (AS-PUBMATIC)
1 52.193.82.11 16509 (AMAZON-02)
4 4 67.202.105.21 32748 (STEADFAST)
1 2 47.252.78.131 45102 (ALIBABA-C...)
2 2 103.229.205.242 30419 (MEDIAMATH...)
4 34.117.239.71 396982 (GOOGLE-CL...)
1 1 8.43.72.97 26667 (RUBICONPR...)
3 18.65.202.114 16509 (AMAZON-02)
1 212.129.3.112 12876 (Online SAS)
2 13.215.91.142 16509 (AMAZON-02)
1 104.16.109.154 13335 (CLOUDFLAR...)
1 23.194.211.57 16625 (AKAMAI-AS)
1 66.155.71.149 13768 (COGECO-PEER1)
1 216.46.185.183 13649 (ASN-VINS)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 50.116.239.150 6336 (TURN-US-ASN)
2 52.77.10.214 16509 (AMAZON-02)
1 1 202.131.200.82 17941 (BIT-ISLE ...)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 143.204.126.77 16509 (AMAZON-02)
2 2 18.65.168.114 16509 (AMAZON-02)
1 18.176.247.126 16509 (AMAZON-02)
2 2 185.84.60.30 198622 (ADFORM)
4 4 172.217.26.230 15169 (GOOGLE)
1 142.251.42.162 ()
557 106
46    2606:4700:3033::6815:333f (United States)

ASN13335 (CLOUDFLARENET, US)
ja.whitefieldfarm.org
whitefieldfarm.org
a.whitefieldfarm.org
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
9    2404:6800:4004:808::200e (Australia)

ASN15169 (GOOGLE, US)
www.youtube.com
3    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
1    185.177.92.147 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-147.ah-server.com
us04.biz
2    2600:9000:21c5:9400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
12    2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.jp
1    2404:6800:4004:825::2006 (Australia)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
6    2404:6800:4004:824::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2404:6800:4004:823::2016 (Australia)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2404:6800:4004:80b::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    46.4.104.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de
www.bigmp3db.com
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
10    2404:6800:4004:823::2010 (Australia)

ASN15169 (GOOGLE, US)
storage.googleapis.com
8    172.217.175.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f2.1e100.net
securepubads.g.doubleclick.net
3    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
9    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
11    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
33    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
22    103.43.90.179 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
3    2a02:fa8:c411:12::1140 (Amsterdam, Netherlands)

ASN399104 (CNVR-APAC, US)
web.hb.ad.cpe.dotomi.com
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
site2text-2021.web.app
1    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.co.jp
5    2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2404:6800:4004:808::2001 (Australia)

ASN15169 (GOOGLE, US)
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
20    2404:6800:4004:80b::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
2    2404:6800:4004:80a::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
40    172.217.31.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f2.1e100.net
cm.g.doubleclick.net
8    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
4    142.250.206.194 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f2.1e100.net
googleads4.g.doubleclick.net
12    2404:6800:4004:827::2006 (Australia)

ASN15169 (GOOGLE, US)
s0.2mdn.net
42    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
c.eu1.dyntrk.com
5    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
6    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
1    18.140.0.140 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-0-140.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
6    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
2    13.113.235.156 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-235-156.ap-northeast-1.compute.amazonaws.com
fw.adsafeprotected.com
12    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
6    2600:140b:400:1a9::4469 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    23.194.211.88 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-194-211-88.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4200:28b9:a08b:bd3b:4ddc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    108.177.125.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tp-in-f156.1e100.net
bid.g.doubleclick.net
1    2600:9000:21c4:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
10    2600:1f13:800:7782:22a8:1ef8:27f2:ceae (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
6    69.174.120.106 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
rtb0.doubleverify.com
rtbc-sgc.doubleverify.com
tps.doubleverify.com
tpsc-sgc.doubleverify.com
26    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    172.104.70.67 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1680-67.members.linode.com
a.c.appier.net
6    18.178.22.21 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    107.151.10.218 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
4    13.228.49.83 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-49-83.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
5    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
12    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    103.231.99.242 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
2    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    2620:116:800e:21:6c50:dbee:bef5:203d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    64.120.110.137 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    23.227.137.178 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
1    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
13    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.spotim.market
sync.console.adtarget.com.tr
8    23.207.172.244 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-172-244.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
1    2a02:6ea0:d300::1 (Japan)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
2    23.67.161.242 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-161-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.207.98.70 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-98-70.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    207.198.113.205 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
7    54.175.220.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-220-103.compute-1.amazonaws.com
a.audrte.com
1    204.93.150.152 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.AP-anycast1.cachefly.net
i.e-planning.net
3    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.flashtalking.com
1    103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
3    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    122.248.207.73 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-122-248-207-73.ap-southeast-1.compute.amazonaws.com
d9.flashtalking.com
1    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
img-1000557.ad-score.com
2    23.45.56.56 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-56-56.deploy.static.akamaitechnologies.com
secure.flashtalking.com
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
2    124.146.215.45 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    52.76.75.16 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-75-16.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
6    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    23.45.52.26 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-52-26.deploy.static.akamaitechnologies.com
hbx.media.net
3    50.19.106.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-106-30.compute-1.amazonaws.com
ssp.disqus.com
3    2600:9000:221b:b200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
3    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
2    198.206.157.26 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
1    103.231.99.87 (Japan)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    52.193.82.11 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
4    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    18.65.202.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-202-114.nrt57.r.cloudfront.net
tags.crwdcntrl.net
1    212.129.3.112 (France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu
js.cookieless-data.com
2    13.215.91.142 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-91-142.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    104.16.109.154 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    23.194.211.57 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-194-211-57.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    216.46.185.183 (Littleton, United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    2001:df2:a300:bbbb::136 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    50.116.239.150 (United States)

ASN6336 (TURN-US-ASN, US)
d3644149111097611587-t8549987446109609232.id.amgdgt.com
2    52.77.10.214 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-10-214.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    202.131.200.82 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-tapi.admatrix.jp
1    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    143.204.126.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-77.nrt20.r.cloudfront.net
cr-p3.ladsp.jp
2    18.65.168.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-114.nrt57.r.cloudfront.net
cr-pall.ladsp.com
1    18.176.247.126 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com
ps.eyeota.net
2    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
4    172.217.26.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f6.1e100.net
ad.doubleclick.net
1    142.251.42.162 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
68 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 6761
c.mgid.com — Cisco Umbrella Rank: 4384
cdn.mgid.com — Cisco Umbrella Rank: 8752
servicer.mgid.com — Cisco Umbrella Rank: 6791
s-img.mgid.com — Cisco Umbrella Rank: 3908
cm.mgid.com — Cisco Umbrella Rank: 2222
678 KB
68 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
static.doubleclick.net — Cisco Umbrella Rank: 458
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
bid.g.doubleclick.net — Cisco Umbrella Rank: 473
ad.doubleclick.net — Cisco Umbrella Rank: 214
337 KB
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
ade.googlesyndication.com
275 KB
46 whitefieldfarm.org
ja.whitefieldfarm.org
whitefieldfarm.org
a.whitefieldfarm.org
2 MB
33 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 10712
sync.quantumdex.io — Cisco Umbrella Rank: 4762
6 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com — Cisco Umbrella Rank: 584
71 KB
20 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 707
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1092
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 954
29 KB
16 openx.net
us-u.openx.net — Cisco Umbrella Rank: 396
rtb.openx.net — Cisco Umbrella Rank: 1516
jp-u.openx.net — Cisco Umbrella Rank: 8902
2 KB
16 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 346
storage.googleapis.com — Cisco Umbrella Rank: 457
fonts.googleapis.com — Cisco Umbrella Rank: 67
77 KB
13 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 4875
sync.adtelligent.com — Cisco Umbrella Rank: 4266
7 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 801
static.adsafeprotected.com — Cisco Umbrella Rank: 594
dt.adsafeprotected.com — Cisco Umbrella Rank: 538
100 KB
12 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 475
rtb0.doubleverify.com — Cisco Umbrella Rank: 658
rtbc-sgc.doubleverify.com — Cisco Umbrella Rank: 21609
tps.doubleverify.com — Cisco Umbrella Rank: 487
tpsc-sgc.doubleverify.com
251 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
248 KB
12 pubmatic.com
hbopenbid.pubmatic.com Failed
image8.pubmatic.com — Cisco Umbrella Rank: 577
ads.pubmatic.com — Cisco Umbrella Rank: 496
image6.pubmatic.com — Cisco Umbrella Rank: 636
ow.pubmatic.com — Cisco Umbrella Rank: 4040
47 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
8 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 98
16 KB
10 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1237
assets.a-mo.net — Cisco Umbrella Rank: 3733
7 KB
9 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 710
cdn.flashtalking.com — Cisco Umbrella Rank: 913
d9.flashtalking.com — Cisco Umbrella Rank: 1462
secure.flashtalking.com — Cisco Umbrella Rank: 2023
63 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 111
784 KB
8 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 897
events-ssc.33across.com — Cisco Umbrella Rank: 1781
3 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
r.casalemedia.com — Cisco Umbrella Rank: 713
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
ssum.casalemedia.com — Cisco Umbrella Rank: 1365
6 KB
8 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 7889 Failed
1 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1275
bcp.crwdcntrl.net — Cisco Umbrella Rank: 834
sync.crwdcntrl.net — Cisco Umbrella Rank: 728
21 KB
7 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2305
8 KB
7 adform.net
adx.adform.net — Cisco Umbrella Rank: 3659
cm.adform.net — Cisco Umbrella Rank: 1657
dmp.adform.net — Cisco Umbrella Rank: 4473
1 KB
7 bigmp3db.com
www.bigmp3db.com — Cisco Umbrella Rank: 803387
20 KB
6 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2045
4 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
5 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 679
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
3 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
3 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
1 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
47 KB
5 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4971
i.e-planning.net — Cisco Umbrella Rank: 7366
s.e-planning.net — Cisco Umbrella Rank: 7332
3 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 309
id.rlcdn.com — Cisco Umbrella Rank: 611
736 B
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 541
7 KB
5 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2681
2 KB
5 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951
creativecdn.com — Cisco Umbrella Rank: 630
1 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3617
73 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 521
1 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
mug.criteo.com — Cisco Umbrella Rank: 2755
1 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 649
1022 B
4 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5668
sync.e-volution.ai — Cisco Umbrella Rank: 2451
2 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1056
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3221
573 B
4 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5315
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
173 KB
3 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 8299
48 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 704
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2479
875 B
3 media.net
hbx.media.net — Cisco Umbrella Rank: 1427
2 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 924
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2001
860 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 551
1 KB
3 google.co.jp
adservice.google.co.jp — Cisco Umbrella Rank: 39148
1 KB
3 connectad.io
i.connectad.io Failed
cdn.connectad.io — Cisco Umbrella Rank: 4173
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1778
457 B
3 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 209594
21 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
11 KB
2 ladsp.com
cr-pall.ladsp.com — Cisco Umbrella Rank: 3740
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 987
ad.turn.com — Cisco Umbrella Rank: 791
1010 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
1 KB
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 1960
421 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 986
2 KB
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3338
pixel-sync.sitescout.com — Cisco Umbrella Rank: 597
382 B
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4348
de.tynt.com — Cisco Umbrella Rank: 1523
3 KB
2 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5005
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 14310
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 753
614 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 921
637 B
2 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2904
436 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 411
958 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
2 KB
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5115
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2580
24 KB
2 optad360.io
get.optad360.io — Cisco Umbrella Rank: 25239
589 KB
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1014
1 KB
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 20698
225 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 76738
490 B
1 amgdgt.com
d3644149111097611587-t8549987446109609232.id.amgdgt.com
402 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1750
72 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
453 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 1769
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7074
535 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3992
595 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 110610
680 B
1 ad-score.com
img-1000557.ad-score.com — Cisco Umbrella Rank: 91345
633 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
572 B
1 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 1683
318 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 5347
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8094
259 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 929
395 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
23 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 465
514 B
1 idealmedia.io
cm.idealmedia.io — Cisco Umbrella Rank: 15863
173 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3841
392 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1845
620 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 13518
555 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 18332
610 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 891
183 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 701
468 B
1 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 15917
515 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 730
399 B
1 web.app
site2text-2021.web.app — Cisco Umbrella Rank: 394308
415 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 141
17 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 261
4 KB
1 us04.biz
us04.biz
20 KB
0 nex8.net Failed
cs.nex8.net Failed
557 105
Domain Requested by
40 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
eus.rubiconproject.com
us-u.openx.net
37 a.whitefieldfarm.org ja.whitefieldfarm.org
30 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
26 s-img.mgid.com
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ja.whitefieldfarm.org
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
googleads.g.doubleclick.net
fw.adsafeprotected.com
www.googletagservices.com
22 ib.adnxs.com 8 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
prebid.a-mo.net
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
googleads.g.doubleclick.net
14 cdn.mgid.com jsc.mgid.com
12 s0.2mdn.net 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
ja.whitefieldfarm.org
s0.2mdn.net
11 sync.adtelligent.com 1 redirects s.adtelligent.com
ads.us.e-planning.net
s.console.adtarget.com.tr
11 cm.mgid.com jsc.mgid.com
s.adtelligent.com
11 onetag-sys.com get.optad360.io
s.adtelligent.com
sync.quantumdex.io
10 dt.adsafeprotected.com 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
10 storage.googleapis.com cdn.zx-adnet.com
10 googleads.g.doubleclick.net 1 redirects www.youtube.com
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
ja.whitefieldfarm.org
9 jsc.mgid.com www.bigmp3db.com
jsc.mgid.com
9 prebid.a-mo.net get.optad360.io
prebid.a-mo.net
9 www.youtube.com ja.whitefieldfarm.org
www.youtube.com
8 ads.pubmatic.com s.adtelligent.com
get.optad360.io
sync.quantumdex.io
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
8 us-u.openx.net 3 redirects googleads.g.doubleclick.net
de.tynt.com
us-u.openx.net
8 ssp.wp.pl get.optad360.io
8 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
8 ja.whitefieldfarm.org ja.whitefieldfarm.org
7 a.audrte.com 3 redirects ads.us.e-planning.net
a.audrte.com
7 www.bigmp3db.com ja.whitefieldfarm.org
www.bigmp3db.com
6 ads.betweendigital.com 6 redirects
6 ap.lijit.com 6 redirects
6 match.adsrvr.org 5 redirects get.optad360.io
6 x.bidswitch.net 6 redirects
6 ups.analytics.yahoo.com 6 redirects
6 cdn.doubleverify.com 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
cdn.doubleverify.com
cdn.flashtalking.com
ja.whitefieldfarm.org
6 www.google.com 1 redirects www.youtube.com
tpc.googlesyndication.com
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
5 id5-sync.com 5 redirects
5 servicer.mgid.com jsc.mgid.com
5 sync-dsp.ad-m.asia 4 redirects 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
5 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
5 mc.yandex.ru 1 redirects ja.whitefieldfarm.org
mc.yandex.ru
5 www.gstatic.com www.youtube.com
www.gstatic.com
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
4 ad.doubleclick.net 4 redirects
4 jp-u.openx.net us-u.openx.net
4 events-ssc.33across.com de.tynt.com
eus.rubiconproject.com
us-u.openx.net
4 ssc-cms.33across.com 4 redirects
4 match.sharethrough.com 4 redirects
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 eus.rubiconproject.com s.adtelligent.com
eus.rubiconproject.com
de.tynt.com
4 rtb.openx.net 3 redirects us-u.openx.net
4 ad.360yield.com 4 redirects
4 dsp.adkernel.com 4 redirects
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
ja.whitefieldfarm.org
4 www.googletagservices.com 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
4 jnn-pa.googleapis.com www.youtube.com
3 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
3 std.wpcdn.pl ssp.wp.pl
3 usermatch.targeting.unrulymedia.com sync.quantumdex.io
3 ssum-sec.casalemedia.com sync.quantumdex.io
3 s.ad.smaato.net 3 redirects
3 ssp.disqus.com 3 redirects
3 hbx.media.net 3 redirects
3 d9.flashtalking.com cdn.flashtalking.com
d9.flashtalking.com
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
3 acdn.adnxs.com get.optad360.io
3 cdn.connectad.io get.optad360.io
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 id.rlcdn.com 2 redirects
3 b1sync.zemanta.com 2 redirects
3 c.mgid.com jsc.mgid.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 adservice.google.co.jp securepubads.g.doubleclick.net
3 web.hb.ad.cpe.dotomi.com get.optad360.io
3 useast.quantumdex.io get.optad360.io
3 prebid-eu.creativecdn.com get.optad360.io
3 adx.adform.net get.optad360.io
3 cdn.zx-adnet.com ja.whitefieldfarm.org
cdn.zx-adnet.com
3 cdn.jsdelivr.net ja.whitefieldfarm.org
get.optad360.io
2 tpsc-sgc.doubleverify.com cdn.doubleverify.com
2 dmp.adform.net 2 redirects
2 cr-pall.ladsp.com 2 redirects
2 sync.crwdcntrl.net bcp.crwdcntrl.net
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 sync.mathtag.com 2 redirects
2 event.clientgear.com 1 redirects de.tynt.com
2 cm.adform.net s.console.adtarget.com.tr
prebid.a-mo.net
2 s.e-planning.net ads.us.e-planning.net
2 tps.doubleverify.com cdn.doubleverify.com
2 tg.socdm.com 2 redirects
2 secure.flashtalking.com 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 cdn.flashtalking.com servedby.flashtalking.com
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
2 secure-assets.rubiconproject.com 2 redirects
2 servedby.flashtalking.com ja.whitefieldfarm.org
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
2 ads.us.e-planning.net 1 redirects s.adtelligent.com
2 creativecdn.com 2 redirects
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects
2 ssbsync.smartadserver.com 2 redirects
2 sync.e-volution.ai 2 redirects
2 image8.pubmatic.com prebid.a-mo.net
2 s.adtelligent.com cm.mgid.com
s.adtelligent.com
2 rtb2-useast.e-volution.ai 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
2 y.one.impact-ad.jp 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 fonts.googleapis.com 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
2 script.4dex.io get.optad360.io
script.4dex.io
2 get.optad360.io ja.whitefieldfarm.org
get.optad360.io
1 ade.googlesyndication.com
1 ps.eyeota.net
1 cr-p3.ladsp.jp 1 redirects
1 ad.turn.com 1 redirects
1 sync-tapi.admatrix.jp 1 redirects
1 d3644149111097611587-t8549987446109609232.id.amgdgt.com 1 redirects
1 d.turn.com 1 redirects
1 global.ib-ibi.com bcp.crwdcntrl.net
1 pixel-sync.sitescout.com bcp.crwdcntrl.net
1 tags.bluekai.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 js.cookieless-data.com s.e-planning.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 prebid-server.rubiconproject.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 ssum.casalemedia.com prebid.a-mo.net
1 ssbsync-global.smartadserver.com 1 redirects
1 id.a-mx.com prebid.a-mo.net
1 sync.console.adtarget.com.tr 1 redirects
1 assets.a-mo.net prebid.a-mo.net
1 cs.r-ad.ne.jp 1 redirects
1 img-1000557.ad-score.com 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
1 image6.pubmatic.com ads.pubmatic.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 i.e-planning.net ads.us.e-planning.net
1 pixel.sitescout.com ads.us.e-planning.net
1 sync.spotim.market eus.rubiconproject.com
1 rtbc-sgc.doubleverify.com cdn.doubleverify.com
1 vid.vidoomy.com s.adtelligent.com
1 a4p.adpartner.pro 1 redirects
1 csync.loopme.me 1 redirects
1 de.tynt.com s.adtelligent.com
1 ic.tynt.com 1 redirects
1 s.console.adtarget.com.tr s.adtelligent.com
1 cdnjs.cloudflare.com s0.2mdn.net
1 pixel.quantserve.com 1 redirects
1 cm.idealmedia.io
1 tags.rd.linksynergy.com 1 redirects
1 sync.inmobi.com 1 redirects
1 a.c.appier.net 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 rtb0.doubleverify.com cdn.doubleverify.com
1 static.adsafeprotected.com 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 r.casalemedia.com 1 redirects
1 s-cs.send.microad.jp 1 redirects
1 geolocation.onetrust.com cdn.zx-adnet.com
1 site2text-2021.web.app storage.googleapis.com
1 fonts.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 us04.biz ja.whitefieldfarm.org
1 whitefieldfarm.org ja.whitefieldfarm.org
0 cs.nex8.net Failed us-u.openx.net
0 i.connectad.io Failed get.optad360.io
0 hbopenbid.pubmatic.com Failed get.optad360.io
557 171

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
widgets.mgid.com
www.mgid.com
clck.mgid.com
www.optad360.com
whitefieldfarm.org
ar.whitefieldfarm.org
bg.whitefieldfarm.org
bn.whitefieldfarm.org
ca.whitefieldfarm.org
cs1.whitefieldfarm.org
da.whitefieldfarm.org
es.whitefieldfarm.org
et1.whitefieldfarm.org
fi.whitefieldfarm.org
fr.whitefieldfarm.org
hi.whitefieldfarm.org
hr.whitefieldfarm.org
hu.whitefieldfarm.org
id1.whitefieldfarm.org
it.whitefieldfarm.org
iw.whitefieldfarm.org
ko.whitefieldfarm.org
lt.whitefieldfarm.org
lv1.whitefieldfarm.org
ms.whitefieldfarm.org
nl.whitefieldfarm.org
no1.whitefieldfarm.org
pl.whitefieldfarm.org
pt.whitefieldfarm.org
ro1.whitefieldfarm.org
sk1.whitefieldfarm.org
sl.whitefieldfarm.org
sr.whitefieldfarm.org
sv.whitefieldfarm.org
ta.whitefieldfarm.org
tl1.whitefieldfarm.org
tr.whitefieldfarm.org
uk.whitefieldfarm.org
ur.whitefieldfarm.org
vi.whitefieldfarm.org
zh.whitefieldfarm.org
az.whitefieldfarm.org
fa1.whitefieldfarm.org
hy.whitefieldfarm.org
is.whitefieldfarm.org
kk.whitefieldfarm.org
mr1.whitefieldfarm.org
sq1.whitefieldfarm.org
te1.whitefieldfarm.org
tg.whitefieldfarm.org
uz.whitefieldfarm.org
ga.whitefieldfarm.org
be1.whitefieldfarm.org
ka1.whitefieldfarm.org
ky.whitefieldfarm.org
lb1.whitefieldfarm.org
lo.whitefieldfarm.org
so.whitefieldfarm.org
ceb1.whitefieldfarm.org
af1.whitefieldfarm.org
yi1.whitefieldfarm.org
ny1.whitefieldfarm.org
st1.whitefieldfarm.org
sw1.whitefieldfarm.org
zu1.whitefieldfarm.org
yo.whitefieldfarm.org
ig1.whitefieldfarm.org
gu1.whitefieldfarm.org
ne1.whitefieldfarm.org
pa1.whitefieldfarm.org
si1.whitefieldfarm.org
jw1.whitefieldfarm.org
mg1.whitefieldfarm.org
la1.whitefieldfarm.org
cy1.whitefieldfarm.org
km1.whitefieldfarm.org
hmn1.whitefieldfarm.org
ha1w.whitefieldfarm.org
mi1.whitefieldfarm.org
sm1.whitefieldfarm.org
gl1.whitefieldfarm.org
ht.whitefieldfarm.org
mt.whitefieldfarm.org
su1.whitefieldfarm.org
bs1.whitefieldfarm.org
mk.whitefieldfarm.org
my.whitefieldfarm.org
ha1.whitefieldfarm.org
am.whitefieldfarm.org
co1.whitefieldfarm.org
eo.whitefieldfarm.org
eu1.whitefieldfarm.org
fy.whitefieldfarm.org
gd.whitefieldfarm.org
kn1.whitefieldfarm.org
ku1.whitefieldfarm.org
ml1.whitefieldfarm.org
mn.whitefieldfarm.org
ps.whitefieldfarm.org
sd.whitefieldfarm.org
sn1.whitefieldfarm.org
xh.whitefieldfarm.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-22 -
2023-05-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.emilnichita.com
GTS CA 1D4		 2022-07-22 -
2022-10-20		 3 months crt.sh
us00.biz
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.bigmp3db.com
R3		 2022-07-02 -
2022-09-30		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.a-mo.net
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
web.app
GTS CA 1D4		 2022-06-13 -
2022-09-11		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.google.co.jp
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-10 -
2023-03-15		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2022-07-25 -
2023-08-26		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-15		 a year crt.sh
*.e-planning.net
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.truoptik.com
Entrust Certification Authority - L1K		 2021-10-22 -
2022-10-22		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-01 -
2023-04-01		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2022-07-21 -
2022-10-19		 3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh

This page contains 78 frames:

Primary Page: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Frame ID: 691F9310BA9A08D14972D867AA0A9426
Requests: 215 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SUnhQkRBVog
Frame ID: BAEAFCF6F0EE66CD10B32B4845015A8D
Requests: 20 HTTP requests in this frame

Frame: https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1660075200
Frame ID: AD4733348C4EC78C413FA5C45248CA5B
Requests: 6 HTTP requests in this frame

Frame: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B1C7F54303350388FC73CB45F7EC7ED9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8E5C5792CDEAEE82C2EF50E1D89A5FEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77FB47248DA2794E8C1BB3B1B3A38419
Requests: 2 HTTP requests in this frame

Frame: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 44845564B197BCA976AD53D16D5E2507
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%AD%E3%81%84%E3%81%9F%E7%90%86%E8%BF%94%E3%81%98%E3%81%AA%E6%98%8E%E6%94%AF%E9%81%85%E6%89%95%E6%B3%95%E5%8F%A3%E9%96%89%E9%96%8B%E6%9C%88%E3%81%8F%E3%81%82%E8%A7%A3%E9%A1%8D%E3%80%85%E3%81%A6%EF%BC%81%E6%B8%88%E3%81%B8%E5%88%A4%E3%82%8B%E3%82%82%E3%81%97%E3%83%81%E3%83%9C%E3%81%A7%E6%AE%8B%EF%BC%9F%E3%83%83%E8%BF%91%E6%9C%80%E6%B8%9B%E3%81%BE%E5%85%A5%E6%B1%BA%E3%82%89%E3%83%AA%E3%81%AE%E6%96%B9%E3%81%8C%E7%94%B1
Frame ID: 13613C3EC04236C801CADD1C38C0834D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 78A1C8B1DC9BDCFA1DB2F9F191870DD2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: A5DAC33B20A7B3F95F3EBA6F2139DB04
Requests: 1 HTTP requests in this frame

Frame: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 63FC765E881582E3A13A0D75698A89E1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYvaS1ywEwAQ&v=APEucNU8PjFzn-uJM2kTeCwhyhtMBq0BFrhLMJO-UoVdL3QViWXZMqATuNOkTzaHI-iTPQn_fi17dKL4ZQ2atOtOJp5kPj4T8g
Frame ID: 1CD831C1836B0630967CA49C9A7F562F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4EC2B2E5587C7E2AFFCF0FDE7DB1363E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2A911A2331CF84333B994578D80B637A
Requests: 3 HTTP requests in this frame

Frame: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C31CCCA9522547F43A916A195710333D
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQrrnTlQIY6qjTzgEwAQ&v=APEucNVlJVxN9tab1qDQlQRkkkd2KV6gT0Lnniz0c7EbQ9kZ3zuIWb_1WdDXNZg5IZvdUgNNIzDJ0ZlXdage2RsAkF9tEHjrdQ
Frame ID: 82C9564C01E7C80BE80C660969BB695B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D251F8B75B003C6C36D1DE49DCC69DE
Requests: 3 HTTP requests in this frame

Frame: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC3FDFB9A4A1774D39EA144A50C1D7FE
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARimm4pkMAE&v=APEucNURJ7txsFsZ9Di57VoRwhals9gW4ICQsStfdT_m__LBjXSVzdcmseDcu0-RZf6Wx5maijmDIsYXPKtKFJWZUxUwT1ri_A
Frame ID: 518F6D22EC5BFAC86957A2210054EEE1
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 73353D21B655F6D611FF350B82ECF955
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 28C15D7638A40C4F18AAF2F1D97BCF28
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1660088086778611864131
Frame ID: B46808C317B9751CC1D605B3C1F9E08C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D33B8ED0BA63967F992C16FA9E829B3
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Frame ID: AF0AC1CB891E35A48E52C31BED45D7C7
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=754484
Frame ID: F9EDECE2447C763BE58E44178BB2E62E
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 2798154FD175FA41D96BA5208A04C547
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: E92B0D86C9FB73D08F0F41977A635DD6
Requests: 7 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 66F09DC684E0E6723214A0AF942CA46E
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: C55C5DC6712847EC485C8A4CB53B3E53
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: F1629D61A4C85B3E3774432DFA612873
Requests: 4 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8c3843a5-deec-467f-bad3-3d6c40b5329c
Frame ID: 0AA1D559A5980DA67F6A58B420DF9A3C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 2CEB15ECF6E2554AEC2DCC01E26CF932
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 4BE95921DBEC576DD6D561C433BE1275
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: FDC43B66D5D363FC0E86DA9738D14D1E
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: DE588F527C69E6E341385960CC075AB8
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: BFB65437A5DB31B50CEA5AE78B0C1C4E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660088085638&gdpr=0
Frame ID: AA59E99A3E20107E1399F57913FC9F72
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 3C470950DC87590E089665F8AAB82B2F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 00E86D05E7181CDE00BF4AE138093C89
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: B68AF466BDEB23F257CA683A85D53560
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: CE42F248DC6430C437E7B8905FE30C25
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C7CF72B02C4F645F2B8DEB76853C3010
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 456F6C3C3C3FA6B19ABE5E2506F6FCAC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660088085638&gdpr=0
Frame ID: ABF45DF47357C5612D8A9D3DDBD1510C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B8F6C5D5FDA433EB0AEE4F1D820274C3
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: C1272BD96DBC319EA074B3FC89178C18
Requests: 14 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: D44A0F41C54B8DD2FE9FADD9969F4BD2
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 56EE8D14A941916E963A7E0D7542335B
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 2EEABFA92F56C8F0CF32FF6E8D018677
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 206A587B3FB694F8034D4C785EBA6891
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A7A8EA7E2BFC48DF267B50C4AF514AE1
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660088085637&gdpr=0
Frame ID: 7730022B5776C0F11A246E486A84805A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: AC76ED0341DD4E994D8661392D36D404
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: CE42208837EA958ED7268EE01516CC0D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 70A4ADFAE74460BC5098C1B5D073DD80
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2960.js
Frame ID: 6BB665544F312545F1CE25404E07F1E6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E65A9893F307FC558FA6B8878964D357
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2960.js
Frame ID: 47681BB88177D5A560A753C4B0AFF6C8
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 0370BECF5E2DC497A1CCA221AC1BC7DB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B832AEE9D5B83767B21555B9FC5546C4
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 9DAC2ECEC287B980006D9CB9DFCB5F28
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 3C1AB41E97D460F021CEE0924591A0B3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 74542D2B313575A10A5F252184DAB96B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D27E71BE06337ACDB3496345AFAA60CA
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 99887D76CB0A464E31DF68EF8F202BED
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 36EF6DACB63AFFD682E2CA623412972B
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 128F0CEAED54AAC6A5D2A83E56355549
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 02183B6C3F085EBAA32CEE7FD89BB8D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 280E91376D66CA88DEEF39CE421E1416
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: BE657B4B5CFB0F6729DD5A70A4D5C219
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 0EF4D2466314AD308204121585B2987D
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 5321690D83C67BC8BA29BD1FAB272747
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANfpoHXQo2lIiOqs
Frame ID: DB04A04CE8882A83C41FDCF5F4A3C0CB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 7FB7983A2318E1CF1CCAD71C10982CDA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 456D351046F67A18D63B918F0F6992D2
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 608AF263CDFEB8E6C9BB29540455DC41
Requests: 12 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 35BCE4738773B0430EAAD81C3555C691
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Frame ID: 8D055A25233D9243995EE73161E78AFD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

方法:SlackのデフォルトブラウザーをChrome、Firefox、またはSafariに変更する - ガジェット - 2022

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

557
Requests

75 %
HTTPS

29 %
IPv6

105
Domains

171
Subdomains

106
IPs

13
Countries

6201 kB
Transfer

13177 kB
Size

158
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 159
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 182
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
Request Chain 184
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvLvFmNv-zBvKhNiXK6r0wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
Request Chain 185
  • https://mc.yandex.ru/watch/56697487?wmode=7&page-url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A130547957005%3Ahid%3A1059716320%3Az%3A0%3Ai%3A20220809233446%3Aet%3A1660088086%3Ac%3A1%3Arn%3A669507003%3Arqn%3A1%3Au%3A1660088086453788168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660088081672%3Ads%3A7%2C10%2C669%2C455%2C0%2C0%2C%2C50%2C1%2C2533%2C2533%2C33%2C1209%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660088086%3At%3A%E6%96%B9%E6%B3%95%EF%BC%9ASlack%E3%81%AE%E3%83%87%E3%83%95%E3%82%A9%E3%83%AB%E3%83%88%E3%83%96%E3%83%A9%E3%82%A6%E3%82%B6%E3%83%BC%E3%82%92Chrome%E3%80%81Firefox%E3%80%81%E3%81%BE%E3%81%9F%E3%81%AFSafari%E3%81%AB%E5%A4%89%E6%9B%B4%E3%81%99%E3%82%8B%20-%20%E3%82%AC%E3%82%B8%E3%82%A7%E3%83%83%E3%83%88%20-%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/56697487/1?wmode=7&page-url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A130547957005%3Ahid%3A1059716320%3Az%3A0%3Ai%3A20220809233446%3Aet%3A1660088086%3Ac%3A1%3Arn%3A669507003%3Arqn%3A1%3Au%3A1660088086453788168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660088081672%3Ads%3A7%2C10%2C669%2C455%2C0%2C0%2C%2C50%2C1%2C2533%2C2533%2C33%2C1209%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660088086%3At%3A%E6%96%B9%E6%B3%95%EF%BC%9ASlack%E3%81%AE%E3%83%87%E3%83%95%E3%82%A9%E3%83%AB%E3%83%88%E3%83%96%E3%83%A9%E3%82%A6%E3%82%B6%E3%83%BC%E3%82%92Chrome%E3%80%81Firefox%E3%80%81%E3%81%BE%E3%81%9F%E3%81%AFSafari%E3%81%AB%E5%A4%89%E6%9B%B4%E3%81%99%E3%82%8B%20-%20%E3%82%AC%E3%82%B8%E3%82%A7%E3%83%83%E3%83%88%20-%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 200
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGqVKtnwPxRewS0tcRWjT58&google_cver=1&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8Daq09DfD6JpRy2vbw HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGqVKtnwPxRewS0tcRWjT58&google_cver=1&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8Daq09DfD6JpRy2vbw&prevuid=05030001_62f2ef1703aee&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8Daq09DfD6JpRy2vbw&google_hm=MDUwMzAwMDFfNjJmMmVmMTcwM2FlZQ%3D%3D
Request Chain 201
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG48Hncvs6aMpLLajvlMuSI&google_cver=1&google_push=AehlK4B3EySNwDx1iQ6iP4JstMn4M1hXyFMrFuWn3JYxM8F786hihAFfHJ0FdJUYhuh9qQyXaV9ps_BULbbk0TFQ3-ieLRMRJgE HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG48Hncvs6aMpLLajvlMuSI&google_cver=1&google_push=AehlK4B3EySNwDx1iQ6iP4JstMn4M1hXyFMrFuWn3JYxM8F786hihAFfHJ0FdJUYhuh9qQyXaV9ps_BULbbk0TFQ3-ieLRMRJgE&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4B3EySNwDx1iQ6iP4JstMn4M1hXyFMrFuWn3JYxM8F786hihAFfHJ0FdJUYhuh9qQyXaV9ps_BULbbk0TFQ3-ieLRMRJgE&google_hm=N2FnNUxhQnVibjY=&suid-set=1 HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Request Chain 202
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENAzyz9my6n-PjLrO4ESj6A&google_cver=1&google_push=AehlK4DkIAnsmEmZ9Q-V58jE8vTobd41KC4mVtSQMC-3M5eGf55Hl9XwVQKxPH9R6QyShiB3dOXoW03TSGy1SNfmtvM9nIB5MfQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4DkIAnsmEmZ9Q-V58jE8vTobd41KC4mVtSQMC-3M5eGf55Hl9XwVQKxPH9R6QyShiB3dOXoW03TSGy1SNfmtvM9nIB5MfQ
Request Chain 203
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPB5Y3smFoI7O7IoKcjmCD8&google_cver=1&google_push=AehlK4DJouzJ3sPdtReZXzYiApyIVMCIDSCyqWxsM9tn2CnwSfg2LJZzBnFaMsy-gPo0YP9yoaWC17wmcbUeKEUtMB2t6g5qBtk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DJouzJ3sPdtReZXzYiApyIVMCIDSCyqWxsM9tn2CnwSfg2LJZzBnFaMsy-gPo0YP9yoaWC17wmcbUeKEUtMB2t6g5qBtk&google_hm=ZzY3MDEzYjZlYjcyMjQyYzNkNjM=
Request Chain 204
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED0Ume7jIK9H2Dn2tc1G0r8&google_cver=1&google_push=AehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1660088086425 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7a5226ba-e6ee-496e-b2b7-3a22570aaa80-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4%26google_hm%3DBHpSJrrm7klusrc6IlcKqoA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4&google_hm=BHpSJrrm7klusrc6IlcKqoA
Request Chain 205
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN8GrVKdQ7YSxkY3cfIjzOE&google_cver=1&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fncqmSwGvy84KcGKEO4TPaskoINjqGyK1gIxQ7mc3vdXM HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fncqmSwGvy84KcGKEO4TPaskoINjqGyK1gIxQ7mc3vdXM&google_gid=CAESEN8GrVKdQ7YSxkY3cfIjzOE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MDc3OTQ4NDAzNDMxNTkzMjczNQ%3D%3D&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fncqmSwGvy84KcGKEO4TPaskoINjqGyK1gIxQ7mc3vdXM
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBRjZlQYX5w7AOfUaLy0Zzc&google_cver=1
Request Chain 225
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk4NzYyMTAyNTM1Mjg5NzY0NA%3D%3D
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
Request Chain 227
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDcyMDI3MTgtYjRjYy0yODAzLWUyMDUtM2JlNTFjMTQyZDkw
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMBQoe-ncaYi_DYSaByq9Ug&google_cver=1
Request Chain 254
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5N2IwOGItYzIwYi00ZTkzLWJjMWYtOGI2MTM5MTU2OGNl
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEN1eZCX3Nnsa_YPPLJJGii0&google_cver=1
Request Chain 271
  • https://fw.adsafeprotected.com/rfw/bgd/1082138/64281289/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0kIx1Bo_O8YjZumzUhabEA-m73FdTkeMKbLwoNsNrkfzQ9E7Vzs9SRjZbLKRHd5q3OqyGrMDVmh-b85-XD4zl7NIFaVv5y0xnpQSuRQAoCZ_4EVQb6reX_1YJySFUC9wuxwpDpnloSCraZ1CbWYdux7CDrEsIn2NMKt1Pimq7GVURx2_O4glgQbnVGvlhx8FsBfiFp9kAUR9R37VZnWdU2kBvpoGsvjGJuKJUBkwjvlOUoaCOazyL19ydhrRsx-KWY1bs05FQnrGei9_zk3aas6GtkfmVxbsNTw_PfmMH_BK_N1EpS3C_kFkfnU9siBlKZmTBxZlFsvP7IVOXUxAR57jKStsarS08O9_Ozo-9Sjk1Cf7TsrgWUZcDo_k47lgvJfgQCJMBz81GcC8EQPRPj1AcNid_Jix_w-C63cbmvJpOALKrRNUfui7tsyRKmEeYv9hZntB6aVVUUyqO2Hz6yihUxwWe1rKPaSQdfPPYqr-bjJWBIY9ETB5dN6ECeuu7uveVrTT25sFdIdZsSknJ9_NRRvmv964V8bJ3E4bECZyTifRFaKED1MI4tzpkC_MhusLH4brUa-FlLfnfkEQCTSp3iwUS6BZFBEeYPdR5smXDnrnUh2LjJRpIvhy93Q0lcWw2LBFDUthax53HIugo4Iej60e585mQLvxQTjWnLyJjHRgjScveDrxzgT_Ft9S-aQ8DdiFnh4IL3-rHJqZiwgeWLD7k9IBFA20itvxKYm7UlyBZXhwHuXZZC3WSUNrF47PF2ROvGMRAMSk1R3iNKi4JXJc8b8N-Jwwg4miXVEnJIq5-rU-JooD_GPkcinj2gJh1VAwlYmqrVSZPU2M82PT_RTOqUMwZDMQPs1trSqp4dhChi5DAUYv9c6oriXOTpDS6ApgesNLhbBzdJGsBCH0rMGWxFeZt7Xl75Mhr4kEtBdmnEC6PtZ63wVA1PX--6urPm_uwpnMyh_h2g4RpI0-SLBy4kWEwRNW4qJ8OZQn2RY6BgTEQbgkx5HhyJuqgbhzGq5l5JAnfjma2AitmUpEvPodIR16c-92LOy8EziQUL0nhnRcHePkj-rmiZO-pg-a1vdgISIitg0j-d3DoKsmsASLgQkA3vpH_SDhhJ65frVM7yWNRmAlWwlATNsQ45bWc4KK_BAZUBiELO_R6YrKxtqFRdq64IFn4xSYw0xR85nz4UlbeyNYqeDpcu32HZKGXi-ifb9t4aw2QTrMVqL8uUQG3k6VpLJqWRTd8uDCdABNR5gUn6YOQJ14eTrlTl7xNqkA-xkdX_jba8rhNb5frnaeDpgryO6z2XuRWl3vwvs5FOJMGEhZLC6ZqbI1nnwvdpDDIcCtj5xqBveAGkyoFBM2o2CCm0ZCRUnA64qJ05NTnojhxRgR1CKZadOga4MmGFpNMfKwxqY9fW7lj1dFnCUBfXQOAEHxTed0S8WOQjELFn3qQ-S9pG4_gvKw8aw96-zOw_QbEQ5bZYyeBa9N76gkb6qrxAaJEYdA9x7sjdzEXkloiUXlzDNhbPbFHekAeajOjtdnHtYbrEgWlSWrHcgE4ujCXotwuEmBrvp1db21UlVOeJc9DMIuGDDfGQD7GdmCRwNDoYgbtxTnzdH5QspsDQNYYmv1-a812r3lnlhvJeQrFDCwwoB_M9OBnJ7Xvv1Pj1SuW2bxy6T6zbpFlDzh8KfK0erGzk7e-PB0HTSk5PtA-QqWtjELlkF0YT56QE2b0Z_X1UVce6q7M-wMuZnR5GdYnGrAYS76c0ssSmrw2R8lk72aHwPNY0BqjlBnZ6EVm_eYTe01U5LWIP2jbMNHLWiqYFxm0iE7qcZxBJRekY3CJ-8fyfsDhyazCrsq_ve6dDuW_MYwsxe7nGbbJlPVXz4U6BFxBTTN3YiaYWpRhHqdIWRJnC77o1cGbsQ_bxEHEoMigmAhoI4jUtg4JSYptT_BWRIU5SvFxQAlWfMffKSOWNkjcahChgeYmkVZEVDODsnj_hnMrz1OS3bU1Kl9YmtKxoRtKHlZzGLkAf_SlEkSF4YVkuIDxSqhPANmH6GHQB9RfPXedHzSiix0mWaN1_2aiPqJX2r6GcDGLGHZ2CTdcNHQ_eJL-wBA7-EtDIOrmcXIxD0p0p8LcJRGeBL_ncL5P2SReLS7YGNa_hI2x_2WhxJTlfi-SOAexLecyTp2yw3c-JwThVisNtdJhKsZiSpG1h-DRqCfBHuXApI-2KqrnopQTkALz3svidBYsHIFiYfsUqDZNG1FdU8n6RV8OX_g75B7-7DBIOyXzkgIC4e2SJbCZZY7CMAlUTxxcJIYYn4zENuTceZ4AUAtxKjEfjSNrtMxYRwLs240VkTYvq2PvEICD27k6BOeNASvydF7OoOAAvee_mGLlP8exHUPBvJttxCWcT4NjybuXRrS-l4bvV8bkJOnbaGmdC67SzVrQQVRrHqtZcB1iI90TR4QX4ji-y3juuvLmyY7maG_IJA3YAdGd4y1Y-UPD3La7Bnrsd_sEdHnUWofMWKBu8gGs__pPozEVer4hZ3SG4qB0Qq-Nk6iC6KmFSv9xWuOD8KGwTnkvwTobZjTxlMfpe2ZpLuNiQZ6kmOL3ndmWUNRCv89mXBFSdbibqvBmfF7-vvoQHjXL4MQyrBbtMKLyjxhlxcyok0lzrvUdvHbOpb-Pt4J0vGBJ2crJ6nBsgsX1v8TjVVyMITNF0MeZs1oWXvUxKw5SNYgycw_3VpGEivXt4ecarm9cL3uL25AgF69M62i7rwbLBcZM97y-nV6TnqjqmbboGUBiE2WxmVy06Kdxo8uDYdl-c7lwxhEmyZtwYZieYijrdlBoskmS03E72Sg3jntqucvsAhdrszpemlBbuP8GHCkMNYkeHNQOzRtGHDiHtjLQ4Fke-iwooybK2rUDOAtuPs8bu7HbDAILc5AGCHvHbzrGciC_9aeKw-NKncAnfI2jz1_CR6AZlAY_tMas0JduOxA_9M3hUcJzq4-Y1FB495Igp7ah7UJ31lttlCg3629X_X6stMY3-YuBmH4uBZ3zbWLY3ZbxCBVxSbaQlLbKNCQpn5C4GqHvXmlAxMGu8zz-DEf9SVS9dwUH9sMulmoPeDT3fb49630UV-L32uZtm-RNfoKwLDIAHVFM9bGCdb_o47K08j95BNDYa2evYeo0E4iBHMpKPPWBxniS4LlpM_CPlUPESNyewncV4Nzid_P7WowWC5HuF6fmffTomp9GMUeBURibNcqcxBgOm-euYfUL0uYJeXZT1tCFwAjcTxAudixasSiebSkfl32gDlmNMnN15u-AyJwYar_6iAZeu_qJs98RtvHVGxWY37KA7FotVUJWntsPRjbbrpO0PAw94Vw-rPlRU_gul8TBvMgvOBLhnFyA5O1phbvlNn5kJX4522co7ysyR-WGderXDzdoBzAwqkaCYr27ouv8DsmqjKawqg7kOj8SZ3Z8vZ9wp9T4kpivjSLiORjshA9mhZ8CCBc4y4tIq-90YjDc3KsMr_h_K1W_PbucNw9XUsHl09uS4RHqYRbyOaD2LPikotYOEJRfN4IuBsequBhmNXb7SMdYty2oGjwpd8T2ivJGikIABIl5GhekX4zvPDi-yfPtyUq0_Qlg3qC34c8Eoo2XjHKdMyjUcVghWAB&cry=1&ias_dspID=3&ias_campId=28762859&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=17328609328&bidurl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0girGZE3tH35ugv8I1SC-Du&adsafe_url=https%3A%2F%2Fja.whitefieldfarm.org%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d08d24de-e4df-01cc-7f0f-11bbf92da577,c:kQ7NZZ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-85dcc8dbbc-l2xgk,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:23,oid:da745ef1-183b-11ed-8f3a-c6777a4d98a6,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0kIx1Bo_O8YjZumzUhabEA-m73FdTkeMKbLwoNsNrkfzQ9E7Vzs9SRjZbLKRHd5q3OqyGrMDVmh-b85-XD4zl7NIFaVv5y0xnpQSuRQAoCZ_4EVQb6reX_1YJySFUC9wuxwpDpnloSCraZ1CbWYdux7CDrEsIn2NMKt1Pimq7GVURx2_O4glgQbnVGvlhx8FsBfiFp9kAUR9R37VZnWdU2kBvpoGsvjGJuKJUBkwjvlOUoaCOazyL19ydhrRsx-KWY1bs05FQnrGei9_zk3aas6GtkfmVxbsNTw_PfmMH_BK_N1EpS3C_kFkfnU9siBlKZmTBxZlFsvP7IVOXUxAR57jKStsarS08O9_Ozo-9Sjk1Cf7TsrgWUZcDo_k47lgvJfgQCJMBz81GcC8EQPRPj1AcNid_Jix_w-C63cbmvJpOALKrRNUfui7tsyRKmEeYv9hZntB6aVVUUyqO2Hz6yihUxwWe1rKPaSQdfPPYqr-bjJWBIY9ETB5dN6ECeuu7uveVrTT25sFdIdZsSknJ9_NRRvmv964V8bJ3E4bECZyTifRFaKED1MI4tzpkC_MhusLH4brUa-FlLfnfkEQCTSp3iwUS6BZFBEeYPdR5smXDnrnUh2LjJRpIvhy93Q0lcWw2LBFDUthax53HIugo4Iej60e585mQLvxQTjWnLyJjHRgjScveDrxzgT_Ft9S-aQ8DdiFnh4IL3-rHJqZiwgeWLD7k9IBFA20itvxKYm7UlyBZXhwHuXZZC3WSUNrF47PF2ROvGMRAMSk1R3iNKi4JXJc8b8N-Jwwg4miXVEnJIq5-rU-JooD_GPkcinj2gJh1VAwlYmqrVSZPU2M82PT_RTOqUMwZDMQPs1trSqp4dhChi5DAUYv9c6oriXOTpDS6ApgesNLhbBzdJGsBCH0rMGWxFeZt7Xl75Mhr4kEtBdmnEC6PtZ63wVA1PX--6urPm_uwpnMyh_h2g4RpI0-SLBy4kWEwRNW4qJ8OZQn2RY6BgTEQbgkx5HhyJuqgbhzGq5l5JAnfjma2AitmUpEvPodIR16c-92LOy8EziQUL0nhnRcHePkj-rmiZO-pg-a1vdgISIitg0j-d3DoKsmsASLgQkA3vpH_SDhhJ65frVM7yWNRmAlWwlATNsQ45bWc4KK_BAZUBiELO_R6YrKxtqFRdq64IFn4xSYw0xR85nz4UlbeyNYqeDpcu32HZKGXi-ifb9t4aw2QTrMVqL8uUQG3k6VpLJqWRTd8uDCdABNR5gUn6YOQJ14eTrlTl7xNqkA-xkdX_jba8rhNb5frnaeDpgryO6z2XuRWl3vwvs5FOJMGEhZLC6ZqbI1nnwvdpDDIcCtj5xqBveAGkyoFBM2o2CCm0ZCRUnA64qJ05NTnojhxRgR1CKZadOga4MmGFpNMfKwxqY9fW7lj1dFnCUBfXQOAEHxTed0S8WOQjELFn3qQ-S9pG4_gvKw8aw96-zOw_QbEQ5bZYyeBa9N76gkb6qrxAaJEYdA9x7sjdzEXkloiUXlzDNhbPbFHekAeajOjtdnHtYbrEgWlSWrHcgE4ujCXotwuEmBrvp1db21UlVOeJc9DMIuGDDfGQD7GdmCRwNDoYgbtxTnzdH5QspsDQNYYmv1-a812r3lnlhvJeQrFDCwwoB_M9OBnJ7Xvv1Pj1SuW2bxy6T6zbpFlDzh8KfK0erGzk7e-PB0HTSk5PtA-QqWtjELlkF0YT56QE2b0Z_X1UVce6q7M-wMuZnR5GdYnGrAYS76c0ssSmrw2R8lk72aHwPNY0BqjlBnZ6EVm_eYTe01U5LWIP2jbMNHLWiqYFxm0iE7qcZxBJRekY3CJ-8fyfsDhyazCrsq_ve6dDuW_MYwsxe7nGbbJlPVXz4U6BFxBTTN3YiaYWpRhHqdIWRJnC77o1cGbsQ_bxEHEoMigmAhoI4jUtg4JSYptT_BWRIU5SvFxQAlWfMffKSOWNkjcahChgeYmkVZEVDODsnj_hnMrz1OS3bU1Kl9YmtKxoRtKHlZzGLkAf_SlEkSF4YVkuIDxSqhPANmH6GHQB9RfPXedHzSiix0mWaN1_2aiPqJX2r6GcDGLGHZ2CTdcNHQ_eJL-wBA7-EtDIOrmcXIxD0p0p8LcJRGeBL_ncL5P2SReLS7YGNa_hI2x_2WhxJTlfi-SOAexLecyTp2yw3c-JwThVisNtdJhKsZiSpG1h-DRqCfBHuXApI-2KqrnopQTkALz3svidBYsHIFiYfsUqDZNG1FdU8n6RV8OX_g75B7-7DBIOyXzkgIC4e2SJbCZZY7CMAlUTxxcJIYYn4zENuTceZ4AUAtxKjEfjSNrtMxYRwLs240VkTYvq2PvEICD27k6BOeNASvydF7OoOAAvee_mGLlP8exHUPBvJttxCWcT4NjybuXRrS-l4bvV8bkJOnbaGmdC67SzVrQQVRrHqtZcB1iI90TR4QX4ji-y3juuvLmyY7maG_IJA3YAdGd4y1Y-UPD3La7Bnrsd_sEdHnUWofMWKBu8gGs__pPozEVer4hZ3SG4qB0Qq-Nk6iC6KmFSv9xWuOD8KGwTnkvwTobZjTxlMfpe2ZpLuNiQZ6kmOL3ndmWUNRCv89mXBFSdbibqvBmfF7-vvoQHjXL4MQyrBbtMKLyjxhlxcyok0lzrvUdvHbOpb-Pt4J0vGBJ2crJ6nBsgsX1v8TjVVyMITNF0MeZs1oWXvUxKw5SNYgycw_3VpGEivXt4ecarm9cL3uL25AgF69M62i7rwbLBcZM97y-nV6TnqjqmbboGUBiE2WxmVy06Kdxo8uDYdl-c7lwxhEmyZtwYZieYijrdlBoskmS03E72Sg3jntqucvsAhdrszpemlBbuP8GHCkMNYkeHNQOzRtGHDiHtjLQ4Fke-iwooybK2rUDOAtuPs8bu7HbDAILc5AGCHvHbzrGciC_9aeKw-NKncAnfI2jz1_CR6AZlAY_tMas0JduOxA_9M3hUcJzq4-Y1FB495Igp7ah7UJ31lttlCg3629X_X6stMY3-YuBmH4uBZ3zbWLY3ZbxCBVxSbaQlLbKNCQpn5C4GqHvXmlAxMGu8zz-DEf9SVS9dwUH9sMulmoPeDT3fb49630UV-L32uZtm-RNfoKwLDIAHVFM9bGCdb_o47K08j95BNDYa2evYeo0E4iBHMpKPPWBxniS4LlpM_CPlUPESNyewncV4Nzid_P7WowWC5HuF6fmffTomp9GMUeBURibNcqcxBgOm-euYfUL0uYJeXZT1tCFwAjcTxAudixasSiebSkfl32gDlmNMnN15u-AyJwYar_6iAZeu_qJs98RtvHVGxWY37KA7FotVUJWntsPRjbbrpO0PAw94Vw-rPlRU_gul8TBvMgvOBLhnFyA5O1phbvlNn5kJX4522co7ysyR-WGderXDzdoBzAwqkaCYr27ouv8DsmqjKawqg7kOj8SZ3Z8vZ9wp9T4kpivjSLiORjshA9mhZ8CCBc4y4tIq-90YjDc3KsMr_h_K1W_PbucNw9XUsHl09uS4RHqYRbyOaD2LPikotYOEJRfN4IuBsequBhmNXb7SMdYty2oGjwpd8T2ivJGikIABIl5GhekX4zvPDi-yfPtyUq0_Qlg3qC34c8Eoo2XjHKdMyjUcVghWAB&cry=1
Request Chain 328
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAaQ00A9Lw3uS8V3ZotSnp4&google_cver=1&google_push=AehlK4A1VeDfY-kLKYYKL2qNuoaA27FXhk3YIK6sn0_daobBcI_vCvtNUyfh48Dtdn-UlfKOYV6KLj0O2vULZn3FhUAmBoZ_-_ey HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4A1VeDfY-kLKYYKL2qNuoaA27FXhk3YIK6sn0_daobBcI_vCvtNUyfh48Dtdn-UlfKOYV6KLj0O2vULZn3FhUAmBoZ_-_ey&google_hm=h57WRnVLQj27vlPglA-T38w
Request Chain 329
  • https://a.c.appier.net/gcm?google_gid=CAESEHAR8JIIl0YaKd1yaF50Deo&google_cver=1&google_push=AehlK4AD-c_Y_5d1Q-vFs46SQVez4VUMqodoIQ2VdZKidPVb5IB_WEcJzEJ2NeS9eJA3Sl4hK_iSOH-WngsHKwVUY0deHMNsCeig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mmx0dGNpUDhBczZKWFhMZEYtX3lZZw%3D%3D&google_push=AehlK4AD-c_Y_5d1Q-vFs46SQVez4VUMqodoIQ2VdZKidPVb5IB_WEcJzEJ2NeS9eJA3Sl4hK_iSOH-WngsHKwVUY0deHMNsCeig
Request Chain 330
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENAzyz9my6n-PjLrO4ESj6A&google_cver=1&google_push=AehlK4AczRC7Icb3vjCqS4VQec3iqOGP4KQt4Bn0Dp3gzU2Gs4CqrdDjH3LiSdF3geLAfkKPBEJkt3R2reR2m5G0aBaLxTEAsL8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AczRC7Icb3vjCqS4VQec3iqOGP4KQt4Bn0Dp3gzU2Gs4CqrdDjH3LiSdF3geLAfkKPBEJkt3R2reR2m5G0aBaLxTEAsL8
Request Chain 331
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECOo8GteZfr32vJoLgosk8w&google_cver=1&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMWxEAkNqVB6H8kkhFIT4Szl HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESECOo8GteZfr32vJoLgosk8w%26google_cver%3D1%26google_push%3DAehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMWxEAkNqVB6H8kkhFIT4Szl HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1495245886472877484&exchange=193&google_gid=CAESECOo8GteZfr32vJoLgosk8w&google_cver=1&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMWxEAkNqVB6H8kkhFIT4Szl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMWxEAkNqVB6H8kkhFIT4Szl
Request Chain 332
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH9hXwMgbfwrH7m3qGcoOxA&google_cver=1&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91QxiknuKJ5lQ0h4abPV8P1XpYXsoa8vf80DOJsjOhtxv5QwQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH9hXwMgbfwrH7m3qGcoOxA&google_cver=1&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91QxiknuKJ5lQ0h4abPV8P1XpYXsoa8vf80DOJsjOhtxv5QwQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05NEpzY21GRTJ1SGJzbkc4N2R3N3l1U1VXMUs4REdtaX5B&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91QxiknuKJ5lQ0h4abPV8P1XpYXsoa8vf80DOJsjOhtxv5QwQ
Request Chain 334
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBTYgJNVDRQF4jtQYacfgyQ&google_cver=1&google_push=AehlK4A5Thu5SkDpS3RDGE5RcXcMZDbGHFc9C4KcFn47lrgLO8v_nznm1RTifyACOu-DxE5hSCK2rZw2GNjfTGchPwQ-8HdtJuc7vw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBTYgJNVDRQF4jtQYacfgyQ&google_push=AehlK4A5Thu5SkDpS3RDGE5RcXcMZDbGHFc9C4KcFn47lrgLO8v_nznm1RTifyACOu-DxE5hSCK2rZw2GNjfTGchPwQ-8HdtJuc7vw&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4A5Thu5SkDpS3RDGE5RcXcMZDbGHFc9C4KcFn47lrgLO8v_nznm1RTifyACOu-DxE5hSCK2rZw2GNjfTGchPwQ-8HdtJuc7vw&google_hm=LTZrQVVfUmR4bWZMNzR5d3ltTkI= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 340
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=99145223-a459-451f-87ef-4c4b5888af1f
Request Chain 341
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTc5S3ZzMXp4Vnln&muidn=m79Kvs1zxVyg HTTP 302
  • https://cm.mgid.com/google?muidn=m79Kvs1zxVyg&google_ula={guid},5&google_gid=CAESEP0kSVf9nAaPxoa-rfJ5G2k&google_cver=1
Request Chain 343
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=m79Kvs1zxVyg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m79Kvs1zxVyg HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=&consentData=&uspString=
Request Chain 344
  • https://pixel.rubiconproject.com/exchange/sync.php?p=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=43070&c=L6MTL256-L-2NV1
Request Chain 346
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m79Kvs1zxVyg HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=3590419838912882203&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 347
  • https://idsync.rlcdn.com/712107.gif?partner_uid=m79Kvs1zxVyg& HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIl97LlwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIl97LlwYSBAgCEABCAEoA&google_gid=CAESEG-ik_znc09x2EAKKhNfi-w&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=7f0a7074-0bb1-4f52-abb7-9efd5e283dec
Request Chain 348
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=41858e2c-b518-41a5-824e-972da936cd01&ttl=1662680087
Request Chain 350
  • https://id.rlcdn.com/712056.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJfey5cGEgUI6AcQAEIASgA
Request Chain 351
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=4SBCo0fVzDvaq6Xia6ZP&pi=mgid&tc=1
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=0&user_id=2KB_AIv0KAXD8H8Bi_c0VIynLwPDqisH3qIXB2xS HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=0&consentData=&uspString=
Request Chain 367
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 370
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 371
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8c3843a5-deec-467f-bad3-3d6c40b5329c
Request Chain 373
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=99145223-a459-451f-87ef-4c4b5888af1f
Request Chain 374
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=345dd38e-743b-4b81-bf3b-a5ba42d7ca86
Request Chain 375
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=c2917b1d-c424-454e-9c69-a14957ad217d
Request Chain 376
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FHpmELZHnuCZF7XlRPeMPfsZ
Request Chain 378
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8987621025352897644
Request Chain 379
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8987621025352897644
Request Chain 380
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=617666&c=e0c72f070dd3b9a5
Request Chain 386
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 390
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&khaos=L6MTL256-L-2NV1 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=
Request Chain 394
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W1AXlxGTRLql10mgLLq8Mw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W1AXlxGTRLql10mgLLq8Mw
Request Chain 395
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgyMDcxYWRlYmE4NGM3OWEyYmE3Yzk1ZDI2NjFjZTJjZDY2NGM5Yg
Request Chain 396
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 397
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41858e2c-b518-41a5-824e-972da936cd01&gdpr=0&gdpr_consent=&expires=30
Request Chain 398
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pM29IfcyT5eXsFGxYuOFVw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pM29IfcyT5eXsFGxYuOFVw
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF6xBKgf9wv6vVqCBfBmeHI&google_cver=1
Request Chain 400
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNVEwyNTYtTC0yTlYx
Request Chain 401
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6MTL256-L-2NV1
Request Chain 405
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.whitefieldfarm.org%2F&domain=ja.whitefieldfarm.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=curHtnxXY2dUaTRYa2htT0FxUDRzcEZXSzU3MjhLTExYMTViM05PY3FtWkd6N2UzWHdKV1dCNU4wdzhUUjliV2Y3b1lEUVA2UHM5eGZkYTgzMHdTakszMlFkR3BveGdnZUN6TU55dnVIT0puWGlxdjRPQTVLSlFhcjJERnZTVy8xYmJ0QlFiNDFyT3F2Si9STTh3aDYrVHFpZ2hyMUNTSmRaSlNuSENaSTd1ZS9yUWo1WkpIUkpjY0Rja1BuZ0hWZWNhdXZ0cG5WK0xtT3FWSTUxdkVyL1AzUE1HVWRoUzkrTDNkeGFocnliZ2ZPWWYrMjFHVmpNVnhXVjVJaUwzL0xvcUpqfA&cppv=2
Request Chain 439
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEMyjzoeoRSkGdtv-Hv4De1g&google_cver=1&google_push=AehlK4BuEzT9I2odlmA7D1EQ2ku286p_h6H_l04gPEK3AieHmWodglVqqvAPH9VKRnLhywiHzVhPvRfvjBMqWM68wsUJUyhhyZh3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BuEzT9I2odlmA7D1EQ2ku286p_h6H_l04gPEK3AieHmWodglVqqvAPH9VKRnLhywiHzVhPvRfvjBMqWM68wsUJUyhhyZh3&google_hm=NHp0TlltMDE2QkRBWTAwOGZFQXg
Request Chain 440
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFuU_SJYalmq5C-C1AJgjIQ&google_cver=1&google_push=AehlK4CU2wB8Ucc3LQCyrybwzaC-pfVGk2UnqOei_R6EhvupKRhy4a2KkvmT4qk4Qo9LyESG7Hqmr3nx4DMiP-l8gtYd61YnHgw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CU2wB8Ucc3LQCyrybwzaC-pfVGk2UnqOei_R6EhvupKRhy4a2KkvmT4qk4Qo9LyESG7Hqmr3nx4DMiP-l8gtYd61YnHgw&google_hm=JBl-7tQ9z4kRkS3rBe_ZSg==
Request Chain 441
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENAzyz9my6n-PjLrO4ESj6A&google_cver=1&google_push=AehlK4CMoFzZFp-K4PfA6Kr5TpjEjjzUsLQArs6kuYOgZfmIBiXqiZAdBwHb91IISLmcnEUY-FgFxSNjT2hYSoY0zGItOp455dzF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4CMoFzZFp-K4PfA6Kr5TpjEjjzUsLQArs6kuYOgZfmIBiXqiZAdBwHb91IISLmcnEUY-FgFxSNjT2hYSoY0zGItOp455dzF
Request Chain 442
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFKE_1xv3VreTfQy_VdjFZw&google_cver=1&google_push=AehlK4BliiJ4_9OQmX6f-X3kFpiR__0Y6ljaE5PgcWZ6avl4Tbv8ER7XOyS3sGSCraWwLDdP-qphM3KWNkM_VW0LsKPwYnLA88TT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4BliiJ4_9OQmX6f-X3kFpiR__0Y6ljaE5PgcWZ6avl4Tbv8ER7XOyS3sGSCraWwLDdP-qphM3KWNkM_VW0LsKPwYnLA88TT&google_hm=MzU5MDQxOTgzODkxMjg4MjIwMw%3D%3D
Request Chain 443
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDThBj4Y1xi1weve7MGmplg&google_cver=1&google_push=AehlK4CgsHWN8VlmM18LJEaotqkhpfmhXiAg1Bk9Xe9Hte_fWblyW9zbiaS-NQYexGsk7RWM7em3jV27brEDD4e5JbLy_rqVDQo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CgsHWN8VlmM18LJEaotqkhpfmhXiAg1Bk9Xe9Hte_fWblyW9zbiaS-NQYexGsk7RWM7em3jV27brEDD4e5JbLy_rqVDQo&google_hm=WXZMdkdjQ284WDBBQU11b2NQa0FBQUFB
Request Chain 445
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMvhx7m4NxqQrTcUCV4UFjo&google_cver=1&google_push=AehlK4DPElYjuCX4OF0V26DzH1X8fIcVCk50HmlUAcBmK00r6adQzcvNkhhbF7Lc4MBurz3RBIsLnrIsPobnQuEjTdRGjUqRlHie9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmNmZWU0YmItNmY1OS00MTI2LTk0MGMtYzk4ZGE4ZDk3ZTI5&google_push=AehlK4DPElYjuCX4OF0V26DzH1X8fIcVCk50HmlUAcBmK00r6adQzcvNkhhbF7Lc4MBurz3RBIsLnrIsPobnQuEjTdRGjUqRlHie9g
Request Chain 448
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Request Chain 449
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
Request Chain 450
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Request Chain 451
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Request Chain 452
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=dfb5d7e4-229e-4d4e-8de0-037cd1192799
Request Chain 453
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
Request Chain 454
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455691000V10
Request Chain 455
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=742788fd-a144-3436-2341-fae88b9b0f79
Request Chain 456
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
Request Chain 457
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
Request Chain 458
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Request Chain 459
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
Request Chain 460
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
Request Chain 461
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1fe69952-5c9f-3429-3147-632ca94060b9
Request Chain 462
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1c1d8080-1274-41ad-ad4c-66f5cc88d9ea
Request Chain 463
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Request Chain 464
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Request Chain 465
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455637000V10
Request Chain 466
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Request Chain 467
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Request Chain 468
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455668000V10
Request Chain 469
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
Request Chain 470
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
Request Chain 471
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
Request Chain 472
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=aa8d7c6f-e0b2-42d1-3bed-cd5da8db56f2
Request Chain 473
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=65e92098-ccfd-4435-b475-80c2789b56d1
Request Chain 474
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Request Chain 499
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4aa6cb613ddaf895
Request Chain 501
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1fed07ff-1646-44e8-89dc-0d134a792a82 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A&gdpr=0&gdpr_consent=
Request Chain 502
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L6MTL256-L-2NV1&gdpr=0
Request Chain 504
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=smartadserver&uid=3590419838912882203
Request Chain 507
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Request Chain 508
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=appnexus&uid=8987621025352897644
Request Chain 512
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 513
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660088089125.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 514
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=c488266c-4953-40f8-a996-47484890df95 HTTP 302
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=c488266c-4953-40f8-a996-47484890df95
Request Chain 515
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660088089125.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=55a362f2-ef1a-4900-9d20-f665dac355cb
Request Chain 516
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660088089125.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8987621025352897644
Request Chain 518
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L6MTL256-L-2NV1 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L6MTL256-L-2NV1 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6MTL256-L-2NV1&ts=1660088090&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 535
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/36700a6a45e5aa0421b000165944a38b/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://d3644149111097611587-t8549987446109609232.id.amgdgt.com/r/telco/tuid/8549987446109609232/duid/3644149111097611587/url/https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10915%2Ftp%3DTRNN%2Ftpid%3D8549987446109609232%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8549987446109609232/gdpr=0
Request Chain 536
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=41858e2c-b518-41a5-824e-972da936cd01/gdpr=0/gdpr_consent=
Request Chain 540
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=JBl-7tQ9z4kRkS3rBe_ZSg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 541
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&auid=8a5ad121-d8b3-4f6c-991e-6dba7305a41c HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072588&val=b0P8-DQcFna-l
Request Chain 542
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=304762f2-ef1a-4100-b0bd-665bbcf44389
Request Chain 543
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8549987446109609232&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 544
  • https://match.adsrvr.org/track/cmf/openx?oxid=fb4ff4d2-7dbb-76a7-f7e5-615cd6f6e3f0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=41858e2c-b518-41a5-824e-972da936cd01&ttd_puid=fb4ff4d2-7dbb-76a7-f7e5-615cd6f6e3f0&gdpr=0&gdpr_consent=
Request Chain 545
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvLvGcCo8X0AAMuocPkAAAAA
Request Chain 546
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZS9YwtXgd26ks8ADsaW1YkAfc8AAAGChPYBHw
Request Chain 548
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
Request Chain 551
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7729131518783290630 HTTP 302
  • https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091 HTTP 302
  • https://a.audrte.com/match?uid=99145223-a459-451f-87ef-4c4b5888af1f&p=560038091 HTTP 302
  • https://a.audrte.com/p
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l55PLc0MVceQ2CEPyq9SBN2dg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l55PLc0MVceQ2CEPyq9SBN2dg&gdpr=0&gdpr_consent=&google_gid=CAESECLou40YKcDyi_4TmB81qaA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 553
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CP_xq4j2uvkCFY2zvAodzs4Odw;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CP_xq4j2uvkCFY2zvAodzs4Odw;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366
Request Chain 554
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1660088092255784 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CPeOrIj2uvkCFSdEwgUdk90JZw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1660088092255784 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CPeOrIj2uvkCFSdEwgUdk90JZw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1660088092255784

557 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request change-slacks-default-browser-chrome-firefox-safari-0198402-3864
ja.whitefieldfarm.org/ 		64 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
372feb3d5891ce97a07976325c10b06048a65fd566adeb45bd5a393c681e82c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
DYNAMIC
cf-ray
73844dce8e1580d8-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 10 Aug 2022 23:34:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8ZdT1U2PHpC%2FUTonMKZ7o9FrDL2CJbBFuJHJCJeglybJgC8ku2ApCWEaw5TQRglrHFlBX979oMnqBNNl%2Fcl3WvSfP22dMRI2LxOSWnpjNyST8nyoussmp6MWcWFCXTUzBqrdzZd8WyTknmOFHWEIS7Ljos%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
style.css
whitefieldfarm.org/template/proword/css/ 		134 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://whitefieldfarm.org/template/proword/css/style.css
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af06cd6710b3235cea95d098252bcd3a06d213c75ca13b3dfa345e3e980dc24

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
488325
cf-polished
origSize=141265
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 May 2022 19:38:30 GMT
server
cloudflare
etag
W/"227d1-5df4e66efb244"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZqBdOCp%2BaF9NGGy9uWkkPUKO3y6omb6T4m9ALEZwEcGiR%2FvK6dWsMgLfJZLjg3eeHPw3VYV6StLXvNm9k1VaKzDXa3tjvpBrKQi5VmjWclX3ldT08GrOeNcxBPxzZ1jAvsiKZaDws1tXaB0RFeMfe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 18 Aug 2022 07:55:57 GMT
cache-control
max-age=2678400
cf-ray
73844dd3ab8380d8-NRT
cf-bgj
minify
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25506
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA, cache-tyo11963-TYO
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZurCRTHqVRcsG26rxhcazFwSHuvbDwuvtMViQbfH7a84FxCK%2BtHaFQW5hpq%2FJLAOX%2BiQz9cGWPRGGCoj26eaYvonqQitHeCO4dvaN9Cn4vC8skCtTkTrjgzj6Wz2Qm6l4Hc%2FCyBWevLmzDWEkH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73844dd2dd592035-NRT
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7085
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19160-FRA, cache-tyo11958-TYO
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTh%2F2JfBLRAO8%2FcwDikTjoMLyIfBDCLG%2FFVsuoXtorJ40MwxgKVi4VIIprmVVZq3DdKaQNPdzjjca3NS5aKnkN3sO5o47Nc%2BI1Bk9Lncwo3LHt%2BKmBpmIGkQDhA8PxRuiljG30G0lzvgIn4seSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73844dd43e022035-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari.jpg
a.whitefieldfarm.org/gadgets/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9aadd4cc0fa1091dd6243cda1d71510d9e0f975a9e3884d4a2e1c9e1d167b2a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22112
last-modified
Sun, 31 May 2020 22:53:58 GMT
server
cloudflare
etag
"5660-5a6f98db3ed80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzzFrrQBvMq%2F%2BTAgvpBJ1nMP2CIwf%2BbF3lIu%2B7g%2B5JWw7EoS9KJHFzklZceCXlNOkU9E2fGH1hh%2BEQg8z7L5%2F0hdiP6jg8Pw%2FZ%2B76OV82xDlIw4RAQo4ExBHrF0TnlwjWWwGoaWf6cR4g6XiOICtrOZTCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd44c6e80d8-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-1.jpg
a.whitefieldfarm.org/gadgets/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-1.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06dd1d88a862373e4f877625def7ca3671c2fc6f4b79ed17e824dc7de35a9f53

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44048
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"ac10-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhWgRVvdFlMAyQcS7Po%2FKpHhJpdCsnRTd2c7lLo9P66OgXSZqPLPExYxynm6PTvqmviKnixK0Raj37VDCslqT7nIV%2FD0uXuVtYnye2UBgiSd1PYByBNuzHL1v3q%2FmrXn9ucTqHcUCKLDPnZWZQznqFU5SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd44c6c80d8-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-2.jpg
a.whitefieldfarm.org/gadgets/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-2.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc39ae678ed5b8bfc8baf5842ab49065bcf1f974a9a679c5dac6aee45fe65b30

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23168
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"5a80-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52jy2%2FaoUcGShS2L4bxvcagtVsHpWdaP3koV2fuzqi90FL4rK1egVdWXIVp09g%2Fd%2FP3S8YYcaywacfUOjJphF1S9etrm%2BaIiHfoIezZA8YPvOOTCfyby9VQYZTpGDcqMGbrLGSTpJVRmg67CqL7AEVsY9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd44c6980d8-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-3.jpg
a.whitefieldfarm.org/gadgets/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-3.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104f690deff154f20da1f807ca76ed2cab178eddf0475095417bfabdf744e21b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33022
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"80fe-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vqtFbb3CuolrXk15Ul7GB40CuCu76VskLChOETpfWm21ytlIN54XSJAUhSGJavy3BesRwbZWk%2BjFFpEXw29OttEwAhZrsCgYO1l6bOgwIaQVAL4T2%2FA1MIA6TT%2B12%2Bmp24jjlEhZx3pGDA3ZHc2xDGjwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd44c6d80d8-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-4.jpg
a.whitefieldfarm.org/gadgets/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-4.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad91c17d164dfd6ea06c68bf9058d67634a412f4b2cb8db1b7be4de9a102734e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52367
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"cc8f-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv%2BUAposSyHC0sAYQfoaS%2FAMYOkgM5JJ43fMISWUbDQm7B6vDK5aARtBuPajiprnIVPWYaKNDee3h6%2FsF3X%2Bl3w2pGl4cOYkJBj252w0G3pOHUfAlhQTx%2Bdwg6TYdNqZPDhWCgSeRw83YbOk6WbuPCoDfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd44c6880d8-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-5.jpg
a.whitefieldfarm.org/gadgets/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-5.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10f5cda8e6731ffa31d49f9e3719e6938e380174961af19123fd8da8e1a7d80

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50764
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"c64c-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijyO%2BCYm1KyDveNwL2ePsmO86TjZcVVSSvHvTdV0sBW8FQcmA1AD51MaQW74mSnVvcWUQmt6rwragedBG2xBKQ5%2BplvnKIJKYQpRfGJNf3OQdsfQIMTMZfcikoFr85zkRnr30MFmm%2F7DVMnXQbUsWmSawg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd44c6680d8-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-7.jpg
a.whitefieldfarm.org/gadgets/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-7.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b506b2f896f0116922c3b921067e013458f1dfbef1549502a405c11c60080048

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41173
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"a0d5-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFR5w0PyHARhjbZ1FekYjL1ERnFuMlffZknvO5jBWRkCjDxNCJPZpTaH2uzkjKps%2Bahe2RFiIGCuJy6SVY75pIEt1BTp2dRvP0tso%2BbN6nUfi2JRfGEBB0%2F61ctva2Wggz9HE%2B8ilaLtow2kY8HZr3lJRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76af4ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-8.jpg
a.whitefieldfarm.org/gadgets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-8.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba83bdef33ff73f84e3c3e317fb1d88a65628c45e2e60cdc4ba3e9af534650f3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27510
last-modified
Sun, 31 May 2020 22:53:58 GMT
server
cloudflare
etag
"6b76-5a6f98db3ed80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbnas8fL0lkCGVvvjJHXsXuOQcPRBVRJ3aEkertUXErBl4momNPsqqxnn6sttTnQEKMUH2wM1Ext3fI99EJIOo04KwZDGcJgameRFExUDQtzhlOYLtq6d2i0e9H9XjhFzCiiMY8FCbPqOyAT4dtFsAQCcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76af5ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-9.jpg
a.whitefieldfarm.org/gadgets/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-9.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013b73ac29007a03e6299424cc59790134ad880e82afcad50608ba4702055c2e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27188
last-modified
Sun, 31 May 2020 22:53:58 GMT
server
cloudflare
etag
"6a34-5a6f98db3ed80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgiwfxZljLwWrj1rjS7vM0GaBziYi%2B7pnqvAmoRjNaaq%2FZ5X98mpX%2B2Uvc05YBdEoWRJj4zU%2BaB9%2FLn5sCPk487peHeYEtXoq5%2BXdqQvw%2F%2FATQgUe%2FwzILdYbrdP2D7F%2Fu2fcpVlEcFkt1pn0YH%2FRJtaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76af6ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-10.jpg
a.whitefieldfarm.org/gadgets/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-10.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65830137a22cab6f6008c8c614825cbc56738a727ab4e3c3d3ca56b12804372

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34414
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"866e-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejL2KqBe6uhnDrZdnnAydcuF3O3OmX6wYchI5MaFLT1ZU%2FhwTJOFywQtWVfjAo61X1YBMhw%2FIYwjxRktCmC%2FhwitPxWg2IhF9ZpdH%2FwXF3pW%2FSmdHNVbElX0jMbZQkWK5Sfq5PL1jqPC%2B3epPv6GrcJfoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76af7ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-11.jpg
a.whitefieldfarm.org/gadgets/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-11.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4b7c55366c896b1e9c7f4fa3fd5ff9c72ddaa411f6579654321d0d96f95795

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15617
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"3d01-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IB4EafvKJJ8pD00yVxJ4v2TKtTqUFwpsoxG5i2GxQyhDqLkSkc4rQGDh1EmL1AXftqkW3rW7adX4FQtsfr6xyPzCV8dKDQ32yTMwV5REcrWQoniD9Av5%2FMXROe9iDinhjWdrld%2FXPaxrKvBPTCfcjDN8wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76af8ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-12.jpg
a.whitefieldfarm.org/gadgets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-12.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeaf59f3a8b2e4208d35b710d8cecaf6445cccf38b8badcec8fe389744fb11b9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51241
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"c829-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6xhUeeqV0ib%2F8MFoL8RKYbTSDH%2BJ%2B2pkeVhalHBKpw1MZt0BRNW%2FHBKblBB3%2BGw4LDIJRryVtiINNg9IIHUH0%2FOIPUdqKsToh%2FDGxLSYyw%2F4YDmz6P38851%2FK5rLoS%2B3ZcE8BWEZ19InqM4omrfA3qlng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76af9ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-13.jpg
a.whitefieldfarm.org/gadgets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-13.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7265215d77388785b72f2f3ceb96942cfc17625efcdbc6cceba71e29c0678133

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51161
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"c7d9-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2B7VkcZ3Ighh5xmEqCz%2FtD2Rqhj82E%2BxIZBJS%2BXZ%2FKISlevrvv4cJiFkZSMlLbaEKlEKiesmYVbjw15MIYHthW5uRyoxUje1rFw5%2FEXuojq8U14Ku%2B4Sfm5vhLpCJpQJqoKFyM8XvCdB9ljo29boTPD49w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76afbef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-14.jpg
a.whitefieldfarm.org/gadgets/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-14.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e40c4701ceb65a543f80f0bbbd6bd31b3555bfda94abdde2b63e0bbde68d783

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58985
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"e669-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ScowZzRZBNTXmPONhZL6FBROYTMlD9dL1VfLQgIUVmuTrL%2Fkkj5Oel%2BF32DERy1bFrrXghVuez8bdyC8BJ%2BevjPhBv7yF27Gp29X33nXzcVf4D4%2FJW8znSm4iLnNTGC%2FIU3vUMInFhZrQ%2FdWTiMqiH9jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76afcef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-15.jpg
a.whitefieldfarm.org/gadgets/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-15.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63324a9091ee8fdb9afc8be286379501585c6c769cbcfa34620e001e4cf83375

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29654
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"73d6-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5tchG6wYeWOmxO5GB0SOivXE23vjot%2FypHXBHv55AkfU4taeCVtWEfnewJ%2Fb2FR7BxLgxMBc4fYHMbz4%2FVuF0wf3I8qVRsLwDvCYpPcw9HukOWn%2Fk0svnINrcC5vwi2YAiauhLKziF9a%2BC2sBSAAU0VUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76afdef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-16.jpg
a.whitefieldfarm.org/gadgets/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-16.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4fffc46b7730f98913fbf2ee479f39383747aec5354a287dac6e4ce304c142

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31303
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"7a47-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11p9ZvXsflGcxrh%2FpAv09qbpIRlCxXN6qXooSFW3GlAHMHlSBkzxNzajGqzfiYCC1G1KFtm82nl0y%2Bu2WTRHhqTTeZuPbEt6cA5V0BtoOnyrwrViHBUaAQy5Vd130gFHEn4MMqamTP3jfulqA6UQ5vnKbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76affef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-17.jpg
a.whitefieldfarm.org/gadgets/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-17.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0829f0770b5c3a4faae6697cf5bcd049ac75bd24d774c83f306801a5243d19

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39664
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"9af0-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWXMw80LljuOl6oB8v9zlVw4BeDizcx%2B0JtCZ6m96rsICHzvsEiVdQsdkmW1ITPldq142z%2BcnO7QBFRWByFS3bz%2BwzRI3GUxjhwYqomeO0A%2BlSh3DHQ%2B42GLd6ZzEEDKkLchgJugNUr%2BNdAn%2BpMqS9uiqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b00ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-18.jpg
a.whitefieldfarm.org/gadgets/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-18.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a08c5124b69d9f4a6fba0097e364a793b8b8d15bdfe291a39733ccd4a0bf48

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18632
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"48c8-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud26r%2F6eBHsi5lHfsVggYI6VwXuo%2BY9d54MErG9%2FY3ac5zNeHi1tctk%2FS9vkisU%2BGmBswuWWmI6elRSG%2BQD%2Bl1GIO%2FsTHQEWDqo15o2J4TGtEZHTMZ%2B4YXr9cj2gpZrQCmKi1ChuvQXsexBDxSwEZVZdhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b01ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-19.jpg
a.whitefieldfarm.org/gadgets/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-19.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fec7fbabd2358ced6754aa094e5bbb9c978903a112f90c90aaf54bbfd06ba05

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53652
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"d194-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27UZM9SNLD%2Fr2aYE1te0ByYeut%2F4fCLRmhfwjyt%2Fyp%2Fmveh1tH2Y2s4HQiatrJAjstsDZ6rjF64SjdMJXw4kgmFSeDTiH146ifT9XgFaEHn4uZkd8x2aGbX4xEHCV%2Bs6weYOp7Ejwh7GwNIOJgmhk1KYKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b02ef9a-NRT
how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-20.jpg
a.whitefieldfarm.org/gadgets/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-change-slacks-default-browser-to-chrome-firefox-or-safari-20.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b0bf30bc503e5fca64e6df81c1cc3800377ad8eaf23572dacaeff26939d912

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53440
last-modified
Sun, 31 May 2020 22:54:00 GMT
server
cloudflare
etag
"d0c0-5a6f98dd27200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjRrFqlvqUgV2j3D7MNDVuzq3nxKredQeUTOFp4MkmiwimSo9BhZTIc6c1EQACAf8hHvD0l5M4NRAK7EgeDHijWvvPY9jBsQy9cUnhU2tkUtI31ZlgLH5CT7G8PUi0rrUotVzhZlW%2F1K6Qxm9dqNKLdDkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b03ef9a-NRT
-sn0wbreeze-2.3b1.jpg
a.whitefieldfarm.org/gadgets/how-to-jailbreak-ios-43-iphone-ipad-semi-tethered-ipod-touch-w/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-jailbreak-ios-43-iphone-ipad-semi-tethered-ipod-touch-w/-sn0wbreeze-2.3b1.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d4519b455cb6e93efca091c535c7f31b0a071000e75ab139cb4a7b66390aaa

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26887
last-modified
Sun, 31 May 2020 23:01:06 GMT
server
cloudflare
etag
"6907-5a6f9a736b080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FQSoEhr8%2FcU73n9r2z5kuBR0brmBIIAO2rBOu4Rs2K1U9zwYlUns4kIAwQ%2Ftcm4NV277zA%2FBNaMXpcCAK25gc3GpDGl84te4w4tHk9iI%2BHSujHG3%2BUMOJBP3lkK7i%2BnkyzM%2B5gdeEGCe7hav9L8LOsA%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b05ef9a-NRT
how-to-call-voicemail-with-one-key-on-your-blackberry.jpg
a.whitefieldfarm.org/gadgets/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-call-voicemail-with-one-key-on-your-blackberry.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35c30ae2901505983e0642afe1d502057c532c660192e608c0ffd37cd1b04f5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28359
last-modified
Sun, 31 May 2020 22:54:18 GMT
server
cloudflare
etag
"6ec7-5a6f98ee51a80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjEVWOa1uOvXb7MRJDoFQn3XhASzqhKT5leWVlN3%2FQl9qWBgTr7v7WLqpj4Y1SWI94%2BCzTfy72ubCp8pK0EHrm1zd%2FAo32z3Q%2F%2FN528Mc1M1Ri%2BQlRHqpjNJK2zwxDaB51M9TJtYdNVpco%2BEpJ9kl8wumA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b06ef9a-NRT
how-to-disable-the-redundant-google-now-swipe-gesture-on-nexus-devices.jpg
a.whitefieldfarm.org/gadgets/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-disable-the-redundant-google-now-swipe-gesture-on-nexus-devices.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f03c90ac26b39d36ff176e8696f36e8b7f19f5d82180c060bbae7a7f935eb9b9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11006
last-modified
Sun, 31 May 2020 22:51:38 GMT
server
cloudflare
etag
"2afe-5a6f9855bb280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylI1SlHLWd8P0s2imUtmcVweP0nXSguqhvx%2F3QLPIdtOAU1865PptFBF9c7AXvJ9ugnNpmPYS46I4j32uJH8RQyJxzY7TZuSul65B2xkD1dqzK907cQxEbMuPyu1XQuB%2Bjoy9eVloFr5wKreSOVrkwtkDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b08ef9a-NRT
how-to-disable-forced-encryption-on-the-nexus-6-for-faster-performance-14.jpg
a.whitefieldfarm.org/gadgets/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-disable-forced-encryption-on-the-nexus-6-for-faster-performance-14.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
226335a7ce31bdf9e5c6cb95ff3e06eab3c90ea531f2b255903bd5ca2a9d316b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34363
last-modified
Sun, 31 May 2020 22:51:46 GMT
server
cloudflare
etag
"863b-5a6f985d5c480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6ft4sfNkx4513vmrUF%2BqjRi9P6yd4g93oPDLaOuCbGmHlWbjkvKe6ZsE8ALxXKbJCpnUBajLmngZIHsWi%2B8ehBRrkj9yEHv%2FZsIgCTDqSbO2mL7Oj5RPbNDJZXkDPVUSvycwsaeYr0bh7uzxnyGA40hSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b09ef9a-NRT
how-to-download-songs-from-google-play-music-for-offline-use-in-any-app-on-your-nexus-5-19.jpg
a.whitefieldfarm.org/gadgets/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-download-songs-from-google-play-music-for-offline-use-in-any-app-on-your-nexus-5-19.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
829b2e5f9ad57db3bb1db1e6a42ac0c2794218a07ff86ccbcf619f8b1ef05455

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30528
last-modified
Sun, 31 May 2020 22:51:22 GMT
server
cloudflare
etag
"7740-5a6f984678e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cO2Si01xqkCg9fD%2FFRo01vUhTBBeF5XOZQ83cjlQ5blp7U9ItJNa3UL95oPaYRV2x%2FR%2Bo1L3ELEcw5fYoMZD6%2B6rh1vHxKbXbE%2FYHTDsGhslNxmugptattS3wvqdfn%2FLkChirr7I8V2ekY6mVop0%2BPZmOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b0bef9a-NRT
how-to-unlock-your-iphone-3g-on-jailbroken-firmware-3.0.png
a.whitefieldfarm.org/gadgets/ 		348 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-unlock-your-iphone-3g-on-jailbroken-firmware-3.0.png
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2854b751ba10a622ce27921434ccaeffee32a597d309f8f16aca6b0e0d6da1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
355894
last-modified
Sun, 31 May 2020 22:33:02 GMT
server
cloudflare
etag
"56e36-5a6f942d6e380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZRjnOmnP%2BJ8e8YfO8gycEJrYcROjxRr%2FF%2BxQozmE7SAoW1xeUWi1qOZFC4ReAWPLal7Q9Ib9%2F6YAQ2UBbBr7QdFhtT75SVVI3ofnJYWN9iJLWvaEMab9hf13gMqMMCbg4hhGzTvgR2wtOZFe1b%2FBKdz1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd49ccd80d8-NRT
how-to-unlock-your-iphone-3g-or-3gs-40-401-or-31.3.png
a.whitefieldfarm.org/gadgets/ 		348 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-unlock-your-iphone-3g-or-3gs-40-401-or-31.3.png
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2854b751ba10a622ce27921434ccaeffee32a597d309f8f16aca6b0e0d6da1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
355894
last-modified
Sun, 31 May 2020 22:33:02 GMT
server
cloudflare
etag
"56e36-5a6f942d6e380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRHlRdA1cqacEVDfNRxK%2BDSeDaGbmiGAcT4fSYVgpjEI8nqxB3j1sOFo1YohZnRChoAkxn%2B0AALYGWh5qZZySMyzVhaUZLcjTQbPWdZqetxseFllrTcNqa6ChL0FF4%2FqlajY8a7RCwnt9%2FxIV7qISwYA6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd49cd680d8-NRT
how-to-monitor-cpu-temperature-from-androids-status-bar-24.jpg
a.whitefieldfarm.org/gadgets/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-monitor-cpu-temperature-from-androids-status-bar-24.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188d840a3594c84d12b8f6a80503df9ac002b21a788c592edb47efc96f4b0ba6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51637
last-modified
Sun, 31 May 2020 22:41:48 GMT
server
cloudflare
etag
"c9b5-5a6f962310300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0pVvUI2W9gsmuWFBgKHD%2BnHy%2Bwr7iUAC3Hgt%2BDTiZBI85LmH6dH3FCvgSTrZTkM4s7z1cQa4m7%2BMSGYZguuF9d7Mz6lTicEZzmQyppefeLxnKlBRvqFOx%2F1yxrgaNn4fpLcgkWNuqIGeHjardvJABKWDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd49cd880d8-NRT
how-to-monitor-your-stress-levels-using-your-samsung-galaxy-s5-5.jpg
a.whitefieldfarm.org/gadgets/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-monitor-your-stress-levels-using-your-samsung-galaxy-s5-5.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ed523cd334723390c5ae344afe1701c26066af1cf53f6330aaf48fa17116fc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26042
last-modified
Sun, 31 May 2020 22:41:46 GMT
server
cloudflare
etag
"65ba-5a6f962127e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OEmbSL83XqG2j4d3HW%2B5IVvH1obxmr3ztnxsBva4592osWoX7BaAnT4REOM2BIrDHOk%2FKfLWj7HTOpXT2lNvj2%2Fohb5e%2BFxDYb346lEctfjNfWPbx55alJuzZBwoajksBs70g1s9AKxfXQxpc65lgeHoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd49cd480d8-NRT
how-to-choose-your-navigation-app-on-your-htc-evo-4g.jpg
a.whitefieldfarm.org/gadgets/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-choose-your-navigation-app-on-your-htc-evo-4g.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b7a6bf69cf0047df0397d67b434e5635d70917a729873c00363b20afb03840

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81749
last-modified
Sun, 31 May 2020 22:53:30 GMT
server
cloudflare
etag
"13f55-5a6f98c08ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g97Km5xf4tYcd08NKf9Fj%2Bwj08W%2BjfnGL%2FYFv8VWKQWtdyCav%2BsN7CT6vLvLZZtegBWsSrSedSJtnOEWrZfEhyd2ENivVkHLMg%2BZQqQpSBqH3WVNLW8molYd9VxipBqxAaBDOtEcMh1873p57CV6XYPFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd49cd080d8-NRT
one-tap-hassle-free-logins-automate-the-sign-in-process-for-your-favorite-websites-on-android-2.jpg
a.whitefieldfarm.org/gadgets/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/one-tap-hassle-free-logins-automate-the-sign-in-process-for-your-favorite-websites-on-android-2.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0812c789460cf23fcfe260b3e4cc5963609470cb344bb88a59cd6ac5b942f0d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32317
last-modified
Sun, 31 May 2020 22:25:38 GMT
server
cloudflare
etag
"7e3d-5a6f9285ffc80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e%2BnBpb2QaWv77rtSdw6ViGlbZXOZP0dVR3REHnkaOBaFQsHTXYT%2FoAKnLMvsjcAyVaN5Izz6KiNVnMhXwJr6W3qIHyoy0HV3Z9dLlCvd6c%2FT44Tn4c4dUm5gmHsOlUPAADTXSmcRCS0ed9AjsHnb10yEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd49cd380d8-NRT
SUnhQkRBVog
www.youtube.com/embed/ Frame BAEA 		62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/SUnhQkRBVog
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1eaa57f201fa75498264a3132e4911f3bb19d5ef22017628f880549fa1006756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 09 Aug 2022 23:34:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/0d77e7db/ Frame BAEA 		340 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d77e7db/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/SUnhQkRBVog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:52:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
114108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47818
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Aug 2023 15:52:54 GMT
www-embed-player.js
www.youtube.com/s/player/0d77e7db/www-embed-player.vflset/ Frame BAEA 		307 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d77e7db/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb1cc7bf6bf1540d98ab34cfadb0878017d9b13ecab4be1a25df6c039024367a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/SUnhQkRBVog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:52:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
114108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97217
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Aug 2023 15:52:54 GMT
base.js
www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/ Frame BAEA 		2 MB
568 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf64075ab8939b87a2c6f5f2adabc455bee251c249328dd3224becd5463f5118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/SUnhQkRBVog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:52:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
114108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581603
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Aug 2023 15:52:54 GMT
fetch-polyfill.js
www.youtube.com/s/player/0d77e7db/fetch-polyfill.vflset/ Frame BAEA 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d77e7db/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/SUnhQkRBVog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:52:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
114108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Aug 2023 15:52:54 GMT
how-to-save-your-ultraviolet-movies-before-they-shut-down-in-july-3.jpg
a.whitefieldfarm.org/gadgets/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-save-your-ultraviolet-movies-before-they-shut-down-in-july-3.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42bd1d17901bbde0ea942d512738e20ad6c140b62c08455d526530bf95959a7f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57518
last-modified
Sun, 31 May 2020 22:38:50 GMT
server
cloudflare
etag
"e0ae-5a6f95794f280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=333e0VvR%2Fvz%2B0WfK3mjbA6c8DMwazNmsVPmycfegPlCUUmrfAkaBekg3WsXk7wcLvdi9yjEYxq2Xy54BUnJDd0Riz2FLU%2F9lswcw%2FfzR3KGtZ1ezMeRR7qTzlnxY95VP78Zcr4ujZS%2BmlUBEsGSIhZQqVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b0cef9a-NRT
how-to-save-your-wet-cellphone.jpg
a.whitefieldfarm.org/gadgets/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-save-your-wet-cellphone.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc28da001eec47497c19930b0412d6819ef0edc8234c8530842d38320c9fb5e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45090
last-modified
Sun, 31 May 2020 22:38:50 GMT
server
cloudflare
etag
"b022-5a6f95794f280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qp5mjC69s9I3xrjFutwtkRL9RdBZhsenjbHp%2BOusdbQtdOBO%2BTvesPhpfhBe2y2jLdFUzXvdgetnP2UfI1xT94j4uzrq8FHCyDMx0vboCMz%2FryOIjV4yMxAyOXayrZHqy3%2BP2EFFqozKoK%2FWvTZnLp3wCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b0def9a-NRT
how-to-scan-food-drink-labels-in-myfitnesspal-when-cooking-at-home-for-more-accurate-nutrition-calorie-info
a.whitefieldfarm.org/gadgets/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/how-to-scan-food-drink-labels-in-myfitnesspal-when-cooking-at-home-for-more-accurate-nutrition-calorie-info
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
instagram-101-stop-users-from-replying-to-your-stories-2.jpg
a.whitefieldfarm.org/gadgets/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/instagram-101-stop-users-from-replying-to-your-stories-2.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc71a1e2c8079327dc1e8eac20270e940747a37c3dee7f94eef50c55da74262a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49680
last-modified
Sun, 31 May 2020 22:30:30 GMT
server
cloudflare
etag
"c210-5a6f939c78d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FoE%2F8PdsfqeshQtlEEM4JLA4cHLRej0PDR1BXShYfg1ilv30oXoIs%2Fwno2up8RgkTLPWCyv44XP58cOkYDep73I5Io5W6BtddDnqe1LenYrITe0Ij59q2SlygFNnHcBWKeb%2B2INBwlxP8yrRZa8O379qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b10ef9a-NRT
instagram-101-how-to-take-better-instagram-photos-using-hdr-4.jpg
a.whitefieldfarm.org/gadgets/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/instagram-101-how-to-take-better-instagram-photos-using-hdr-4.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7e0757a6250d89a527da1bf393cc8b60b15781363ac2a61b76eb46b1120736

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32262
last-modified
Sun, 31 May 2020 22:30:34 GMT
server
cloudflare
etag
"7e06-5a6f93a049680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rteYC8ipzifFUNTpYaGmTvdZ%2Brymk9vJ9R1jX3apERlex3%2BlfWFLfNvJZLlJXSPhgDzZrKlDCggriY%2BHBT0yVRpIuibCIQmwQsaeRs0qcQ498o8FbVZSIgl4WFxt60sppUPuocwAw4XQBv5AFKF4hd4D7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b12ef9a-NRT
instagram-101-take-your-hashtag-game-to-the-next-level-with-focalmark-6.jpg
a.whitefieldfarm.org/gadgets/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.whitefieldfarm.org/gadgets/instagram-101-take-your-hashtag-game-to-the-next-level-with-focalmark-6.jpg
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdd7a99ce4d1a9a3898fcf83f7e3427e0af1cb806874c46860cfaea59e6f44c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32213
last-modified
Sun, 31 May 2020 22:30:30 GMT
server
cloudflare
etag
"7dd5-5a6f939c78d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EPtMklRs7jj%2BpNAB3iHw0Uc3IdTTLmmrQlc0KLcQkZIAX8woV7klLYJBNI3HHaShMQKJjQnqxIvaV7VgjvLHfYnR3LPPW0i8dE4ZupITED2MrQPTHhXyVvooSNhFy7YwLnr0IAPIt6s6f3HEpxlipH6bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
73844dd76b13ef9a-NRT
rocket-loader.min.js
ja.whitefieldfarm.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Aug 2022 13:05:41 GMT
server
cloudflare
etag
W/"62ed15a5-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYlyGKBah9J9Vwg2ostxikj6iTsRby85sqZxnEqWEMqTotvbzyPznZjl4ZZTJSR%2FO2Id%2F79TJ383mofNj%2FenWrMbvMRsXuMvz3CnNmfZg5gEKdvZNVjd2YbO51R2MUOvuWUWMCPqtVP7hmH%2BsM02sO%2FIutM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73844dd5ba46ef9a-NRT
vary
Accept-Encoding
expires
Thu, 11 Aug 2022 23:34:42 GMT
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
smrcp_19121001.js
cdn.zx-adnet.com/adx/ 		145 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a368ba7810253a11eb30199fb05fe6c11a7ac87dbbcc5a546541807ac43f03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
etag
"0994f0b1ac5bc5d2669a183540dd0d6c6230ef8631759595efd9b52653e375eb-br"
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19693
x-served-by
cache-tyo11942-TYO
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1660088083.166491,VS0,VE235
date
Tue, 09 Aug 2022 23:34:43 GMT
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
x-cache-hits
0
/
us04.biz/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us04.biz/?te=gyztayrvgq5ha3ddf4zdsnzv
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.147 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-147.ah-server.com
Software
nginx /
Resource Hash
7de2578a55c9fe846430dcb85c8447a13a9a83a8bc038cf6d98e2b9b82f76cec
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 23:34:43 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
plugin.min.js
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 		305 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:9400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3fbf34db01d4d192292780a85bb0c4827a276c12873f0b51d9c9262e47ab39c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:26:23 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 11:27:48 GMT
server
AmazonS3
age
732
etag
W/"1189c5a8ecdf7c98ae5c3cd6f9e52fee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e5907f334714433599a0e1b9c57f44d6.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
NRT57-C1
x-amz-cf-id
TqDtGFf63ykNGVvII-91KjGq4_eYs2x733Wx8lTrnGOoehl38vzdWw==
invisible.js
ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame AD47 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1660075200
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3511de2ac9048582e02efa4e3e56f9a94fb56a3929ce3eaa1b27d168b471bf0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:42 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlY0yRNwJuZ%2FpIDc9FZkkKn%2BFVZUzmX9jTNmqa%2Bdc0tD1lmplL%2FhpsyN3CJEacX%2BWnm5R35eYQTWRHsAkhLijxXzBvuu%2FYIvXk4IeMZfQOGKQnZSPiC%2F0vb6Sv9b017WJvAFN4AXI3LcO8ecwaWm%2BSUUSuw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73844dd60a6def9a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/ Frame AD47 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb74f5caf9c4ac50eb9986ee2404b3da9211db0c413cbfa6afa8fc2a9fdcac0c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:42 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhY7d1yRUjiRlYQULJmfyqWrf2VI7ZhvmRCNv2j%2F6lKdTzRitiG5spGTGZeCcxek4kfDegBFNx9mxBbOxaz9IzjOMq%2BB1lr5z2ReEWN%2Fu%2BKReCvNGSfste22orBDqaJ0dJa%2BXUU1nihL6qS7KPGQ5bhoRH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73844dd62a80ef9a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
id
googleads.g.doubleclick.net/pagead/ Frame BAEA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H3
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9308eccc38bfbf2759108949db83c324faa3fe950a326d35e8c370ea3526a50a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 23:34:43 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BAEA 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:21:47 GMT
x-content-type-options
nosniff
age
776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Aug 2022 23:36:47 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 09 Aug 2022 23:34:43 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BAEA 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0886d4322f9b57aec629193b4cd8bb02b119b46eef5511cbd46647aebaba67a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30392
x-xss-protection
0
remote.js
www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/ Frame BAEA 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f114bc4dfd57ad127b1dadf2dab0b78b89d3765838331b4bad496ca3e3b210b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/SUnhQkRBVog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:55:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
113931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37739
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Aug 2023 15:55:52 GMT
bDqMOAlYpjmYbIiLnae4jddcBk4qDu3ZeSCMxpVmMDM.js
www.google.com/js/th/ Frame BAEA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/bDqMOAlYpjmYbIiLnae4jddcBk4qDu3ZeSCMxpVmMDM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3a8c380958a639986c888b9da7b88dd75c064e2a0eedd979208cc695663033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
577947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13979
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 07:02:16 GMT
embed.js
www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/ Frame BAEA 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5114ae1a6562fda7a6b289340ecb82f6b4ab9eff14d611da81447eabdcdd71b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/SUnhQkRBVog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:52:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
114109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8105
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Aug 2023 15:52:54 GMT
truncated
/ Frame BAEA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu88zdw-xpn70iGaM1YNGAlt-bI9q6BEFZclij_BQw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BAEA 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu88zdw-xpn70iGaM1YNGAlt-bI9q6BEFZclij_BQw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
792600e8c19fd464fe8161b23dca30303f9e8e17e1ad836ea13e71ae15ab104c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 21:45:29 GMT
x-content-type-options
nosniff
age
6554
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3378
x-xss-protection
0
server
fife
etag
"v129"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 Jul 2022 09:02:53 GMT
sddefault.webp
i.ytimg.com/vi_webp/SUnhQkRBVog/ Frame BAEA 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/SUnhQkRBVog/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2016 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bf3b2278eaa2e0b262e65c6ecd7beb98f3c80b21b9950f43686b19d9687388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16788
x-xss-protection
0
server
sffe
etag
"1444707567"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 10 Aug 2022 01:34:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAEA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 23:26:39 GMT
x-content-type-options
nosniff
age
173284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 23:26:39 GMT
generate_204
www.youtube.com/ Frame BAEA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?VyG4ag
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/SUnhQkRBVog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/embed/SUnhQkRBVog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
73844dce8e1580d8
ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/cv/result/ Frame AD47 		2 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/cv/result/73844dce8e1580d8
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1660075200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEz82pIUQLBYd6RFwuDOfPiWUWoltaoqZggc3fkrDNisiVuPCrgbw3ymTyDnewjlvYRRiTtYx44aYOF4OgYq3SMfdJPyf3smry1pjlI6KwkywfK0HY9Kh%2BY5HGLcTgJxfaAT28%2FJQQepX4r4SSMrzQ1RrkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
73844dd8cbaeef9a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BAEA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 23:34:43 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BAEA 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0caa7b1fcf47eedfbbc4a51ef8fe913caf1d2bf7eaae6d5ede18bbe1db5e7619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 09 Aug 2022 23:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 09 Aug 2022 23:34:43 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/104/ Frame BAEA 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/104/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15107
x-xss-protection
0
last-modified
Mon, 30 May 2022 15:03:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 10 Aug 2022 12:36:18 GMT
1duwt.min.js
www.bigmp3db.com/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
br
server
nginx
duration
851015
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=300
access-control-allow-headers
*
expires
Wed, 10-Aug-2022 02:39:45 EEST
tag.js
mc.yandex.ru/metrika/ 		205 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6dff4a68f0a11c3ef2f5286a72889a7a8a910fc0d13c5328416f6c0ccc14cae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
br
last-modified
Tue, 09 Aug 2022 11:59:17 GMT
etag
"62f221e5-1196e"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
72046
expires
Wed, 10 Aug 2022 00:34:45 GMT
invisible.js
ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame AD47 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1660075200
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c14ecd34f986d1c49072a4d32ed46c88a94df128cb415a66a827c034bd7210

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCTVBjgRd237XTIAVqfOCnBBZ%2BK5ySLIpe9Hn79LOfEaxc8vPkIe9MkNFKWTyCEALOan%2FGCK5AX29IKbmiPL4L7fvlgSORrQvsy6EPnebe9%2F0z0TOF9tjvqQZNmw6jpSxOgxfJfAK8Z7Vxr%2BmDydLvU0hJs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73844dde7db6ef9a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.5033403655630149
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduiwUucLVBES00f4sdtkKlesG5hYjeqqRfqD717Jg2AKhK52cr9MKTuQ07aHe_Gfqcze1dd4eV1wVTylEGImjM3q_jmK-aY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
abs.js
cdn.zx-adnet.com/adx/ 		220 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/abs.js?0.5206548556054138
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
etag
"5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
107
x-served-by
cache-tyo11966-TYO
last-modified
Wed, 27 Apr 2022 20:26:02 GMT
x-timer
S1660088084.281996,VS0,VE68
date
Tue, 09 Aug 2022 23:34:44 GMT
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
x-cache-hits
0
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.6725132501183748
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtbaXsv1cK5Da_8DbX-QPmFW_qj6x3tp2D5NASMHY8WV7Tp2zQWMc2ohZV22Pfk4ZDxz0u2Q_7EYfo_jlCYZqi3CGvxJRJz
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.5550476480666353
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds5rBiUrWIFmamdKO_Qif9qi69FUqVLnCkfLKLVKEYI-tY7dOWTpsAOK0p-WHpYPF-RHHbtm2WwQTh4poHT51IXnKyOJQlQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.6046381206879754
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduAdFlsqi5H9FI4kwzSmMiJKNMPUCUdq2oF-j9J7A-41gJjvlLtY3GZ7ZL4pbJWgIHUZfIaXC_rr08fFRgKxHOC2lEOijOU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.7511347647795319
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduxRLhgRpSoaAmJAO_StQHXpdRPBeTh1xX7jmMHO3ZKqLnSzVtIxkdQahtLriIcg7_-VTI6oS7X8Yg4OFwahg3QhxBcREjV
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.11537568015790467
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv3iljHW_Ry7fOmUARV-BhIGs9gdlqFXoxwAfVH90HsZHE9SGmivKpY6f0mwEH8L2u_xxrbXiPikD8_5Ypqeb5AYms3MQ9w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.7049169179183952
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsk4XY9X3XfZR1iAu5FA9Dt2ZUujq_aNy3KVavxSd4nML0OJ1N2cW_H8GImsJFSq3uYyUARifch86-kl4pf3BGvKO1HUNz3
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.31977472027867626
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds8_53Y56AQmGPWql8Hk2L677Fy2Mq5Lant2UBnydq2ezjZmFnLceBK4vwwSG1ryLVAsHfylWGEdKss4woHj06vMZeGmtry
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.22035665177071873
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvvmbpOjtiF8NEluwjLNbjShDGSo1GOSQzYIknMwqqEkxoOEA-ZSle2EZFYHdu5J34mHYgKsNcpuc_Vd6fTXjM5LS6qQl-2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.42346359067733963
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtnlGQ8ZSb8Wok3hfqSdDM1TVvOLc0tQIFeSd1e0NxJzNo0yxZlT8pAJr1vFYfiNZiqAsa2IwXHGeNDnkKZ7O5dKBbhBtBI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Tue, 24 May 2022 13:22:38 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1653398558715037
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Aug 2023 23:34:44 GMT
pica.js
ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/ Frame AD47 		25 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f470c7c4d2e7cbf4422a2a040d3213698b9dfcc795195cc92c977e011b31d822

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hubjsCKTf71mO1yrmZngWMd8m6UAvR99YH3tWCKUQWuGgIEVpCdN3LAi%2FM%2BEUShI2KLrvQCg98KdYck5ABvgKza9aCHkRPxLPk09AFXuBg0fq94YEUMZPbm0VACiJfRk7kzBvhnesSB7Z3alP6X5l9qvZ14%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
73844ddecdd1ef9a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checkabuse
cdn.zx-adnet.com/ 		56 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.5206548556054138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
65
x-served-by
cache-tyo11966-TYO
server
Google Frontend
x-timer
S1660088084.353405,VS0,VE323
date
Tue, 09 Aug 2022 23:34:44 GMT
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
7e221c4489129290ac9c0c60bc8561f3
cache-control
max-age=3600,public
function-execution-id
5jyqn8xo2uix
accept-ranges
bytes
x-orig-accept-language
jp-JP,jp;q=0.9
x-country-code
JP
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
sffe /
Resource Hash
f9397b38c72e2c54a33f4e858db39b4b996ece980640c25e9fdc74683f45f1fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28587
x-xss-protection
0
server
sffe
etag
"1299 / 971 of 1000 / last-modified: 1660082848"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Aug 2022 23:34:44 GMT
prebid6.13.0.js
get.optad360.io/sf/ 		527 KB
528 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid6.13.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c5:9400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 13:45:42 GMT
via
1.1 e5907f334714433599a0e1b9c57f44d6.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 11:37:42 GMT
server
AmazonS3
age
10489743
etag
"9880469287264dec1b2db80d6f0c4c98"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
NRT57-C1
accept-ranges
bytes
content-length
539768
x-amz-cf-id
AjH0sLhng0fpvY6lSGNj-4pa5BV9Wvzdk77MFjaTawTBiddt9ZtCsQ==
73844dce8e1580d8
ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/cv/result/ Frame AD47 		2 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/cv/result/73844dce8e1580d8
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1660075200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:333f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfJ%2FPHkDdlUgIAThufNPhD%2B88fM3TmITUSeVmfFRu8RLbnPA%2B1iVeOqJlW1glFcmaEv%2BmsdZfmH5IlxRvp6tpdcsucAO%2B7kLItlsxl5SKUIzciCqOtZmJ%2Bx32Sek56Xg0oljjOM%2FnxI%2F9dJjST%2B6lK8GWAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
73844de06e91ef9a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ja.whitefieldfarm.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ja.whitefieldfarm.org
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 09 Aug 2022 23:34:45 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ja.whitefieldfarm.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ja.whitefieldfarm.org
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 09 Aug 2022 23:34:45 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220809
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7fba521251654385f089e43a68263f57f89321da25dbd457e2595e8727e9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30829
x-jsd-version
1.0.1426
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19125-FRA, cache-cdg20758-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"667-l9ZtSTQ2X4oW5S0qDhy6+Xdvb/0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbtC%2B6EkFJV0k73oB8rRPVSHerPCu9Td5gbrHxNaq%2F8rULbHeN6Cv%2BQIitBmXhVFVoGcYJeS24FwszCRpNUaR%2F51%2BfsyYlCZuodZ5E36L7ZK1XyZCJh1m%2FZoeTQW5BXycISENlb88d8CtHX%2F1pA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73844de09b6c8a48-NRT
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
124488
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIN18y0drVXylfKSmk4t4Qcfxc4ZLXiqPbNb9xWeaO%2F7YKToC7GLrz3JuBQnDNLtoMjYe70nlwi7Usra2n35Fl9IY1MIfEjTSFJr4vBmbmqjHDMM5rp70NMBi12elbC5gdNnLoUtMYfNIxYj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
73844de0adb20aa4-NRT
translator
hbopenbid.pubmatic.com/ 		0
0
c
prebid.a-mo.net/a/ 		361 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
0c57542efbe53ddc6bf50cb98930f5087c7a7c9684a331ad030828844a2e87ab

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
content-length
232
prebid-request
onetag-sys.com/ 		15 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
date
Tue, 09 Aug 2022 23:34:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
apacdex
useast.quantumdex.io/auction/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ja.whitefieldfarm.org
x-reason
[Inventory] site.domain not match RootDomain, whitefieldfarm.org != strephonsays.com
access-control-allow-credentials
true
cf-ray
73844de0c9bcaf46-NRT
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		50 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:44 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1023093c-d206-498f-8892-59296e0d6ced
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.whitefieldfarm.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:c411:12::1140 Amsterdam, Netherlands, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
828a03e1705c50fc7081016098437e3fb06fef300157377997a4527fd24e0c14
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:44 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2deb6cfc-f9cb-4215-aff2-ab949ca4704c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.whitefieldfarm.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
0
v2
i.connectad.io/api/ 		0
0
openrtb
adx.adform.net/adx/ 		0
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:c411:12::1140 Amsterdam, Netherlands, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
/
ssp.wp.pl/bidder/ 		0
0
c
prebid.a-mo.net/a/ 		361 B
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
99f510abb98f7a89a8049de01a947b1cf31af3a333c2a33f4e79d09674668d60

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
content-length
232
apacdex
useast.quantumdex.io/auction/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ja.whitefieldfarm.org
x-reason
[Inventory] site.domain not match RootDomain, whitefieldfarm.org != strephonsays.com
access-control-allow-credentials
true
cf-ray
73844de0d9c5af46-NRT
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
0
openrtb
adx.adform.net/adx/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
date
Tue, 09 Aug 2022 23:34:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v2
i.connectad.io/api/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2caa6410957655179d0b3e7f1dcaa9ea3dd7ce6830709ac9b665d73f48502f1c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:44 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
41415ef4-100d-4ea8-8904-81a2d63febbd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.whitefieldfarm.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		50 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:44 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
af9c17e5-564d-418d-833c-04fe746f9460
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.whitefieldfarm.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gw_251221.js
site2text-2021.web.app/ 		0
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://site2text-2021.web.app/gw_251221.js?0.23256675955246475
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.5033403655630149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
x-served-by
cache-tyo11956-TYO
server
Google Frontend
x-timer
S1660088085.689973,VS0,VE418
date
Tue, 09 Aug 2022 23:34:45 GMT
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
04da57c731914ecd44ec998adfae91ef
cache-control
private
function-execution-id
bwkeh9x2o18q
accept-ranges
bytes
x-orig-accept-language
jp-JP,jp;q=0.9
x-country-code
JP
x-cache-hits
0
pubads_impl_2022080401.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
sffe /
Resource Hash
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:13:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132985
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Aug 2023 13:13:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		84 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.whitefieldfarm.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
cafe /
Resource Hash
07552d8fb81138474030765c88d7c03a48ae92c218888945ecce2ea83082dce1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79
x-xss-protection
0
expires
Tue, 09 Aug 2022 23:34:44 GMT
__ZXCONSENT.ZxGetConsent
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		198 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a68a21ab231a757d22cb335367ea6a285b9394d3dbb2e8d111c550941287e14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
73844de15e991f23-NRT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1168818
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txce675e255a9549b992d62-0062e11961
x-amz-id-2
txce675e255a9549b992d62-0062e11961
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA4ucRdQ%2FNTUtKeR4AGpKk8ydpBrr%2FIOZUZ3GLnGVkYeagG1eUsfergaXIA%2FJuw1eqp%2B1813g6%2Fh%2BTmy6S90dwpsyG3582Nos4%2BR5Ty%2BxPYJssWI0tIs5HWjkwVmcScGbupJST%2FesTDDbZQf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
73844de15e51afd9-NRT
access-control-allow-headers
Authorization
integrator.js
adservice.google.co.jp/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=ja.whitefieldfarm.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ja.whitefieldfarm.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		142 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171723145784790&correlator=530972868372208&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3835630819&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1660088084778&lmt=1660088084&dlt=1660088082366&idt=2381&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=618752991.1660088085&ga_sid=1660088085&ga_hid=712032232&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
cafe /
Resource Hash
5e45828a27d213880a1d4354e525ec48552dafd2612d9470ea1ed3e56b90edcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42519
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84b013cf00dd4007f0d89c21d34795676a73aeb794872fc1e7de9057ed051357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11183
x-xss-protection
0
container.html
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B1C7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:44 GMT
expires
Wed, 09 Aug 2023 23:34:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022080401.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
sffe /
Resource Hash
897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 10:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13600
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 04 Aug 2023 10:40:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 23:34:45 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ja.whitefieldfarm.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ja.whitefieldfarm.org
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 09 Aug 2022 23:34:45 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
apacdex
useast.quantumdex.io/auction/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ja.whitefieldfarm.org
x-reason
[Inventory] site.domain not match RootDomain, whitefieldfarm.org != strephonsays.com
access-control-allow-credentials
true
cf-ray
73844de29c2caf46-NRT
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
587176122e108ed332c0859d4cb01ea2e175333084e4d94cd60574eb546a2438
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:44 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
464280ab-2ec7-4872-aa4f-6cd4567a0583
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.whitefieldfarm.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
0
openrtb
adx.adform.net/adx/ 		0
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:c411:12::1140 Amsterdam, Netherlands, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
v2
i.connectad.io/api/ 		0
0
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://ja.whitefieldfarm.org
access-control-allow-credentials
true
uber-trace-id
0000000000000000174d0357e4df0598:7082b9541e23cd2e:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
date
Tue, 09 Aug 2022 23:34:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		50 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:44 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ee56196-9bbb-445e-bc6c-ab4b804b9432
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.whitefieldfarm.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		459 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b0e901ace1d77240a604c68770b316a0df3843d1663c9f19db2cba3848a541e9

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:44 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
content-length
276
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E5C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
72411
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 03:27:54 GMT
expires
Wed, 09 Aug 2023 03:27:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 77FB 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf3066ae0f310d92ab03e8e82bed2b83c3638ce29164b608ded07ba2ab0e50b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mllOrlKBBnwnoHAYxFfOXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-mllOrlKBBnwnoHAYxFfOXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:45 GMT
expires
Tue, 09 Aug 2022 23:34:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 8E5C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
342894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Aug 2023 00:19:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 77FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080401&jk=1171723145784790&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
container.html
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4484 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:44 GMT
expires
Wed, 09 Aug 2023 23:34:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 4484 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 22:17:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 23:34:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 23:34:45 GMT
css
fonts.googleapis.com/ Frame 1361 		870 B
693 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%AD%E3%81%84%E3%81%9F%E7%90%86%E8%BF%94%E3%81%98%E3%81%AA%E6%98%8E%E6%94%AF%E9%81%85%E6%89%95%E6%B3%95%E5%8F%A3%E9%96%89%E9%96%8B%E6%9C%88%E3%81%8F%E3%81%82%E8%A7%A3%E9%A1%8D%E3%80%85%E3%81%A6%EF%BC%81%E6%B8%88%E3%81%B8%E5%88%A4%E3%82%8B%E3%82%82%E3%81%97%E3%83%81%E3%83%9C%E3%81%A7%E6%AE%8B%EF%BC%9F%E3%83%83%E8%BF%91%E6%9C%80%E6%B8%9B%E3%81%BE%E5%85%A5%E6%B1%BA%E3%82%89%E3%83%AA%E3%81%AE%E6%96%B9%E3%81%8C%E7%94%B1
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f83a88370d4fe5f8c47a0539f290974eb281e04f276547cb85a9ccd6233ada3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 23:34:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 23:34:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 23:34:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1361 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:30:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:30:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 1361 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:27:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1361 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:28:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1361 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 23:34:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1361 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
848
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:20:37 GMT
l
www.google.com/ads/measurement/ Frame 1361 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7JpbRnN9M1C-B9Mx9ocSoi4ZtuRKUp4te6wUN42bV9_Vuc1f5uvFKX78ojeuKukHNYrcbONBXhWAYlslER7eFoK9UOQ
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 1361 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 22:21:11 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 4484 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8392
x-xss-protection
0
server
cafe
etag
14983445617412810031
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:29:23 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4484 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:48:00 GMT
x-content-type-options
nosniff
age
485205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Aug 2023 08:48:00 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4484 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 22:45:22 GMT
x-content-type-options
nosniff
age
89363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 08 Aug 2023 22:45:22 GMT
generate_204
tpc.googlesyndication.com/ Frame 8E5C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?05FrqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 78A1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
2180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 22:58:25 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
1duwt.json
www.bigmp3db.com/ 		59 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
3d3809c8283414db2495ab27c57e426b68a10d644301c28bf72e8d56ac63246a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1duwt.json
www.bigmp3db.com/ 		2 KB
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
3ae7bc88db0b662061872c8664f3897ee41aa272671cf181cbb7176ea226d0cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
si
googleads.g.doubleclick.net/pagead/drt/ Frame 78A1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:45 GMT
expires
Tue, 09 Aug 2022 23:34:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame A5DA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:18:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
4562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 22:18:43 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BAEA 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d77e7db/player_ias.vflset/ja_JP/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/SUnhQkRBVog
X-YouTube-Client-Version
1.20220807.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgszbHdxUm1EaDRVcyiS3suXBg%3D%3D
X-YouTube-Ad-Signals
dt=1660088082958&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C780%2C400&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
notify
ssp.wp.pl/bidder/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/notify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ja.whitefieldfarm.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://ja.whitefieldfarm.org
access-control-max-age
86400
date
Tue, 09 Aug 2022 23:34:46 GMT
server
nginx
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
notify
ssp.wp.pl/bidder/ 		0
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/notify
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
date
Tue, 09 Aug 2022 23:34:46 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
integrator.js
adservice.google.co.jp/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=ja.whitefieldfarm.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ja.whitefieldfarm.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171723145784790&correlator=530972868372208&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_adi_W2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=2&adks=2889783081&sfv=1-0-38&fsapi=false&cust_params=pubcid%3D58d5c8a0-7289-4169-aa65-d8b196e5a282&sc=1&cookie=ID%3Df3a2972feeff101b-22302c1e88d5009f%3AT%3D1660088084%3AS%3DALNI_MZbmee8ElzUJbasQmun38c9Qwbj1A&gpic=UID%3D0000087352744e7e%3AT%3D1660088084%3ART%3D1660088084%3AS%3DALNI_MYcY4mAId3oJpXhrQWWXdzKy5hXDw&abxe=1&dt=1660088085646&lmt=1660088085&dlt=1660088082366&idt=2381&adxs=1063&adys=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&frm=20&vis=1&psz=0x-1&msz=300x-1&fws=644&ohw=1600&ga_vid=618752991.1660088085&ga_sid=1660088085&ga_hid=712032232&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
cafe /
Resource Hash
123678bed00b3bea807b35775fb79dea8046b878161eb7bb32acad82f69247eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9817
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
notify
ssp.wp.pl/bidder/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/notify
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ja.whitefieldfarm.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://ja.whitefieldfarm.org
access-control-max-age
86400
date
Tue, 09 Aug 2022 23:34:46 GMT
server
nginx
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
notify
ssp.wp.pl/bidder/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/notify
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ja.whitefieldfarm.org
date
Tue, 09 Aug 2022 23:34:46 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171723145784790&correlator=530972868372208&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=3&adks=940344607&sfv=1-0-38&fsapi=false&cust_params=pubcid%3D58d5c8a0-7289-4169-aa65-d8b196e5a282&sc=1&cookie=ID%3Df3a2972feeff101b-22302c1e88d5009f%3AT%3D1660088084%3AS%3DALNI_MZbmee8ElzUJbasQmun38c9Qwbj1A&gpic=UID%3D0000087352744e7e%3AT%3D1660088084%3ART%3D1660088084%3AS%3DALNI_MYcY4mAId3oJpXhrQWWXdzKy5hXDw&abxe=1&dt=1660088085654&lmt=1660088085&dlt=1660088082366&idt=2381&adxs=450&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=644&ohw=1600&ga_vid=618752991.1660088085&ga_sid=1660088085&ga_hid=712032232&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
cafe /
Resource Hash
6368a42091cb825220321f88778298ffbb6d3b400cba1964bedf03c0ec9185e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12473
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.jp/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=ja.whitefieldfarm.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ja.whitefieldfarm.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171723145784790&correlator=530972868372208&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_2nd_group_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=4&adks=2851840497&sfv=1-0-38&fsapi=false&cust_params=pubcid%3D58d5c8a0-7289-4169-aa65-d8b196e5a282&sc=1&cookie=ID%3Df3a2972feeff101b-22302c1e88d5009f%3AT%3D1660088084%3AS%3DALNI_MZbmee8ElzUJbasQmun38c9Qwbj1A&gpic=UID%3D0000087352744e7e%3AT%3D1660088084%3ART%3D1660088084%3AS%3DALNI_MYcY4mAId3oJpXhrQWWXdzKy5hXDw&abxe=1&dt=1660088085911&lmt=1660088085&dlt=1660088082366&idt=2381&adxs=450&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=644&ohw=1600&ga_vid=618752991.1660088085&ga_sid=1660088085&ga_hid=712032232&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f2.1e100.net
Software
cafe /
Resource Hash
f84c26ffa26fbe5aa31a3d727273d18cbb8e8516c992e422777bb45d87376ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11498
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080401&jk=1171723145784790&bg=!WVqlWh7NAAZGjrx1Zo47ACkAdvg8Wt61Rpm3ltg_kCCb0bwGJKuwhcSLUPoQDLeObFJIzvkEAf9rCwIAAAB0UgAAAAVoAQcKAFOOyjsvDolDZRTQt36wB_5drpOcOFULo7Lja5wwEnmmyE-3iV1FVcPEe9qPl65FUcV-nHbVNCNzlkcDLAP9tuivfnmrgGb-A0PCjqQk1FEGtR2rRpkC0SraKnLI-WqzVvLRiDX_lgB5j80nweA3EN3S33tQGNqblt8yP5A3jyjwndoQ_OsyJgSYbaZ6e_WU6Ev46yAx8tl5vxCbKHSYkD_ar4YQ7gF4Dj01HeHga3tggwF5GjbUL8IBNyW6AHNwwBh33lvm6bNBU7nakAmro-8f4FY6k1HobTvrlRmwe67irIL2de_uGSHQO4zzB1QLN4I2fJX2tmxdUvGy4qpiqWXSN0ez9JDS-TpU4dPR9nlr-pccUjT_Of0t9ZFSoWFVLQBZpd4NwXAlhe-yL0eZHi83xOuOejaZreDuEcdLBiMV4snFcIQNBI5y19bd82dac_Jon-2D2E6Hrz4t3tTkPgq0H3zW7f7PSV-ijh7XDdN0CImSc-KHPyk-bOBbRnOn0FyR9ZJ9FalaLHN8F15d7i-Ux7Pb5oSpV9Y2PYqOm0nL1cYm1g5rsSu-nQj5gxdTScNpn8V72YFM9eedaan3BWHC9RpgR6cl-LIk7R_xlqypX3XtfPMwPCUi0tVeislp1ID3Far44g_QH2zUSjT-_vqgOHzR3nqrJFYxc35wTyO8SGfISBQQQM-I-TtNX5LiwxBaou_5FErSfd2Sd6m3bnZACuqklKdnRGrdSGoyHuRKCIraYekYvr4z45ACTZlyom18kd9QMkNgbIXcWYwQ9ssjK64nlk47BzxwWOHJLiFfrFTYiMVeZXZ6i3k1jUv0baDxka729oJQLp1lwpL0rENa_aP5pikEvSZ-z-zgwO3XU0DkZSyIKG58MTn2PqxPzSqXxrDwYUpPy-l677E2cmX-GPLOGlZn4s_V16Dr1UmVMvjCUeS-PxvuhrfM05hRlug304LSOhsLYCOK5WzXmRtXlXCoN823puw904HLpD6Iu2K2jp_-C0d9IZ2hfhmjY6clz5AX9v0vX2Ufhe3ewLj8nnCISIGMnvDs1gBq6S0jECIeUzi-cok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
container.html
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:44 GMT
expires
Wed, 09 Aug 2023 23:34:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1CD8 		448 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYvaS1ywEwAQ&v=APEucNU8PjFzn-uJM2kTeCwhyhtMBq0BFrhLMJO-UoVdL3QViWXZMqATuNOkTzaHI-iTPQn_fi17dKL4ZQ2atOtOJp5kPj4T8g
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
248
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 63FC 		63 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8wQwB6h1EtofhDL-eeT-42wWr5Aq_S33MqT2lfbtWMdNxKx7IoDn5V4vTFTq29OkP16Npxa2FkSgKMtnxbiH6qCUMXw&cry=1&dbm_d=AKAmf-AEuAC9oHs8YyzL6kKqwSGQy1y6CgUA4CNco8LGgsM-KImFSyJm5XOign4AdhU6zZ3Urc6UWqVbY6Gbo4vibJ6BHLkZERN0A36kZIvCzWLRXr--3pMDAZSexW63lJ0I7r1fvufJEUdiOr51HkGtEjhIT4xo6RHJO5BHbYUGxnWHFBzBGe6oQIO7Iur5buakQySl2zRpzoB77N2xjjV7fvu85VpGUgSzZlARmllqyS6Hc9OjkJneOThtnNzj2cHxe_Ds75da1CqfMKsfNdkvK14J5M-44Gz8QaXpP9j8434ShCdlHhF5X3NTTCicFnLJA0zyDb_qGotwnRZKhoXx_HpXnB30yf2VRTl3_kRJjYfpfE64xi_iXn_ZIRdnH9wdgG0v8WRzlHeXr6OBBkAo4EnYZ7Nhx0QvpvQm5dgaL5ZiVn5Re1Jz50eay4Wwd6CC7dBrulg9to-yZdIY3-6ryp3tJXfyONSrBsvFQ2nUgd-r-7IQVfjN1cRQTbYVM8AjGVcXK865EjWBKU5ZWXsS1r5syd0KrrkTTuUTCa3q61seO8QGO_MMTeAJD5dAlwI7yBRQRBhgZ8qr52bEZ_NE6SRpG7EGIx5HUE9Xu1CBO5YfYROGF7cwWM0xrbvJztv26JGgILMvYMF1JzqWEbkkSUzlszstSjohVdf4VhOGPK9HbxEyHUsKEnNOYLUY6EukS77UaL8xrg7p5w2ITsxNK6iXYYIMqwhoHNkV962lgqtSJ-UBEeGGELqRR2rlQSqjgizrUwB0PIxejfRZkmGjOrhLpAlK7ovhLbKI2Qu1NVOFM_QbvttkE0iukawlsIh4sCBRWOwZfradYlyoccLyEDsqfxdj8_3tk_HqddjlGqncTLsFodqVokGj6ifVq7PQdFiXnV7HRFWY90-_Nnew_Yv3BQlz21N92NAsLK4YNlJAD-Qzg3ONkQ7cERYW_bOp5toN69c7Ru5O11do9grFThvH7o4ToC6KmhJrSrfTBZTfL1SxfebrIZqnV6J1i6WS5XY7AJFpRbtUv5MXBrLO4vWqubDNfy5Z8qfQi3KaE01rWLf_hlI1YWx6bAmaStMo4epR7l5r1FqjYQuBrr15HvslPLh0R71kx92bBtEtbLZJf1vkWHm0tyfNwfnyoFnKIoUScbRIv5HOWbXIvQ7WlpADFTTvzU9-bgvD0jpllho_EXpVsPOXGs4ZTsfyNbmtb1DYurbRKga0Ony_OFk-g1aOEoDWvGnRMDjOf47__VgyA7VPMf8TQeS9bm043U9C5xoVeNYqkWAFNN_kcfgvW8yEiv9ExSLYrOeHkvam_EIhG6HTH9ZhfEFJP5aIdvSKuDycxHipMZnmio6W6VLKwwwQVPfQ0F4xRV1ZrPpGhWM6LTBCnrtpJ10fvd76UI43I6his0FXEySmh3WaHa9GEHoi9zQ2ATRKm9G1NAUmiiuVkI5n4sv7uXNn5RY_dADmtQedslYqDlYi4VXIyEWUbzmBi4P39iIqLEMLXNeIUXw9B8lyTiAu9-MpbJaICdW_3NfpKCVLil5923qTgvoDXqZG1J8ledAvROhe4enbgWTWt8FHihTXWtsg8fvkUwmbyzxGkhRwEDuLsz7--20fBdWf-o5Qfx574uv_TwTD_N7QrOb7BuSnsDDL43q-pzT1dwfIOiZD42dmt6LoJiyLoPuJZQmYa6RHksfYyveyGVeA9M-SoTEX9LRFwfNwMES_JGHzYRDPm3yiJvwlrYN41jGgzAIWlSulsIUqZO6IHSZDO1HYVj4ztLc0h8UrvchRFIAGzplTOzrPFfZbL89rop-WFLTO6XfFLB1QpIskSDeo23DkWFlHmOe9Lr_R7YoZ6vmd0ysRArW12hqrf4TNFHSIYFlJTyqdyXuMttf9zFraMBPIjZbf4JDZvwiMSoSAw83OL704VbX-ce1Pt5qFKfRalDZ81rOLyz80pd57siIHMrzASpHBGt9JXzFSgiVXgMaxX8LGkXzDBgLxA6YjKpW0z7V3ufwcsvX2ooz_ugnGCwnoDunLnJytKCxGOk356wsxn7uakQa-Ky8CdeMO-eTjdsKdSV6s9tI9GE0Q75rbgn2WkqVSOAiSMFa-CE6WsaTqFdECOVIEXh6qaau1K-N0IqJn8vSePhCikAlfnU8s5MdabjYVdoeYzTof8HI2aabLzNsW1Dd-NmMid5IHDCBnMv5XWNYTDebGcfBOqc0AbmHvFwtMcu6LWAvUDB7lGHjE88mW6LzwogaNP23U9wp0hfDPiuv4961L2cnmBvEnFCYoKE3yo_RxUBJubtocrgFqDdZOZkGnVmf9kTjzMX2qwcFF223Waf21yqQIk0l6_UIC4PY6LPJBTXz7iS3c-DJWCJpe6CgE6-yDMPQlXJpR7Jt-j7p095VhIcD54U_e9mTvaM6-8OOU0um2CuwVKPreeWZmEQyNZaVf59dih52mPx2P4XUzh1rlJ-PLr27LBFXWkwMPLF04SCeHCTJeIY99Fob6QvnwmSESeZFUIAMLgLilw7p71v8PTWVrmXK0Udfod6W6T83-JW60trbiFSIkGnR3KJp0kwOyT-7YSWfKGNcqu7hqjD3CKU3OVNoGT63bqa8wC7djcME_m91b4nsnhEg2WnUh2xywRTdFnYZrfC6BLTG-O2VXtghR2nN2uaE6EIt_WJpU0hykgyIIMw1AA8VFh_ivQ_vQD-ZbnXzDABGwS7RK6KijcAN0jJxBezLJy2oAqO4xynQ0hi0L67ncwjLpBySUkp-t5r8IFGiBUiN2QDeB-eN4m6dmMfETqGR79dmuQkCvGBXounXnX6LEKmLj8xfuBHqO4gRtYq2MqAQ2Dwl0Vxj84rPUd4gtp7mOuAtORoM3TNvOwBzSalPHmA3xp5pPl-buG-p_R7zaYf65banoRuNFsyDhdI9xpkWGHorcy3EIvorxs9bqgNPXrpSA1penQtclCQ3WMHuOjh6S5LOM9YrMw0czA1iAuEtUlIMdD_K58tKEWPRAqQiFJr7GmaxRY97YwrdTCFmA1T-hjkulvq3_WmGzhWgzdi6t3af87X-Po0oaC-a11miPCvikLGnDcHvdX5nQtOf9GWYIpYtXrzZ9gR8u0IQvi3mEMBl327V1K88KscMhhjmDWLHiwQotURF7gmh_PJp0qIzgIEpEzqt5WNoHlOpkTlnBv3aw7apmIE8qlyDJ002sBFGp01JcjXry9HecQrojvaiwqZCcCsoohqZUO372SB2P7x7EgHeo4q2-AWsdOpN_moS0HiZSHvdYX0oyWbZ8SIPsUPU6fhe3o5QuVrP6UEZifCWaUYZQ7qzqR2EslLMdBKepCcsMxEMsD_M8Ewci-wmsRRwYn1T1W0yIJn2d6u4WTlPXqzDB8UZGssmZZFqf3s6PcI2u-JlblPtYrZ4VMNcWbDdoi0uThyTA5oz_TCwHVzeYuzyTlHPHYwd0B5ZeeP2Joe_tAkU8o1GDq0_c2vlHxGXMqtz00-C8WMZl8xB4T0YcWINsxWgwOFL58K0-pkvdbd75XWdmX34UJUko9I_cRzJrlbODmG9eJoM1OONyel9bbs_KRtbkLmO0lbvY_k2fuWehzshHobqBdgXflr-7aVVXgIvOVAd2wYEamTEQlO4wuuGfc3qmO93u2SlXs1h-&cid=CAASJeRowpq55_Ole7ZQGzvJFKFoSN27qcdQmnq2pnBf90-UBSLecJ0&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87d4497c37026bb603e65ad64bd9913cdd0197c6a2172aae89271add2267712d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32102
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63FC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0MJf7vsHRglKmRzl6ynYMo1NhjdoLD7pF0H4Hfv-F3hKc9PKA5K-EcKE3L7z2kpjYyJ7SWh8ovqyXDpxtFskRqyHGbdYe74pazD5H5VUaEvPpAAs
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 63FC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:28:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 63FC 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 23:34:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 63FC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
849
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:20:37 GMT
l
www.google.com/ads/measurement/ Frame 63FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZNmvMnW19BtcEjwYH3jc-Ki0lbLhnlQsy0NiCeQ84uVOIvpDmymk9i0aP5dgcgddZhrCM65-niaojKAgn4eSPH296UQ
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 1CD8
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYvaS1ywEwAQ&v=APEucNU8PjFzn-uJM2kTeCwhyhtMBq0BFrhLMJO-UoVdL3QViWXZMqATuNOkTzaHI-iTPQn_fi17dKL4ZQ2atOtOJp5kPj4T8g
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
strict-transport-security
max-age=31536000
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 1CD8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
43 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYvaS1ywEwAQ&v=APEucNU8PjFzn-uJM2kTeCwhyhtMBq0BFrhLMJO-UoVdL3QViWXZMqATuNOkTzaHI-iTPQn_fi17dKL4ZQ2atOtOJp5kPj4T8g
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73844deb1fd5809b-NRT
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfwcN1d7GgnTgPN9PTce3xGi14kQF6ZmukRNhxHB7mmV6k45%2FvAXHs5HV7lq7M5tAqY%2BkabqqjHCTbw%2FrjGhsunJWThyRBptPmzimtFuf1g11BH2vXzYJibeXxNHtZYpCUHOEKax5lry1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1CD8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvLvFmNv-zBvKhNiXK6r0wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYvaS1ywEwAQ&v=APEucNU8PjFzn-uJM2kTeCwhyhtMBq0BFrhLMJO-UoVdL3QViWXZMqATuNOkTzaHI-iTPQn_fi17dKL4ZQ2atOtOJp5kPj4T8g
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73844deb1fd7809b-NRT
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoIqqTltNDlkwE%2FXRiCbObqJ1%2BZv3Ad0JpLTgq%2BvL5LuyfvQa7qd9g7%2BQNortNonu734k4vfv7jFJX9HO6EX3hwWm1zb3MdQs5XdOTULECZMiRwJJlcySGK55JvgiAXF5mXa33l1fIsJig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMtlhgS97TWcoGlAzfVqzOE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/56697487/
Redirect Chain
  • https://mc.yandex.ru/watch/56697487?wmode=7&page-url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&charset=utf-8&browser-info=pv%3A1%3Agdpr%...
  • https://mc.yandex.ru/watch/56697487/1?wmode=7&page-url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&charset=utf-8&browser-info=pv%3A1%3Agdp...
357 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/56697487/1?wmode=7&page-url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A130547957005%3Ahid%3A1059716320%3Az%3A0%3Ai%3A20220809233446%3Aet%3A1660088086%3Ac%3A1%3Arn%3A669507003%3Arqn%3A1%3Au%3A1660088086453788168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660088081672%3Ads%3A7%2C10%2C669%2C455%2C0%2C0%2C%2C50%2C1%2C2533%2C2533%2C33%2C1209%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660088086%3At%3A%E6%96%B9%E6%B3%95%EF%BC%9ASlack%E3%81%AE%E3%83%87%E3%83%95%E3%82%A9%E3%83%AB%E3%83%88%E3%83%96%E3%83%A9%E3%82%A6%E3%82%B6%E3%83%BC%E3%82%92Chrome%E3%80%81Firefox%E3%80%81%E3%81%BE%E3%81%9F%E3%81%AFSafari%E3%81%AB%E5%A4%89%E6%9B%B4%E3%81%99%E3%82%8B%20-%20%E3%82%AC%E3%82%B8%E3%82%A7%E3%83%83%E3%83%88%20-%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7877bc3fd94d080970c42f06c680971a7ebb04fadd3da1a6a95d37c17167c902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 09-Aug-2022 23:34:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
357
x-xss-protection
1; mode=block
expires
Tue, 09-Aug-2022 23:34:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
last-modified
Tue, 09-Aug-2022 23:34:46 GMT
location
/watch/56697487/1?wmode=7&page-url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A130547957005%3Ahid%3A1059716320%3Az%3A0%3Ai%3A20220809233446%3Aet%3A1660088086%3Ac%3A1%3Arn%3A669507003%3Arqn%3A1%3Au%3A1660088086453788168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660088081672%3Ads%3A7%2C10%2C669%2C455%2C0%2C0%2C%2C50%2C1%2C2533%2C2533%2C33%2C1209%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660088086%3At%3A%E6%96%B9%E6%B3%95%EF%BC%9ASlack%E3%81%AE%E3%83%87%E3%83%95%E3%82%A9%E3%83%AB%E3%83%88%E3%83%96%E3%83%A9%E3%82%A6%E3%82%B6%E3%83%BC%E3%82%92Chrome%E3%80%81Firefox%E3%80%81%E3%81%BE%E3%81%9F%E3%81%AFSafari%E3%81%AB%E5%A4%89%E6%9B%B4%E3%81%99%E3%82%8B%20-%20%E3%82%AC%E3%82%B8%E3%82%A7%E3%83%83%E3%83%88%20-%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 09-Aug-2022 23:34:46 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
last-modified
Tue, 09 Aug 2022 11:59:17 GMT
etag
"62f221e5-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 10 Aug 2022 00:34:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 63FC 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8wQwB6h1EtofhDL-eeT-42wWr5Aq_S33MqT2lfbtWMdNxKx7IoDn5V4vTFTq29OkP16Npxa2FkSgKMtnxbiH6qCUMXw&cry=1&dbm_d=AKAmf-AEuAC9oHs8YyzL6kKqwSGQy1y6CgUA4CNco8LGgsM-KImFSyJm5XOign4AdhU6zZ3Urc6UWqVbY6Gbo4vibJ6BHLkZERN0A36kZIvCzWLRXr--3pMDAZSexW63lJ0I7r1fvufJEUdiOr51HkGtEjhIT4xo6RHJO5BHbYUGxnWHFBzBGe6oQIO7Iur5buakQySl2zRpzoB77N2xjjV7fvu85VpGUgSzZlARmllqyS6Hc9OjkJneOThtnNzj2cHxe_Ds75da1CqfMKsfNdkvK14J5M-44Gz8QaXpP9j8434ShCdlHhF5X3NTTCicFnLJA0zyDb_qGotwnRZKhoXx_HpXnB30yf2VRTl3_kRJjYfpfE64xi_iXn_ZIRdnH9wdgG0v8WRzlHeXr6OBBkAo4EnYZ7Nhx0QvpvQm5dgaL5ZiVn5Re1Jz50eay4Wwd6CC7dBrulg9to-yZdIY3-6ryp3tJXfyONSrBsvFQ2nUgd-r-7IQVfjN1cRQTbYVM8AjGVcXK865EjWBKU5ZWXsS1r5syd0KrrkTTuUTCa3q61seO8QGO_MMTeAJD5dAlwI7yBRQRBhgZ8qr52bEZ_NE6SRpG7EGIx5HUE9Xu1CBO5YfYROGF7cwWM0xrbvJztv26JGgILMvYMF1JzqWEbkkSUzlszstSjohVdf4VhOGPK9HbxEyHUsKEnNOYLUY6EukS77UaL8xrg7p5w2ITsxNK6iXYYIMqwhoHNkV962lgqtSJ-UBEeGGELqRR2rlQSqjgizrUwB0PIxejfRZkmGjOrhLpAlK7ovhLbKI2Qu1NVOFM_QbvttkE0iukawlsIh4sCBRWOwZfradYlyoccLyEDsqfxdj8_3tk_HqddjlGqncTLsFodqVokGj6ifVq7PQdFiXnV7HRFWY90-_Nnew_Yv3BQlz21N92NAsLK4YNlJAD-Qzg3ONkQ7cERYW_bOp5toN69c7Ru5O11do9grFThvH7o4ToC6KmhJrSrfTBZTfL1SxfebrIZqnV6J1i6WS5XY7AJFpRbtUv5MXBrLO4vWqubDNfy5Z8qfQi3KaE01rWLf_hlI1YWx6bAmaStMo4epR7l5r1FqjYQuBrr15HvslPLh0R71kx92bBtEtbLZJf1vkWHm0tyfNwfnyoFnKIoUScbRIv5HOWbXIvQ7WlpADFTTvzU9-bgvD0jpllho_EXpVsPOXGs4ZTsfyNbmtb1DYurbRKga0Ony_OFk-g1aOEoDWvGnRMDjOf47__VgyA7VPMf8TQeS9bm043U9C5xoVeNYqkWAFNN_kcfgvW8yEiv9ExSLYrOeHkvam_EIhG6HTH9ZhfEFJP5aIdvSKuDycxHipMZnmio6W6VLKwwwQVPfQ0F4xRV1ZrPpGhWM6LTBCnrtpJ10fvd76UI43I6his0FXEySmh3WaHa9GEHoi9zQ2ATRKm9G1NAUmiiuVkI5n4sv7uXNn5RY_dADmtQedslYqDlYi4VXIyEWUbzmBi4P39iIqLEMLXNeIUXw9B8lyTiAu9-MpbJaICdW_3NfpKCVLil5923qTgvoDXqZG1J8ledAvROhe4enbgWTWt8FHihTXWtsg8fvkUwmbyzxGkhRwEDuLsz7--20fBdWf-o5Qfx574uv_TwTD_N7QrOb7BuSnsDDL43q-pzT1dwfIOiZD42dmt6LoJiyLoPuJZQmYa6RHksfYyveyGVeA9M-SoTEX9LRFwfNwMES_JGHzYRDPm3yiJvwlrYN41jGgzAIWlSulsIUqZO6IHSZDO1HYVj4ztLc0h8UrvchRFIAGzplTOzrPFfZbL89rop-WFLTO6XfFLB1QpIskSDeo23DkWFlHmOe9Lr_R7YoZ6vmd0ysRArW12hqrf4TNFHSIYFlJTyqdyXuMttf9zFraMBPIjZbf4JDZvwiMSoSAw83OL704VbX-ce1Pt5qFKfRalDZ81rOLyz80pd57siIHMrzASpHBGt9JXzFSgiVXgMaxX8LGkXzDBgLxA6YjKpW0z7V3ufwcsvX2ooz_ugnGCwnoDunLnJytKCxGOk356wsxn7uakQa-Ky8CdeMO-eTjdsKdSV6s9tI9GE0Q75rbgn2WkqVSOAiSMFa-CE6WsaTqFdECOVIEXh6qaau1K-N0IqJn8vSePhCikAlfnU8s5MdabjYVdoeYzTof8HI2aabLzNsW1Dd-NmMid5IHDCBnMv5XWNYTDebGcfBOqc0AbmHvFwtMcu6LWAvUDB7lGHjE88mW6LzwogaNP23U9wp0hfDPiuv4961L2cnmBvEnFCYoKE3yo_RxUBJubtocrgFqDdZOZkGnVmf9kTjzMX2qwcFF223Waf21yqQIk0l6_UIC4PY6LPJBTXz7iS3c-DJWCJpe6CgE6-yDMPQlXJpR7Jt-j7p095VhIcD54U_e9mTvaM6-8OOU0um2CuwVKPreeWZmEQyNZaVf59dih52mPx2P4XUzh1rlJ-PLr27LBFXWkwMPLF04SCeHCTJeIY99Fob6QvnwmSESeZFUIAMLgLilw7p71v8PTWVrmXK0Udfod6W6T83-JW60trbiFSIkGnR3KJp0kwOyT-7YSWfKGNcqu7hqjD3CKU3OVNoGT63bqa8wC7djcME_m91b4nsnhEg2WnUh2xywRTdFnYZrfC6BLTG-O2VXtghR2nN2uaE6EIt_WJpU0hykgyIIMw1AA8VFh_ivQ_vQD-ZbnXzDABGwS7RK6KijcAN0jJxBezLJy2oAqO4xynQ0hi0L67ncwjLpBySUkp-t5r8IFGiBUiN2QDeB-eN4m6dmMfETqGR79dmuQkCvGBXounXnX6LEKmLj8xfuBHqO4gRtYq2MqAQ2Dwl0Vxj84rPUd4gtp7mOuAtORoM3TNvOwBzSalPHmA3xp5pPl-buG-p_R7zaYf65banoRuNFsyDhdI9xpkWGHorcy3EIvorxs9bqgNPXrpSA1penQtclCQ3WMHuOjh6S5LOM9YrMw0czA1iAuEtUlIMdD_K58tKEWPRAqQiFJr7GmaxRY97YwrdTCFmA1T-hjkulvq3_WmGzhWgzdi6t3af87X-Po0oaC-a11miPCvikLGnDcHvdX5nQtOf9GWYIpYtXrzZ9gR8u0IQvi3mEMBl327V1K88KscMhhjmDWLHiwQotURF7gmh_PJp0qIzgIEpEzqt5WNoHlOpkTlnBv3aw7apmIE8qlyDJ002sBFGp01JcjXry9HecQrojvaiwqZCcCsoohqZUO372SB2P7x7EgHeo4q2-AWsdOpN_moS0HiZSHvdYX0oyWbZ8SIPsUPU6fhe3o5QuVrP6UEZifCWaUYZQ7qzqR2EslLMdBKepCcsMxEMsD_M8Ewci-wmsRRwYn1T1W0yIJn2d6u4WTlPXqzDB8UZGssmZZFqf3s6PcI2u-JlblPtYrZ4VMNcWbDdoi0uThyTA5oz_TCwHVzeYuzyTlHPHYwd0B5ZeeP2Joe_tAkU8o1GDq0_c2vlHxGXMqtz00-C8WMZl8xB4T0YcWINsxWgwOFL58K0-pkvdbd75XWdmX34UJUko9I_cRzJrlbODmG9eJoM1OONyel9bbs_KRtbkLmO0lbvY_k2fuWehzshHobqBdgXflr-7aVVXgIvOVAd2wYEamTEQlO4wuuGfc3qmO93u2SlXs1h-&cid=CAASJeRowpq55_Ole7ZQGzvJFKFoSN27qcdQmnq2pnBf90-UBSLecJ0&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11825
x-xss-protection
0
server
cafe
etag
9647346768486398696
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:21:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 63FC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8wQwB6h1EtofhDL-eeT-42wWr5Aq_S33MqT2lfbtWMdNxKx7IoDn5V4vTFTq29OkP16Npxa2FkSgKMtnxbiH6qCUMXw&cry=1&dbm_d=AKAmf-AEuAC9oHs8YyzL6kKqwSGQy1y6CgUA4CNco8LGgsM-KImFSyJm5XOign4AdhU6zZ3Urc6UWqVbY6Gbo4vibJ6BHLkZERN0A36kZIvCzWLRXr--3pMDAZSexW63lJ0I7r1fvufJEUdiOr51HkGtEjhIT4xo6RHJO5BHbYUGxnWHFBzBGe6oQIO7Iur5buakQySl2zRpzoB77N2xjjV7fvu85VpGUgSzZlARmllqyS6Hc9OjkJneOThtnNzj2cHxe_Ds75da1CqfMKsfNdkvK14J5M-44Gz8QaXpP9j8434ShCdlHhF5X3NTTCicFnLJA0zyDb_qGotwnRZKhoXx_HpXnB30yf2VRTl3_kRJjYfpfE64xi_iXn_ZIRdnH9wdgG0v8WRzlHeXr6OBBkAo4EnYZ7Nhx0QvpvQm5dgaL5ZiVn5Re1Jz50eay4Wwd6CC7dBrulg9to-yZdIY3-6ryp3tJXfyONSrBsvFQ2nUgd-r-7IQVfjN1cRQTbYVM8AjGVcXK865EjWBKU5ZWXsS1r5syd0KrrkTTuUTCa3q61seO8QGO_MMTeAJD5dAlwI7yBRQRBhgZ8qr52bEZ_NE6SRpG7EGIx5HUE9Xu1CBO5YfYROGF7cwWM0xrbvJztv26JGgILMvYMF1JzqWEbkkSUzlszstSjohVdf4VhOGPK9HbxEyHUsKEnNOYLUY6EukS77UaL8xrg7p5w2ITsxNK6iXYYIMqwhoHNkV962lgqtSJ-UBEeGGELqRR2rlQSqjgizrUwB0PIxejfRZkmGjOrhLpAlK7ovhLbKI2Qu1NVOFM_QbvttkE0iukawlsIh4sCBRWOwZfradYlyoccLyEDsqfxdj8_3tk_HqddjlGqncTLsFodqVokGj6ifVq7PQdFiXnV7HRFWY90-_Nnew_Yv3BQlz21N92NAsLK4YNlJAD-Qzg3ONkQ7cERYW_bOp5toN69c7Ru5O11do9grFThvH7o4ToC6KmhJrSrfTBZTfL1SxfebrIZqnV6J1i6WS5XY7AJFpRbtUv5MXBrLO4vWqubDNfy5Z8qfQi3KaE01rWLf_hlI1YWx6bAmaStMo4epR7l5r1FqjYQuBrr15HvslPLh0R71kx92bBtEtbLZJf1vkWHm0tyfNwfnyoFnKIoUScbRIv5HOWbXIvQ7WlpADFTTvzU9-bgvD0jpllho_EXpVsPOXGs4ZTsfyNbmtb1DYurbRKga0Ony_OFk-g1aOEoDWvGnRMDjOf47__VgyA7VPMf8TQeS9bm043U9C5xoVeNYqkWAFNN_kcfgvW8yEiv9ExSLYrOeHkvam_EIhG6HTH9ZhfEFJP5aIdvSKuDycxHipMZnmio6W6VLKwwwQVPfQ0F4xRV1ZrPpGhWM6LTBCnrtpJ10fvd76UI43I6his0FXEySmh3WaHa9GEHoi9zQ2ATRKm9G1NAUmiiuVkI5n4sv7uXNn5RY_dADmtQedslYqDlYi4VXIyEWUbzmBi4P39iIqLEMLXNeIUXw9B8lyTiAu9-MpbJaICdW_3NfpKCVLil5923qTgvoDXqZG1J8ledAvROhe4enbgWTWt8FHihTXWtsg8fvkUwmbyzxGkhRwEDuLsz7--20fBdWf-o5Qfx574uv_TwTD_N7QrOb7BuSnsDDL43q-pzT1dwfIOiZD42dmt6LoJiyLoPuJZQmYa6RHksfYyveyGVeA9M-SoTEX9LRFwfNwMES_JGHzYRDPm3yiJvwlrYN41jGgzAIWlSulsIUqZO6IHSZDO1HYVj4ztLc0h8UrvchRFIAGzplTOzrPFfZbL89rop-WFLTO6XfFLB1QpIskSDeo23DkWFlHmOe9Lr_R7YoZ6vmd0ysRArW12hqrf4TNFHSIYFlJTyqdyXuMttf9zFraMBPIjZbf4JDZvwiMSoSAw83OL704VbX-ce1Pt5qFKfRalDZ81rOLyz80pd57siIHMrzASpHBGt9JXzFSgiVXgMaxX8LGkXzDBgLxA6YjKpW0z7V3ufwcsvX2ooz_ugnGCwnoDunLnJytKCxGOk356wsxn7uakQa-Ky8CdeMO-eTjdsKdSV6s9tI9GE0Q75rbgn2WkqVSOAiSMFa-CE6WsaTqFdECOVIEXh6qaau1K-N0IqJn8vSePhCikAlfnU8s5MdabjYVdoeYzTof8HI2aabLzNsW1Dd-NmMid5IHDCBnMv5XWNYTDebGcfBOqc0AbmHvFwtMcu6LWAvUDB7lGHjE88mW6LzwogaNP23U9wp0hfDPiuv4961L2cnmBvEnFCYoKE3yo_RxUBJubtocrgFqDdZOZkGnVmf9kTjzMX2qwcFF223Waf21yqQIk0l6_UIC4PY6LPJBTXz7iS3c-DJWCJpe6CgE6-yDMPQlXJpR7Jt-j7p095VhIcD54U_e9mTvaM6-8OOU0um2CuwVKPreeWZmEQyNZaVf59dih52mPx2P4XUzh1rlJ-PLr27LBFXWkwMPLF04SCeHCTJeIY99Fob6QvnwmSESeZFUIAMLgLilw7p71v8PTWVrmXK0Udfod6W6T83-JW60trbiFSIkGnR3KJp0kwOyT-7YSWfKGNcqu7hqjD3CKU3OVNoGT63bqa8wC7djcME_m91b4nsnhEg2WnUh2xywRTdFnYZrfC6BLTG-O2VXtghR2nN2uaE6EIt_WJpU0hykgyIIMw1AA8VFh_ivQ_vQD-ZbnXzDABGwS7RK6KijcAN0jJxBezLJy2oAqO4xynQ0hi0L67ncwjLpBySUkp-t5r8IFGiBUiN2QDeB-eN4m6dmMfETqGR79dmuQkCvGBXounXnX6LEKmLj8xfuBHqO4gRtYq2MqAQ2Dwl0Vxj84rPUd4gtp7mOuAtORoM3TNvOwBzSalPHmA3xp5pPl-buG-p_R7zaYf65banoRuNFsyDhdI9xpkWGHorcy3EIvorxs9bqgNPXrpSA1penQtclCQ3WMHuOjh6S5LOM9YrMw0czA1iAuEtUlIMdD_K58tKEWPRAqQiFJr7GmaxRY97YwrdTCFmA1T-hjkulvq3_WmGzhWgzdi6t3af87X-Po0oaC-a11miPCvikLGnDcHvdX5nQtOf9GWYIpYtXrzZ9gR8u0IQvi3mEMBl327V1K88KscMhhjmDWLHiwQotURF7gmh_PJp0qIzgIEpEzqt5WNoHlOpkTlnBv3aw7apmIE8qlyDJ002sBFGp01JcjXry9HecQrojvaiwqZCcCsoohqZUO372SB2P7x7EgHeo4q2-AWsdOpN_moS0HiZSHvdYX0oyWbZ8SIPsUPU6fhe3o5QuVrP6UEZifCWaUYZQ7qzqR2EslLMdBKepCcsMxEMsD_M8Ewci-wmsRRwYn1T1W0yIJn2d6u4WTlPXqzDB8UZGssmZZFqf3s6PcI2u-JlblPtYrZ4VMNcWbDdoi0uThyTA5oz_TCwHVzeYuzyTlHPHYwd0B5ZeeP2Joe_tAkU8o1GDq0_c2vlHxGXMqtz00-C8WMZl8xB4T0YcWINsxWgwOFL58K0-pkvdbd75XWdmX34UJUko9I_cRzJrlbODmG9eJoM1OONyel9bbs_KRtbkLmO0lbvY_k2fuWehzshHobqBdgXflr-7aVVXgIvOVAd2wYEamTEQlO4wuuGfc3qmO93u2SlXs1h-&cid=CAASJeRowpq55_Ole7ZQGzvJFKFoSN27qcdQmnq2pnBf90-UBSLecJ0&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:29:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 63FC 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXFnThh84LTNSp_-oWReGBisj4WA016VS4kbs2xyVd7uClEkgVFj8P0iRMi_EivhWwsKr0ssQYYce9x9gKsavCJ3pNV_pEdnz4fS9KydNdjEyiB2JDRo3NpgR0JBvtUg0P00uVL3p2EImQNdU9EYp3DTTwJTkXlcbI6Fr81gxGIVJaxGM5guEjNHwWzSDH7K0G8zkf5W7Sn8rX4WolGTuLW0R6UO0ZUIJ5kS6WOJklpjwL8cSGYlb_LYNFwlGXJuUqUHOJJRZeVNwQcBNH1-onNJJWT6R-QQclkbAf4--9Tu3rLZl7buVKoh0cApKeJmHbwj4LF_AKIhpphi0PBTIEPnBFkYS7Vc64Rn9dAX5W-6t1Kk6rWDeJ5Uknc9VfMvdjx-AnqvNu-2vhAkzBa6eioEN42AxBSjKp1SC4pg63bMwT08uALWRIGyyUyyTrLOWFL9xC4ywywCVvr_g5UwZtLaSUq5skhH8r53iAvcqTpMhcfS-QR5vIFsCwN4J4PPA2qVTVXclPc-0OSQE_6NXfLm5gPJl-lCRvd4FcyExgfKlCI26MxaJvhsutZqBKJmLJw34BftRaWXay7mlDbp_G_vmodEroKtHosGsfCxGRihDhlDw8Mr_KhaLzwz3Mf-xgCfwM-rt41S7hewKvZ9ZOWThOFlFiwUmngw_w38hmnVB5mUTGH8lsDdB-jRCqwCPYe7W-gHrQ9qEjjhSLw0kpj4dOx5U5Vva7jWvLIZBZWxrtAX0Cwq1qVLihnW9BWhs72gvYD-C63u_fBM0ET5WrY_tPTzTXo9-bSTp4KFMHKvoZeFtqIOAiRMdhrBjGLlnn3A7BidHx-MZCZMQYknucvFI9O_52scMqR0rwW-nfmqit6ZRLRK684qhLs2MJdug5wj96yXUjseuluDUbJb8AXEIOhVkEzShCpC13FPov4gw9yT_mkKtIVTi9VC9yKLa5aOpX8Rs_IgQsX8ygdjS0x6ualfWip7clCs9h0elLD8yitm2FppQdRNHCvxPM7ksufkbZ4WejpvKKnMHHhmQmw4Fjwd1JDNIArqDusgqbAHgoqY-zFeIFf4jd3m55cZh2HhzqX0_apUlu873WxRZ2seBD8WPfPIgf0Yw3bhkjUe0zQduwJRWnmzuiooor44CE8aImlvwHi5NVlwYXtoNjidoZXLvzTbg8IgwMtGPQeDouMMInrUbH2NZzrOhhUvDnt7Y2FYFpBs9rDsuo3y3_MZR9jflVISISK7MiNIeTcvv-f0unlf0jMqturYwM27SKfvP8f4kOH6WI6LBcIS-QhZdd4WyrJ_fIE42v-maX9mFjnJgTuOGaMe24wEJZ9MhMll6IabBwzLjo9tC1LV7zZ4D37eU-D_NepyOx&sai=AMfl-YTHsUIGprosxGvfEPSbCB1nQexKpt8t0qbO_IBbkKDr2RQGRbLEbNWj3cpgeUFWgazAs_fBYGSPusY-IF183KyHSZVbCUF8Kc9sZAsPXGBa8kkmsZxZFKRNoHm7xH5UHakTxOnSwAgnDSAKpw82uo1jnE-zB5PYmkbo8DCb5t6Sq4Uc0hxd-hqujOmsFUu7CsQje0kGwXTEX_DzzoIsdPKt&sig=Cg0ArKJSzKgnOsU4mlEjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220808.36486&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8wQwB6h1EtofhDL-eeT-42wWr5Aq_S33MqT2lfbtWMdNxKx7IoDn5V4vTFTq29OkP16Npxa2FkSgKMtnxbiH6qCUMXw&cry=1&dbm_d=AKAmf-AEuAC9oHs8YyzL6kKqwSGQy1y6CgUA4CNco8LGgsM-KImFSyJm5XOign4AdhU6zZ3Urc6UWqVbY6Gbo4vibJ6BHLkZERN0A36kZIvCzWLRXr--3pMDAZSexW63lJ0I7r1fvufJEUdiOr51HkGtEjhIT4xo6RHJO5BHbYUGxnWHFBzBGe6oQIO7Iur5buakQySl2zRpzoB77N2xjjV7fvu85VpGUgSzZlARmllqyS6Hc9OjkJneOThtnNzj2cHxe_Ds75da1CqfMKsfNdkvK14J5M-44Gz8QaXpP9j8434ShCdlHhF5X3NTTCicFnLJA0zyDb_qGotwnRZKhoXx_HpXnB30yf2VRTl3_kRJjYfpfE64xi_iXn_ZIRdnH9wdgG0v8WRzlHeXr6OBBkAo4EnYZ7Nhx0QvpvQm5dgaL5ZiVn5Re1Jz50eay4Wwd6CC7dBrulg9to-yZdIY3-6ryp3tJXfyONSrBsvFQ2nUgd-r-7IQVfjN1cRQTbYVM8AjGVcXK865EjWBKU5ZWXsS1r5syd0KrrkTTuUTCa3q61seO8QGO_MMTeAJD5dAlwI7yBRQRBhgZ8qr52bEZ_NE6SRpG7EGIx5HUE9Xu1CBO5YfYROGF7cwWM0xrbvJztv26JGgILMvYMF1JzqWEbkkSUzlszstSjohVdf4VhOGPK9HbxEyHUsKEnNOYLUY6EukS77UaL8xrg7p5w2ITsxNK6iXYYIMqwhoHNkV962lgqtSJ-UBEeGGELqRR2rlQSqjgizrUwB0PIxejfRZkmGjOrhLpAlK7ovhLbKI2Qu1NVOFM_QbvttkE0iukawlsIh4sCBRWOwZfradYlyoccLyEDsqfxdj8_3tk_HqddjlGqncTLsFodqVokGj6ifVq7PQdFiXnV7HRFWY90-_Nnew_Yv3BQlz21N92NAsLK4YNlJAD-Qzg3ONkQ7cERYW_bOp5toN69c7Ru5O11do9grFThvH7o4ToC6KmhJrSrfTBZTfL1SxfebrIZqnV6J1i6WS5XY7AJFpRbtUv5MXBrLO4vWqubDNfy5Z8qfQi3KaE01rWLf_hlI1YWx6bAmaStMo4epR7l5r1FqjYQuBrr15HvslPLh0R71kx92bBtEtbLZJf1vkWHm0tyfNwfnyoFnKIoUScbRIv5HOWbXIvQ7WlpADFTTvzU9-bgvD0jpllho_EXpVsPOXGs4ZTsfyNbmtb1DYurbRKga0Ony_OFk-g1aOEoDWvGnRMDjOf47__VgyA7VPMf8TQeS9bm043U9C5xoVeNYqkWAFNN_kcfgvW8yEiv9ExSLYrOeHkvam_EIhG6HTH9ZhfEFJP5aIdvSKuDycxHipMZnmio6W6VLKwwwQVPfQ0F4xRV1ZrPpGhWM6LTBCnrtpJ10fvd76UI43I6his0FXEySmh3WaHa9GEHoi9zQ2ATRKm9G1NAUmiiuVkI5n4sv7uXNn5RY_dADmtQedslYqDlYi4VXIyEWUbzmBi4P39iIqLEMLXNeIUXw9B8lyTiAu9-MpbJaICdW_3NfpKCVLil5923qTgvoDXqZG1J8ledAvROhe4enbgWTWt8FHihTXWtsg8fvkUwmbyzxGkhRwEDuLsz7--20fBdWf-o5Qfx574uv_TwTD_N7QrOb7BuSnsDDL43q-pzT1dwfIOiZD42dmt6LoJiyLoPuJZQmYa6RHksfYyveyGVeA9M-SoTEX9LRFwfNwMES_JGHzYRDPm3yiJvwlrYN41jGgzAIWlSulsIUqZO6IHSZDO1HYVj4ztLc0h8UrvchRFIAGzplTOzrPFfZbL89rop-WFLTO6XfFLB1QpIskSDeo23DkWFlHmOe9Lr_R7YoZ6vmd0ysRArW12hqrf4TNFHSIYFlJTyqdyXuMttf9zFraMBPIjZbf4JDZvwiMSoSAw83OL704VbX-ce1Pt5qFKfRalDZ81rOLyz80pd57siIHMrzASpHBGt9JXzFSgiVXgMaxX8LGkXzDBgLxA6YjKpW0z7V3ufwcsvX2ooz_ugnGCwnoDunLnJytKCxGOk356wsxn7uakQa-Ky8CdeMO-eTjdsKdSV6s9tI9GE0Q75rbgn2WkqVSOAiSMFa-CE6WsaTqFdECOVIEXh6qaau1K-N0IqJn8vSePhCikAlfnU8s5MdabjYVdoeYzTof8HI2aabLzNsW1Dd-NmMid5IHDCBnMv5XWNYTDebGcfBOqc0AbmHvFwtMcu6LWAvUDB7lGHjE88mW6LzwogaNP23U9wp0hfDPiuv4961L2cnmBvEnFCYoKE3yo_RxUBJubtocrgFqDdZOZkGnVmf9kTjzMX2qwcFF223Waf21yqQIk0l6_UIC4PY6LPJBTXz7iS3c-DJWCJpe6CgE6-yDMPQlXJpR7Jt-j7p095VhIcD54U_e9mTvaM6-8OOU0um2CuwVKPreeWZmEQyNZaVf59dih52mPx2P4XUzh1rlJ-PLr27LBFXWkwMPLF04SCeHCTJeIY99Fob6QvnwmSESeZFUIAMLgLilw7p71v8PTWVrmXK0Udfod6W6T83-JW60trbiFSIkGnR3KJp0kwOyT-7YSWfKGNcqu7hqjD3CKU3OVNoGT63bqa8wC7djcME_m91b4nsnhEg2WnUh2xywRTdFnYZrfC6BLTG-O2VXtghR2nN2uaE6EIt_WJpU0hykgyIIMw1AA8VFh_ivQ_vQD-ZbnXzDABGwS7RK6KijcAN0jJxBezLJy2oAqO4xynQ0hi0L67ncwjLpBySUkp-t5r8IFGiBUiN2QDeB-eN4m6dmMfETqGR79dmuQkCvGBXounXnX6LEKmLj8xfuBHqO4gRtYq2MqAQ2Dwl0Vxj84rPUd4gtp7mOuAtORoM3TNvOwBzSalPHmA3xp5pPl-buG-p_R7zaYf65banoRuNFsyDhdI9xpkWGHorcy3EIvorxs9bqgNPXrpSA1penQtclCQ3WMHuOjh6S5LOM9YrMw0czA1iAuEtUlIMdD_K58tKEWPRAqQiFJr7GmaxRY97YwrdTCFmA1T-hjkulvq3_WmGzhWgzdi6t3af87X-Po0oaC-a11miPCvikLGnDcHvdX5nQtOf9GWYIpYtXrzZ9gR8u0IQvi3mEMBl327V1K88KscMhhjmDWLHiwQotURF7gmh_PJp0qIzgIEpEzqt5WNoHlOpkTlnBv3aw7apmIE8qlyDJ002sBFGp01JcjXry9HecQrojvaiwqZCcCsoohqZUO372SB2P7x7EgHeo4q2-AWsdOpN_moS0HiZSHvdYX0oyWbZ8SIPsUPU6fhe3o5QuVrP6UEZifCWaUYZQ7qzqR2EslLMdBKepCcsMxEMsD_M8Ewci-wmsRRwYn1T1W0yIJn2d6u4WTlPXqzDB8UZGssmZZFqf3s6PcI2u-JlblPtYrZ4VMNcWbDdoi0uThyTA5oz_TCwHVzeYuzyTlHPHYwd0B5ZeeP2Joe_tAkU8o1GDq0_c2vlHxGXMqtz00-C8WMZl8xB4T0YcWINsxWgwOFL58K0-pkvdbd75XWdmX34UJUko9I_cRzJrlbODmG9eJoM1OONyel9bbs_KRtbkLmO0lbvY_k2fuWehzshHobqBdgXflr-7aVVXgIvOVAd2wYEamTEQlO4wuuGfc3qmO93u2SlXs1h-&cid=CAASJeRowpq55_Ole7ZQGzvJFKFoSN27qcdQmnq2pnBf90-UBSLecJ0&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 09 Aug 2022 23:34:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 63FC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8wQwB6h1EtofhDL-eeT-42wWr5Aq_S33MqT2lfbtWMdNxKx7IoDn5V4vTFTq29OkP16Npxa2FkSgKMtnxbiH6qCUMXw&cry=1&dbm_d=AKAmf-AEuAC9oHs8YyzL6kKqwSGQy1y6CgUA4CNco8LGgsM-KImFSyJm5XOign4AdhU6zZ3Urc6UWqVbY6Gbo4vibJ6BHLkZERN0A36kZIvCzWLRXr--3pMDAZSexW63lJ0I7r1fvufJEUdiOr51HkGtEjhIT4xo6RHJO5BHbYUGxnWHFBzBGe6oQIO7Iur5buakQySl2zRpzoB77N2xjjV7fvu85VpGUgSzZlARmllqyS6Hc9OjkJneOThtnNzj2cHxe_Ds75da1CqfMKsfNdkvK14J5M-44Gz8QaXpP9j8434ShCdlHhF5X3NTTCicFnLJA0zyDb_qGotwnRZKhoXx_HpXnB30yf2VRTl3_kRJjYfpfE64xi_iXn_ZIRdnH9wdgG0v8WRzlHeXr6OBBkAo4EnYZ7Nhx0QvpvQm5dgaL5ZiVn5Re1Jz50eay4Wwd6CC7dBrulg9to-yZdIY3-6ryp3tJXfyONSrBsvFQ2nUgd-r-7IQVfjN1cRQTbYVM8AjGVcXK865EjWBKU5ZWXsS1r5syd0KrrkTTuUTCa3q61seO8QGO_MMTeAJD5dAlwI7yBRQRBhgZ8qr52bEZ_NE6SRpG7EGIx5HUE9Xu1CBO5YfYROGF7cwWM0xrbvJztv26JGgILMvYMF1JzqWEbkkSUzlszstSjohVdf4VhOGPK9HbxEyHUsKEnNOYLUY6EukS77UaL8xrg7p5w2ITsxNK6iXYYIMqwhoHNkV962lgqtSJ-UBEeGGELqRR2rlQSqjgizrUwB0PIxejfRZkmGjOrhLpAlK7ovhLbKI2Qu1NVOFM_QbvttkE0iukawlsIh4sCBRWOwZfradYlyoccLyEDsqfxdj8_3tk_HqddjlGqncTLsFodqVokGj6ifVq7PQdFiXnV7HRFWY90-_Nnew_Yv3BQlz21N92NAsLK4YNlJAD-Qzg3ONkQ7cERYW_bOp5toN69c7Ru5O11do9grFThvH7o4ToC6KmhJrSrfTBZTfL1SxfebrIZqnV6J1i6WS5XY7AJFpRbtUv5MXBrLO4vWqubDNfy5Z8qfQi3KaE01rWLf_hlI1YWx6bAmaStMo4epR7l5r1FqjYQuBrr15HvslPLh0R71kx92bBtEtbLZJf1vkWHm0tyfNwfnyoFnKIoUScbRIv5HOWbXIvQ7WlpADFTTvzU9-bgvD0jpllho_EXpVsPOXGs4ZTsfyNbmtb1DYurbRKga0Ony_OFk-g1aOEoDWvGnRMDjOf47__VgyA7VPMf8TQeS9bm043U9C5xoVeNYqkWAFNN_kcfgvW8yEiv9ExSLYrOeHkvam_EIhG6HTH9ZhfEFJP5aIdvSKuDycxHipMZnmio6W6VLKwwwQVPfQ0F4xRV1ZrPpGhWM6LTBCnrtpJ10fvd76UI43I6his0FXEySmh3WaHa9GEHoi9zQ2ATRKm9G1NAUmiiuVkI5n4sv7uXNn5RY_dADmtQedslYqDlYi4VXIyEWUbzmBi4P39iIqLEMLXNeIUXw9B8lyTiAu9-MpbJaICdW_3NfpKCVLil5923qTgvoDXqZG1J8ledAvROhe4enbgWTWt8FHihTXWtsg8fvkUwmbyzxGkhRwEDuLsz7--20fBdWf-o5Qfx574uv_TwTD_N7QrOb7BuSnsDDL43q-pzT1dwfIOiZD42dmt6LoJiyLoPuJZQmYa6RHksfYyveyGVeA9M-SoTEX9LRFwfNwMES_JGHzYRDPm3yiJvwlrYN41jGgzAIWlSulsIUqZO6IHSZDO1HYVj4ztLc0h8UrvchRFIAGzplTOzrPFfZbL89rop-WFLTO6XfFLB1QpIskSDeo23DkWFlHmOe9Lr_R7YoZ6vmd0ysRArW12hqrf4TNFHSIYFlJTyqdyXuMttf9zFraMBPIjZbf4JDZvwiMSoSAw83OL704VbX-ce1Pt5qFKfRalDZ81rOLyz80pd57siIHMrzASpHBGt9JXzFSgiVXgMaxX8LGkXzDBgLxA6YjKpW0z7V3ufwcsvX2ooz_ugnGCwnoDunLnJytKCxGOk356wsxn7uakQa-Ky8CdeMO-eTjdsKdSV6s9tI9GE0Q75rbgn2WkqVSOAiSMFa-CE6WsaTqFdECOVIEXh6qaau1K-N0IqJn8vSePhCikAlfnU8s5MdabjYVdoeYzTof8HI2aabLzNsW1Dd-NmMid5IHDCBnMv5XWNYTDebGcfBOqc0AbmHvFwtMcu6LWAvUDB7lGHjE88mW6LzwogaNP23U9wp0hfDPiuv4961L2cnmBvEnFCYoKE3yo_RxUBJubtocrgFqDdZOZkGnVmf9kTjzMX2qwcFF223Waf21yqQIk0l6_UIC4PY6LPJBTXz7iS3c-DJWCJpe6CgE6-yDMPQlXJpR7Jt-j7p095VhIcD54U_e9mTvaM6-8OOU0um2CuwVKPreeWZmEQyNZaVf59dih52mPx2P4XUzh1rlJ-PLr27LBFXWkwMPLF04SCeHCTJeIY99Fob6QvnwmSESeZFUIAMLgLilw7p71v8PTWVrmXK0Udfod6W6T83-JW60trbiFSIkGnR3KJp0kwOyT-7YSWfKGNcqu7hqjD3CKU3OVNoGT63bqa8wC7djcME_m91b4nsnhEg2WnUh2xywRTdFnYZrfC6BLTG-O2VXtghR2nN2uaE6EIt_WJpU0hykgyIIMw1AA8VFh_ivQ_vQD-ZbnXzDABGwS7RK6KijcAN0jJxBezLJy2oAqO4xynQ0hi0L67ncwjLpBySUkp-t5r8IFGiBUiN2QDeB-eN4m6dmMfETqGR79dmuQkCvGBXounXnX6LEKmLj8xfuBHqO4gRtYq2MqAQ2Dwl0Vxj84rPUd4gtp7mOuAtORoM3TNvOwBzSalPHmA3xp5pPl-buG-p_R7zaYf65banoRuNFsyDhdI9xpkWGHorcy3EIvorxs9bqgNPXrpSA1penQtclCQ3WMHuOjh6S5LOM9YrMw0czA1iAuEtUlIMdD_K58tKEWPRAqQiFJr7GmaxRY97YwrdTCFmA1T-hjkulvq3_WmGzhWgzdi6t3af87X-Po0oaC-a11miPCvikLGnDcHvdX5nQtOf9GWYIpYtXrzZ9gR8u0IQvi3mEMBl327V1K88KscMhhjmDWLHiwQotURF7gmh_PJp0qIzgIEpEzqt5WNoHlOpkTlnBv3aw7apmIE8qlyDJ002sBFGp01JcjXry9HecQrojvaiwqZCcCsoohqZUO372SB2P7x7EgHeo4q2-AWsdOpN_moS0HiZSHvdYX0oyWbZ8SIPsUPU6fhe3o5QuVrP6UEZifCWaUYZQ7qzqR2EslLMdBKepCcsMxEMsD_M8Ewci-wmsRRwYn1T1W0yIJn2d6u4WTlPXqzDB8UZGssmZZFqf3s6PcI2u-JlblPtYrZ4VMNcWbDdoi0uThyTA5oz_TCwHVzeYuzyTlHPHYwd0B5ZeeP2Joe_tAkU8o1GDq0_c2vlHxGXMqtz00-C8WMZl8xB4T0YcWINsxWgwOFL58K0-pkvdbd75XWdmX34UJUko9I_cRzJrlbODmG9eJoM1OONyel9bbs_KRtbkLmO0lbvY_k2fuWehzshHobqBdgXflr-7aVVXgIvOVAd2wYEamTEQlO4wuuGfc3qmO93u2SlXs1h-&cid=CAASJeRowpq55_Ole7ZQGzvJFKFoSN27qcdQmnq2pnBf90-UBSLecJ0&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 12:36:38 GMT
3828947774205048371
s0.2mdn.net/simgad/ Frame 63FC 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3828947774205048371
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f421e29bff2830c8a4e2fea5880e391c6108e893ab62a99c19b56872af3809bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 04:55:22 GMT
x-content-type-options
nosniff
age
412764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101865
x-xss-protection
0
last-modified
Tue, 24 May 2022 23:46:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 04:55:22 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
d56a4f80da2e08d0456eee4c711121b01dfb8dc573df3284c8336ac5cee9ea8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
wikicell.org.1122452.js
jsc.mgid.com/w/i/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1122452.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08160951a67e92fc24a4a60e73c677ecd45384893082a6372a60d6cf5f954051

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
293
cf-polished
origSize=2318
last-modified
Wed, 08 Jun 2022 10:30:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZBDQAX5G4HR3X9H0
x-amz-id-2
vJxWIOQXcDCeFqXlyX1xs3+JCSmGobevrpUM4uALk5gXn+HCtdt69eatf4qmHT1V/vp2YabbSoY=
cf-bgj
minify
server
cloudflare
etag
W/"2f53335c9fb1608a66c44547c6a99e86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
CEV3Tan4ka3OXxMe.PiN70EP3G_de3Fu
cf-ray
73844dea6fef204a-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4EC2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
49604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 09:48:02 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 09:48:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2A91 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
138726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 09:02:40 GMT
expires
Tue, 08 Aug 2023 09:02:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 63FC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c9d00cae7266ce50eea2385273d038ad2e29ca50e5ed472dc95f2a196d65963

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
wikicell.org.1122452.es6.js
jsc.mgid.com/w/i/ 		262 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fba181120a67efa8848bf01cfe5098a49a42882f702c0e1a341fdefa3d6af02

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
293
cf-polished
origSize=267872
last-modified
Mon, 18 Jul 2022 10:53:32 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FE85E61E9ABTZCNG
x-amz-id-2
3Br66yA4gUradVvY81/FKlGupv6p9SA/vgj2c26i7B6CoahS9x9Lrrd2VxiLHlrIkfQKIy2MA4Y=
cf-bgj
minify
server
cloudflare
etag
W/"885ecd51430bc2e6aba2ee9c43754f6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
697wnVw05z3l6UNLp5vYzg__L7yMRKk_
cf-ray
73844deaab882079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
wikicell.org.1122452.js
jsc.mgid.com/w/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1122452.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08160951a67e92fc24a4a60e73c677ecd45384893082a6372a60d6cf5f954051

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
293
cf-polished
origSize=2318
last-modified
Wed, 08 Jun 2022 10:30:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZBDQAX5G4HR3X9H0
x-amz-id-2
vJxWIOQXcDCeFqXlyX1xs3+JCSmGobevrpUM4uALk5gXn+HCtdt69eatf4qmHT1V/vp2YabbSoY=
cf-bgj
minify
server
cloudflare
etag
W/"2f53335c9fb1608a66c44547c6a99e86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
CEV3Tan4ka3OXxMe.PiN70EP3G_de3Fu
cf-ray
73844deaab872079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 63FC 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXFnThh84LTNSp_-oWReGBisj4WA016VS4kbs2xyVd7uClEkgVFj8P0iRMi_EivhWwsKr0ssQYYce9x9gKsavCJ3pNV_pEdnz4fS9KydNdjEyiB2JDRo3NpgR0JBvtUg0P00uVL3p2EImQNdU9EYp3DTTwJTkXlcbI6Fr81gxGIVJaxGM5guEjNHwWzSDH7K0G8zkf5W7Sn8rX4WolGTuLW0R6UO0ZUIJ5kS6WOJklpjwL8cSGYlb_LYNFwlGXJuUqUHOJJRZeVNwQcBNH1-onNJJWT6R-QQclkbAf4--9Tu3rLZl7buVKoh0cApKeJmHbwj4LF_AKIhpphi0PBTIEPnBFkYS7Vc64Rn9dAX5W-6t1Kk6rWDeJ5Uknc9VfMvdjx-AnqvNu-2vhAkzBa6eioEN42AxBSjKp1SC4pg63bMwT08uALWRIGyyUyyTrLOWFL9xC4ywywCVvr_g5UwZtLaSUq5skhH8r53iAvcqTpMhcfS-QR5vIFsCwN4J4PPA2qVTVXclPc-0OSQE_6NXfLm5gPJl-lCRvd4FcyExgfKlCI26MxaJvhsutZqBKJmLJw34BftRaWXay7mlDbp_G_vmodEroKtHosGsfCxGRihDhlDw8Mr_KhaLzwz3Mf-xgCfwM-rt41S7hewKvZ9ZOWThOFlFiwUmngw_w38hmnVB5mUTGH8lsDdB-jRCqwCPYe7W-gHrQ9qEjjhSLw0kpj4dOx5U5Vva7jWvLIZBZWxrtAX0Cwq1qVLihnW9BWhs72gvYD-C63u_fBM0ET5WrY_tPTzTXo9-bSTp4KFMHKvoZeFtqIOAiRMdhrBjGLlnn3A7BidHx-MZCZMQYknucvFI9O_52scMqR0rwW-nfmqit6ZRLRK684qhLs2MJdug5wj96yXUjseuluDUbJb8AXEIOhVkEzShCpC13FPov4gw9yT_mkKtIVTi9VC9yKLa5aOpX8Rs_IgQsX8ygdjS0x6ualfWip7clCs9h0elLD8yitm2FppQdRNHCvxPM7ksufkbZ4WejpvKKnMHHhmQmw4Fjwd1JDNIArqDusgqbAHgoqY-zFeIFf4jd3m55cZh2HhzqX0_apUlu873WxRZ2seBD8WPfPIgf0Yw3bhkjUe0zQduwJRWnmzuiooor44CE8aImlvwHi5NVlwYXtoNjidoZXLvzTbg8IgwMtGPQeDouMMInrUbH2NZzrOhhUvDnt7Y2FYFpBs9rDsuo3y3_MZR9jflVISISK7MiNIeTcvv-f0unlf0jMqturYwM27SKfvP8f4kOH6WI6LBcIS-QhZdd4WyrJ_fIE42v-maX9mFjnJgTuOGaMe24wEJZ9MhMll6IabBwzLjo9tC1LV7zZ4D37eU-D_NepyOx&sai=AMfl-YTHsUIGprosxGvfEPSbCB1nQexKpt8t0qbO_IBbkKDr2RQGRbLEbNWj3cpgeUFWgazAs_fBYGSPusY-IF183KyHSZVbCUF8Kc9sZAsPXGBa8kkmsZxZFKRNoHm7xH5UHakTxOnSwAgnDSAKpw82uo1jnE-zB5PYmkbo8DCb5t6Sq4Uc0hxd-hqujOmsFUu7CsQje0kGwXTEX_DzzoIsdPKt&sig=Cg0ArKJSzKgnOsU4mlEjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=60&vt=11&dtpt=59&dett=2&cstd=0&cisv=r20220808.36486&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8wQwB6h1EtofhDL-eeT-42wWr5Aq_S33MqT2lfbtWMdNxKx7IoDn5V4vTFTq29OkP16Npxa2FkSgKMtnxbiH6qCUMXw&cry=1&dbm_d=AKAmf-AEuAC9oHs8YyzL6kKqwSGQy1y6CgUA4CNco8LGgsM-KImFSyJm5XOign4AdhU6zZ3Urc6UWqVbY6Gbo4vibJ6BHLkZERN0A36kZIvCzWLRXr--3pMDAZSexW63lJ0I7r1fvufJEUdiOr51HkGtEjhIT4xo6RHJO5BHbYUGxnWHFBzBGe6oQIO7Iur5buakQySl2zRpzoB77N2xjjV7fvu85VpGUgSzZlARmllqyS6Hc9OjkJneOThtnNzj2cHxe_Ds75da1CqfMKsfNdkvK14J5M-44Gz8QaXpP9j8434ShCdlHhF5X3NTTCicFnLJA0zyDb_qGotwnRZKhoXx_HpXnB30yf2VRTl3_kRJjYfpfE64xi_iXn_ZIRdnH9wdgG0v8WRzlHeXr6OBBkAo4EnYZ7Nhx0QvpvQm5dgaL5ZiVn5Re1Jz50eay4Wwd6CC7dBrulg9to-yZdIY3-6ryp3tJXfyONSrBsvFQ2nUgd-r-7IQVfjN1cRQTbYVM8AjGVcXK865EjWBKU5ZWXsS1r5syd0KrrkTTuUTCa3q61seO8QGO_MMTeAJD5dAlwI7yBRQRBhgZ8qr52bEZ_NE6SRpG7EGIx5HUE9Xu1CBO5YfYROGF7cwWM0xrbvJztv26JGgILMvYMF1JzqWEbkkSUzlszstSjohVdf4VhOGPK9HbxEyHUsKEnNOYLUY6EukS77UaL8xrg7p5w2ITsxNK6iXYYIMqwhoHNkV962lgqtSJ-UBEeGGELqRR2rlQSqjgizrUwB0PIxejfRZkmGjOrhLpAlK7ovhLbKI2Qu1NVOFM_QbvttkE0iukawlsIh4sCBRWOwZfradYlyoccLyEDsqfxdj8_3tk_HqddjlGqncTLsFodqVokGj6ifVq7PQdFiXnV7HRFWY90-_Nnew_Yv3BQlz21N92NAsLK4YNlJAD-Qzg3ONkQ7cERYW_bOp5toN69c7Ru5O11do9grFThvH7o4ToC6KmhJrSrfTBZTfL1SxfebrIZqnV6J1i6WS5XY7AJFpRbtUv5MXBrLO4vWqubDNfy5Z8qfQi3KaE01rWLf_hlI1YWx6bAmaStMo4epR7l5r1FqjYQuBrr15HvslPLh0R71kx92bBtEtbLZJf1vkWHm0tyfNwfnyoFnKIoUScbRIv5HOWbXIvQ7WlpADFTTvzU9-bgvD0jpllho_EXpVsPOXGs4ZTsfyNbmtb1DYurbRKga0Ony_OFk-g1aOEoDWvGnRMDjOf47__VgyA7VPMf8TQeS9bm043U9C5xoVeNYqkWAFNN_kcfgvW8yEiv9ExSLYrOeHkvam_EIhG6HTH9ZhfEFJP5aIdvSKuDycxHipMZnmio6W6VLKwwwQVPfQ0F4xRV1ZrPpGhWM6LTBCnrtpJ10fvd76UI43I6his0FXEySmh3WaHa9GEHoi9zQ2ATRKm9G1NAUmiiuVkI5n4sv7uXNn5RY_dADmtQedslYqDlYi4VXIyEWUbzmBi4P39iIqLEMLXNeIUXw9B8lyTiAu9-MpbJaICdW_3NfpKCVLil5923qTgvoDXqZG1J8ledAvROhe4enbgWTWt8FHihTXWtsg8fvkUwmbyzxGkhRwEDuLsz7--20fBdWf-o5Qfx574uv_TwTD_N7QrOb7BuSnsDDL43q-pzT1dwfIOiZD42dmt6LoJiyLoPuJZQmYa6RHksfYyveyGVeA9M-SoTEX9LRFwfNwMES_JGHzYRDPm3yiJvwlrYN41jGgzAIWlSulsIUqZO6IHSZDO1HYVj4ztLc0h8UrvchRFIAGzplTOzrPFfZbL89rop-WFLTO6XfFLB1QpIskSDeo23DkWFlHmOe9Lr_R7YoZ6vmd0ysRArW12hqrf4TNFHSIYFlJTyqdyXuMttf9zFraMBPIjZbf4JDZvwiMSoSAw83OL704VbX-ce1Pt5qFKfRalDZ81rOLyz80pd57siIHMrzASpHBGt9JXzFSgiVXgMaxX8LGkXzDBgLxA6YjKpW0z7V3ufwcsvX2ooz_ugnGCwnoDunLnJytKCxGOk356wsxn7uakQa-Ky8CdeMO-eTjdsKdSV6s9tI9GE0Q75rbgn2WkqVSOAiSMFa-CE6WsaTqFdECOVIEXh6qaau1K-N0IqJn8vSePhCikAlfnU8s5MdabjYVdoeYzTof8HI2aabLzNsW1Dd-NmMid5IHDCBnMv5XWNYTDebGcfBOqc0AbmHvFwtMcu6LWAvUDB7lGHjE88mW6LzwogaNP23U9wp0hfDPiuv4961L2cnmBvEnFCYoKE3yo_RxUBJubtocrgFqDdZOZkGnVmf9kTjzMX2qwcFF223Waf21yqQIk0l6_UIC4PY6LPJBTXz7iS3c-DJWCJpe6CgE6-yDMPQlXJpR7Jt-j7p095VhIcD54U_e9mTvaM6-8OOU0um2CuwVKPreeWZmEQyNZaVf59dih52mPx2P4XUzh1rlJ-PLr27LBFXWkwMPLF04SCeHCTJeIY99Fob6QvnwmSESeZFUIAMLgLilw7p71v8PTWVrmXK0Udfod6W6T83-JW60trbiFSIkGnR3KJp0kwOyT-7YSWfKGNcqu7hqjD3CKU3OVNoGT63bqa8wC7djcME_m91b4nsnhEg2WnUh2xywRTdFnYZrfC6BLTG-O2VXtghR2nN2uaE6EIt_WJpU0hykgyIIMw1AA8VFh_ivQ_vQD-ZbnXzDABGwS7RK6KijcAN0jJxBezLJy2oAqO4xynQ0hi0L67ncwjLpBySUkp-t5r8IFGiBUiN2QDeB-eN4m6dmMfETqGR79dmuQkCvGBXounXnX6LEKmLj8xfuBHqO4gRtYq2MqAQ2Dwl0Vxj84rPUd4gtp7mOuAtORoM3TNvOwBzSalPHmA3xp5pPl-buG-p_R7zaYf65banoRuNFsyDhdI9xpkWGHorcy3EIvorxs9bqgNPXrpSA1penQtclCQ3WMHuOjh6S5LOM9YrMw0czA1iAuEtUlIMdD_K58tKEWPRAqQiFJr7GmaxRY97YwrdTCFmA1T-hjkulvq3_WmGzhWgzdi6t3af87X-Po0oaC-a11miPCvikLGnDcHvdX5nQtOf9GWYIpYtXrzZ9gR8u0IQvi3mEMBl327V1K88KscMhhjmDWLHiwQotURF7gmh_PJp0qIzgIEpEzqt5WNoHlOpkTlnBv3aw7apmIE8qlyDJ002sBFGp01JcjXry9HecQrojvaiwqZCcCsoohqZUO372SB2P7x7EgHeo4q2-AWsdOpN_moS0HiZSHvdYX0oyWbZ8SIPsUPU6fhe3o5QuVrP6UEZifCWaUYZQ7qzqR2EslLMdBKepCcsMxEMsD_M8Ewci-wmsRRwYn1T1W0yIJn2d6u4WTlPXqzDB8UZGssmZZFqf3s6PcI2u-JlblPtYrZ4VMNcWbDdoi0uThyTA5oz_TCwHVzeYuzyTlHPHYwd0B5ZeeP2Joe_tAkU8o1GDq0_c2vlHxGXMqtz00-C8WMZl8xB4T0YcWINsxWgwOFL58K0-pkvdbd75XWdmX34UJUko9I_cRzJrlbODmG9eJoM1OONyel9bbs_KRtbkLmO0lbvY_k2fuWehzshHobqBdgXflr-7aVVXgIvOVAd2wYEamTEQlO4wuuGfc3qmO93u2SlXs1h-&cid=CAASJeRowpq55_Ole7ZQGzvJFKFoSN27qcdQmnq2pnBf90-UBSLecJ0&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame 4EC2
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGqVKtnwPxRewS0tcRWjT58&google_cver=1&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8D...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGqVKtnwPxRewS0tcRWjT58&google_cver=1&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8D...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8Daq09DfD6JpRy2vbw&google_hm=MDUwMzAwMDFfNjJmMmVmM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8Daq09DfD6JpRy2vbw&google_hm=MDUwMzAwMDFfNjJmMmVmMTcwM2FlZQ%3D%3D
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 23:34:47 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4D0I1ShHSmZV3QluChZlK0D2PiJRhE9kUCvytDunTEfiYUSLH4BvxB6bDUz2fgl-2VnW_jPA7cc8Daq09DfD6JpRy2vbw&google_hm=MDUwMzAwMDFfNjJmMmVmMTcwM2FlZQ%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
result
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 4EC2
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG48Hncvs6aMpLLajvlMuSI&google_cver=1&google_push=AehlK4B3EySNwDx1iQ6iP4JstMn4M1hXyFMrFuWn3JYxM8F786hihAFfHJ0FdJUY...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEG48Hncvs6aMpLLajvlMuSI&google_cver=1&google_push=AehlK4B3EySNwDx1iQ6iP4JstMn4M1hXyFMrFuWn3JYxM8F786hihAFfHJ0FdJUY...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AehlK4B3EySNwDx1iQ6iP4JstMn4M1hXyFMrFuWn3JYxM8F786hihAFfHJ0FdJUYhuh9qQyXaV9ps_BULbbk0TFQ3-ieLRMRJgE&google_hm=N2FnNUxhQnVibjY=...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:46 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4EC2
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENAzyz9my6n-PjLrO4ESj6A&google_cver=1&google_push=AehlK4DkIAnsmEmZ9Q-V58jE8vTobd41KC4mVtSQMC-3M5eGf55Hl9XwVQKxPH9R6QyShiB3dOXoW03TSGy1SNfmtv...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4DkIAnsmEmZ9Q-V58jE8vTobd41KC4mVtSQMC-3M5eGf55Hl9XwVQKxPH9R6QyShiB3dOXoW03TSGy1SNfmtvM9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4DkIAnsmEmZ9Q-V58jE8vTobd41KC4mVtSQMC-3M5eGf55Hl9XwVQKxPH9R6QyShiB3dOXoW03TSGy1SNfmtvM9nIB5MfQ
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4DkIAnsmEmZ9Q-V58jE8vTobd41KC4mVtSQMC-3M5eGf55Hl9XwVQKxPH9R6QyShiB3dOXoW03TSGy1SNfmtvM9nIB5MfQ
Date
Tue, 09 Aug 2022 23:34:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4EC2
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPB5Y3smFoI7O7IoKcjmCD8&google_cver=1&google_push=AehlK4DJouzJ3sPdtReZXzYiApyIVMCIDSCyqWxsM9tn2CnwSfg2LJZzBnFaMsy-gPo0YP9yoaWC17wmcbUeKEUtMB2t6g5qBtk
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DJouzJ3sPdtReZXzYiApyIVMCIDSCyqWxsM9tn2CnwSfg2LJZzBnFaMsy-gPo0YP9yoaWC17wmcbUeKEUtMB2t6g5qBtk&google_hm=ZzY3MDEzYjZlYjcyMjQyY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DJouzJ3sPdtReZXzYiApyIVMCIDSCyqWxsM9tn2CnwSfg2LJZzBnFaMsy-gPo0YP9yoaWC17wmcbUeKEUtMB2t6g5qBtk&google_hm=ZzY3MDEzYjZlYjcyMjQyYzNkNjM=
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AehlK4DJouzJ3sPdtReZXzYiApyIVMCIDSCyqWxsM9tn2CnwSfg2LJZzBnFaMsy-gPo0YP9yoaWC17wmcbUeKEUtMB2t6g5qBtk&google_hm=ZzY3MDEzYjZlYjcyMjQyYzNkNjM=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4EC2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-7a5226ba-e6ee-496e-b2b7-3a22570aaa80-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CDccUNU4VOxJenkRo1T...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4&google_hm=BHpSJrrm7klusrc6IlcKqoA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4&google_hm=BHpSJrrm7klusrc6IlcKqoA
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CDccUNU4VOxJenkRo1Tr01rgDTonYiRuyWE_VqPxOcXStZooa2UXuRIJvUXjsU7oQZQTy4bZVCmHDMyIfVaKrWy2MVO-4&google_hm=BHpSJrrm7klusrc6IlcKqoA
date
Tue, 09 Aug 2022 23:34:46 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7a5226bae6ee496eb2b73a22570aaa80004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4EC2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN8GrVKdQ7YSxkY3cfIjzOE&google_cver=1&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fncqmSwGvy84KcGKEO4TPaskoINjqGyK1gIxQ7mc3vdXM
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fncqmSwGvy84KcGKEO4TPaskoINjqGyK1gIxQ7mc3vdXM...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MDc3OTQ4NDAzNDMxNTkzMjczNQ%3D%3D&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MDc3OTQ4NDAzNDMxNTkzMjczNQ%3D%3D&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fncqmSwGvy84KcGKEO4TPaskoINjqGyK1gIxQ7mc3vdXM
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE2MDc3OTQ4NDAzNDMxNTkzMjczNQ%3D%3D&google_push=AehlK4ABDzTxGWTxK2gx-GKGfb5ubow9rjdWLbywXGFgIzl56KkQ52fncqmSwGvy84KcGKEO4TPaskoINjqGyK1gIxQ7mc3vdXM
date
Tue, 09 Aug 2022 23:34:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 4EC2 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEFsmvBx2dFBW3D3WaPCpKF0&google_cver=1&google_push=AehlK4DdVHJzasEWHisfWikvecZl-Qt9wB8x378asbCfz9LoN_ZImhdC-Ugb8dsb5dRuh837pr7HENflhoDKBiT28C4JDHp6Gew
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 4EC2 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmQ5zpVvWw9F_UTYGORxPtQMdQwaX7vguZZS_-QDPFg-yCWZQZyPcTbTXKo0ER1vhby6w5
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
container.html
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C31C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:44 GMT
expires
Wed, 09 Aug 2023 23:34:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 2A91 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
342895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Aug 2023 00:19:51 GMT
wikicell.org.1122452.js
jsc.mgid.com/w/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1122452.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08160951a67e92fc24a4a60e73c677ecd45384893082a6372a60d6cf5f954051

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
293
cf-polished
origSize=2318
last-modified
Wed, 08 Jun 2022 10:30:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZBDQAX5G4HR3X9H0
x-amz-id-2
vJxWIOQXcDCeFqXlyX1xs3+JCSmGobevrpUM4uALk5gXn+HCtdt69eatf4qmHT1V/vp2YabbSoY=
cf-bgj
minify
server
cloudflare
etag
W/"2f53335c9fb1608a66c44547c6a99e86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
CEV3Tan4ka3OXxMe.PiN70EP3G_de3Fu
cf-ray
73844deadbb02079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 82C9 		611 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQrrnTlQIY6qjTzgEwAQ&v=APEucNVlJVxN9tab1qDQlQRkkkd2KV6gT0Lnniz0c7EbQ9kZ3zuIWb_1WdDXNZg5IZvdUgNNIzDJ0ZlXdage2RsAkF9tEHjrdQ
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C31C 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BemCYKOiXy-p_A2OG3YFW7gUTp4zK95MSBQmuTIzzMMGr9nV5GAW0DN87NMI09U5T7UVFNNq3idHqyAG3G5m_FwySfSX8tNTwVQWhpOgmbcpmb8wBGPfA0KphRSxhA9D8Jp05mfENCX3QZ2f5o-VSK2Fa4pA&cry=1&dbm_d=AKAmf-BrlpDPwZYmQc6366uPnp2gj2lqCvTNN4DaIKmDevCm6wCBPN5Ec37tr8nFi1_5gRNk9158QgDRIT-rLwiR122z9SIC0YvmcA9HyH9RCiRp9yFu3P3iPPL1nVCklvc0ASPb-CFbLdobFrFo2PZnEruhk8vhKh5FrUqhmSIuvfCT1PeaSWPhpvLb9Q8BSjQ-1bwZbVzyvHw1BtQ7JQeTl2-OShC9nk6vMAjMWwP7fMzpQ9d1b3vjfxyT54EEFitxLDGf71tFdVHbHcDy0B8AmbKu3x1QSaZJxXkCIu3WgeSE-qTCqRj65Hwe6Veo_PRvL2escDdbf0vFVtNRY__2W5CFdyVsgDVQtpzTqhoDuLUvJ2AJ-r3_FeDSq8mg4dbvZLOUH9uXR1G4TIGyEPJTRLkfnlYB-ld0JOdyIMUODmnih2vV90YzYfR2YypCP-UqyZspdGEE38y4Vt2zWclkGYXFAKM-l7z8zqUldtL2F1mXPQL5ja4PEoAvPCr58lXxnpeRRqsvWHU66i0G-BLKM4wyLrc7cTmtM8W6YLb9v8xu9Kn3CSAte8YB8C-mcTMPZfqYam5jVtr7yussg1EmKAM_nFj7BpzvSUlFE53vqoOBvOlh44F9AoSFFuXywztKFNKcHiBgDVl_LqKT7t3Lce2D0e3ZxTBCAKRqsWXUmLyUKiAIL5GDK-ZxaLGrIm_8LmOxG1jNsUg7IBnscTYd3JQ7FD1Dyvm0tTZ9PCFz-DjNeUpCFC_H5rhn_zLSni44QT9FvZYERjf1MYDk_K-5hLibzZpruM_A9TkqMmGo0fPVA4saW7DfLygUasYt_xF6nieTI3ABS9MwmDOTGbzOAMx9p_l9iSBzJcRXKTRqKVN9m7eexOz2vYtgeeIi4V4JwRkVbcjgx3nu4c505s_Xk193XCMOGtabOh1YwPwIwNkaQjBu_Y_eW2G19vlb4Zqw8K-gzt0caxwyFltpM-Mw6Q_DcIbzQ5BHtRXUvG1ASMnqUScuSK0BiFYFmlrdJHulib7IC3NVAW-C4TjDZv-gOxv9TxP6wK0t4pr4mqz_SHKmZ_FWXCVX2iJ5RuBLJBZojhKLLg96vbcRwy_dRf6Qtw1lyVKgkdOyYwp3_BU5wNGxHEgE8wzR8BaLXEHU5XrYaqJ1CwE1BoGuxcaFTCYR05ViqpCjFjDnT0cSD6dFXaYLTsQhbgdApltEdKAQhNrfNGGUIo3zZZABesri3FUG8kTDdD-WFWAGJb_jgs_N2_HPvYo7_b9kXFdufE4luMO4I6R5MSYR37ZA0u4hH4S5GygSNhBq_BaPC2eqb-qbq896eiZaQqckR5_Vx7fkLzAjOkgWT-0Z1JUAvrXL3i0BqXIr-XrDEa8lDx2LUULDlpDhOx33pNvQxU7HcIjbiiPNj2_cf-u7JpjPKNN4k1TakPNaX0dHlplmek8W08C0D1w2tUtaGXKkG8a-D-5g0Noncvbm9oEzgZVlfU2bFZZUw6T7eG1Wy0yqkwmO6HAx05vzYBt6uxR4osJlmjKedthzkmQroy94zqaKM2DSRDfZ38LC7vfCbYU-CjMgybDeOOJF736fpY9It2GuCG7S1AY2h6quYtunbBpQ5OPWv65lYVJrZhZg2b8wnGD9AtdfIv2nSQFRqvkWAQa2bYWlAf2C4Yf94jwpDFGyM3OIaoVZsHk9BC0WpwSVdl2cVufkctUdIJ81Cp5HUpIzbTRXnf5ZWg0CZ5oUlAN3EUUGql9Y5CfG18tgpI9viRZ81OnJAH5CFxSXVBeuMVymHO4ilGmX1EgTDnx6jc1e8-j_0LTGGol5dy6Fr6wXznPwSNOfYdIHosI9HzAE-hV1B48EEbiEho7sTCxH2kUKxkEhUPNM5d4NcwRm4AgwqZdIaDqOU6XteD1G4iLCKhECXHBSXciVc0tcd0-Wn-ynGO-dPTiqvtXsMkLfgDzIeup9dRNGW2PyjKCzVSwcc8Fa0aTLIiqOOFv4Gw1t3zoBQ1hVFSmDTQm5cff9UYO853-6cNojGeQOJbIVuJW0WFXtU8YSbn2psQkbkxDIBG0ii3uwQ_oFCdiq-Gzg9a_88ehqICz91qI6Ihw_cVdesfr8kcet3tvmDjhmZDMUyRxGAz101SmTMqY1e0zpRbU0uD2cMOmg9lK2LtKvTdpCXqC4KadAMDH7LKz_KEK_sfj_JDCVbx3xQxX_kTfKVnHmXJdOk76S-1VD8FDR-1xQmZh0WFNKMLMykHqlsNYkF2iKmjGUWTEZqe2ElqOtPw-Ugr0ugJv_P8baEz5C_IMwKSwzapmfV35k89vH0oZiqzbSJDguS1ECR9gsrLKY_A04DVp4ULIP1XCpRVd7y2TCbWh5woyl-ClkzJK-rmc-aFgT2WZnos663fTGzUSRUBM08K2cWZOBC1nDTVA87SWYQrAx5vGcLTz1qKRX2MxFQ9uEmDx-45FiC0yGg29ECWDR1zRxUlNTrvBcC0gjR9fVfK6XNtugSgoIlvwS_KXAAxt1LEfsusPb6kn136xM5vni5RpIixkZMjFFsoyiITGkpWeOW3T8Vz1ZH90GaIgzbEjX2qKyXwpW84yqVsR1dGL-MtPLlx0Yh4s72jIZ2liIEa0j-BGGMfKeA-NvGHHGjczaWyCE3i8-U2QOwcR-Jd7fHyHyY9HoluyvqcxSQ7-TcMFZYkxADreE0m52WKf64UhFyTfi63p58YbFkg6Cneeun68XZk4xO8k6yICoYUXH5mLw6yg0dnvurpGbjgFAa3T6VRmxJ2tAkU2juFdvkT0UXmxmPSQDy4dhQ2RyaAvu8VDAkco7Jh6a8-aHyZ7_WJORCfv9SluaYrUt79GKsQE144PMeTX-a4TkRYoOJXBGCjmZyjDN9Q4ZYPl2OPcCAPNgb4aPk8LXWlBYhXTxTKyqIORvvD9cFwKb8tSULj7K2xBGf4eDwgD0oP3wy081t7MNVIU-O8VFQW7ze3SBbYZIvtSYUxdhR_RrYAdeMETtGPkxatgYfa-l7vMKddfic26EeUDk_5dWS8fV-hBHf0qXxpJ55brrXMdVA9UIbzM&cid=CAASJeRoXpF-M7zw4vsnz7clKtP0JYN6gt-HPBKKNl4xynTMo1HFYIU&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a322891cb1e67a7ad76e437ac86ba96fd0bb80561cbb75866d68845ba71f708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C31C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYydDpzWYv9S8CuhpnOXgR75Nh3e3L8LUscxynaKFIE4qkUZsh4vMYAEtoTDPdPDGJdgZVbqge6XXWLq2cg44dHBdMpQzeXcNaVW4W5jy25WHuqtA
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1082138/64281289/xbbe/creative/ Frame C31C 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1082138/64281289/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0kIx1Bo_O8YjZumzUhabEA-m73FdTkeMKbLwoNsNrkfzQ9E7Vzs9SRjZbLKRHd5q3OqyGrMDVmh-b85-XD4zl7NIFaVv5y0xnpQSuRQAoCZ_4EVQb6reX_1YJySFUC9wuxwpDpnloSCraZ1CbWYdux7CDrEsIn2NMKt1Pimq7GVURx2_O4glgQbnVGvlhx8FsBfiFp9kAUR9R37VZnWdU2kBvpoGsvjGJuKJUBkwjvlOUoaCOazyL19ydhrRsx-KWY1bs05FQnrGei9_zk3aas6GtkfmVxbsNTw_PfmMH_BK_N1EpS3C_kFkfnU9siBlKZmTBxZlFsvP7IVOXUxAR57jKStsarS08O9_Ozo-9Sjk1Cf7TsrgWUZcDo_k47lgvJfgQCJMBz81GcC8EQPRPj1AcNid_Jix_w-C63cbmvJpOALKrRNUfui7tsyRKmEeYv9hZntB6aVVUUyqO2Hz6yihUxwWe1rKPaSQdfPPYqr-bjJWBIY9ETB5dN6ECeuu7uveVrTT25sFdIdZsSknJ9_NRRvmv964V8bJ3E4bECZyTifRFaKED1MI4tzpkC_MhusLH4brUa-FlLfnfkEQCTSp3iwUS6BZFBEeYPdR5smXDnrnUh2LjJRpIvhy93Q0lcWw2LBFDUthax53HIugo4Iej60e585mQLvxQTjWnLyJjHRgjScveDrxzgT_Ft9S-aQ8DdiFnh4IL3-rHJqZiwgeWLD7k9IBFA20itvxKYm7UlyBZXhwHuXZZC3WSUNrF47PF2ROvGMRAMSk1R3iNKi4JXJc8b8N-Jwwg4miXVEnJIq5-rU-JooD_GPkcinj2gJh1VAwlYmqrVSZPU2M82PT_RTOqUMwZDMQPs1trSqp4dhChi5DAUYv9c6oriXOTpDS6ApgesNLhbBzdJGsBCH0rMGWxFeZt7Xl75Mhr4kEtBdmnEC6PtZ63wVA1PX--6urPm_uwpnMyh_h2g4RpI0-SLBy4kWEwRNW4qJ8OZQn2RY6BgTEQbgkx5HhyJuqgbhzGq5l5JAnfjma2AitmUpEvPodIR16c-92LOy8EziQUL0nhnRcHePkj-rmiZO-pg-a1vdgISIitg0j-d3DoKsmsASLgQkA3vpH_SDhhJ65frVM7yWNRmAlWwlATNsQ45bWc4KK_BAZUBiELO_R6YrKxtqFRdq64IFn4xSYw0xR85nz4UlbeyNYqeDpcu32HZKGXi-ifb9t4aw2QTrMVqL8uUQG3k6VpLJqWRTd8uDCdABNR5gUn6YOQJ14eTrlTl7xNqkA-xkdX_jba8rhNb5frnaeDpgryO6z2XuRWl3vwvs5FOJMGEhZLC6ZqbI1nnwvdpDDIcCtj5xqBveAGkyoFBM2o2CCm0ZCRUnA64qJ05NTnojhxRgR1CKZadOga4MmGFpNMfKwxqY9fW7lj1dFnCUBfXQOAEHxTed0S8WOQjELFn3qQ-S9pG4_gvKw8aw96-zOw_QbEQ5bZYyeBa9N76gkb6qrxAaJEYdA9x7sjdzEXkloiUXlzDNhbPbFHekAeajOjtdnHtYbrEgWlSWrHcgE4ujCXotwuEmBrvp1db21UlVOeJc9DMIuGDDfGQD7GdmCRwNDoYgbtxTnzdH5QspsDQNYYmv1-a812r3lnlhvJeQrFDCwwoB_M9OBnJ7Xvv1Pj1SuW2bxy6T6zbpFlDzh8KfK0erGzk7e-PB0HTSk5PtA-QqWtjELlkF0YT56QE2b0Z_X1UVce6q7M-wMuZnR5GdYnGrAYS76c0ssSmrw2R8lk72aHwPNY0BqjlBnZ6EVm_eYTe01U5LWIP2jbMNHLWiqYFxm0iE7qcZxBJRekY3CJ-8fyfsDhyazCrsq_ve6dDuW_MYwsxe7nGbbJlPVXz4U6BFxBTTN3YiaYWpRhHqdIWRJnC77o1cGbsQ_bxEHEoMigmAhoI4jUtg4JSYptT_BWRIU5SvFxQAlWfMffKSOWNkjcahChgeYmkVZEVDODsnj_hnMrz1OS3bU1Kl9YmtKxoRtKHlZzGLkAf_SlEkSF4YVkuIDxSqhPANmH6GHQB9RfPXedHzSiix0mWaN1_2aiPqJX2r6GcDGLGHZ2CTdcNHQ_eJL-wBA7-EtDIOrmcXIxD0p0p8LcJRGeBL_ncL5P2SReLS7YGNa_hI2x_2WhxJTlfi-SOAexLecyTp2yw3c-JwThVisNtdJhKsZiSpG1h-DRqCfBHuXApI-2KqrnopQTkALz3svidBYsHIFiYfsUqDZNG1FdU8n6RV8OX_g75B7-7DBIOyXzkgIC4e2SJbCZZY7CMAlUTxxcJIYYn4zENuTceZ4AUAtxKjEfjSNrtMxYRwLs240VkTYvq2PvEICD27k6BOeNASvydF7OoOAAvee_mGLlP8exHUPBvJttxCWcT4NjybuXRrS-l4bvV8bkJOnbaGmdC67SzVrQQVRrHqtZcB1iI90TR4QX4ji-y3juuvLmyY7maG_IJA3YAdGd4y1Y-UPD3La7Bnrsd_sEdHnUWofMWKBu8gGs__pPozEVer4hZ3SG4qB0Qq-Nk6iC6KmFSv9xWuOD8KGwTnkvwTobZjTxlMfpe2ZpLuNiQZ6kmOL3ndmWUNRCv89mXBFSdbibqvBmfF7-vvoQHjXL4MQyrBbtMKLyjxhlxcyok0lzrvUdvHbOpb-Pt4J0vGBJ2crJ6nBsgsX1v8TjVVyMITNF0MeZs1oWXvUxKw5SNYgycw_3VpGEivXt4ecarm9cL3uL25AgF69M62i7rwbLBcZM97y-nV6TnqjqmbboGUBiE2WxmVy06Kdxo8uDYdl-c7lwxhEmyZtwYZieYijrdlBoskmS03E72Sg3jntqucvsAhdrszpemlBbuP8GHCkMNYkeHNQOzRtGHDiHtjLQ4Fke-iwooybK2rUDOAtuPs8bu7HbDAILc5AGCHvHbzrGciC_9aeKw-NKncAnfI2jz1_CR6AZlAY_tMas0JduOxA_9M3hUcJzq4-Y1FB495Igp7ah7UJ31lttlCg3629X_X6stMY3-YuBmH4uBZ3zbWLY3ZbxCBVxSbaQlLbKNCQpn5C4GqHvXmlAxMGu8zz-DEf9SVS9dwUH9sMulmoPeDT3fb49630UV-L32uZtm-RNfoKwLDIAHVFM9bGCdb_o47K08j95BNDYa2evYeo0E4iBHMpKPPWBxniS4LlpM_CPlUPESNyewncV4Nzid_P7WowWC5HuF6fmffTomp9GMUeBURibNcqcxBgOm-euYfUL0uYJeXZT1tCFwAjcTxAudixasSiebSkfl32gDlmNMnN15u-AyJwYar_6iAZeu_qJs98RtvHVGxWY37KA7FotVUJWntsPRjbbrpO0PAw94Vw-rPlRU_gul8TBvMgvOBLhnFyA5O1phbvlNn5kJX4522co7ysyR-WGderXDzdoBzAwqkaCYr27ouv8DsmqjKawqg7kOj8SZ3Z8vZ9wp9T4kpivjSLiORjshA9mhZ8CCBc4y4tIq-90YjDc3KsMr_h_K1W_PbucNw9XUsHl09uS4RHqYRbyOaD2LPikotYOEJRfN4IuBsequBhmNXb7SMdYty2oGjwpd8T2ivJGikIABIl5GhekX4zvPDi-yfPtyUq0_Qlg3qC34c8Eoo2XjHKdMyjUcVghWAB&cry=1&ias_dspID=3&ias_campId=28762859&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=17328609328&bidurl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0girGZE3tH35ugv8I1SC-Du
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.235.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-235-156.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d732269027f880b499bd5312ebffd7aabac63bd5387a7f8ebaf390e14f186ad2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame C31C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:28:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C31C 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 23:34:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame C31C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
849
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:20:37 GMT
190e6d8d-ea82-455c-b056-91d4b339709e
https://ja.whitefieldfarm.org/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/190e6d8d-ea82-455c-b056-91d4b339709e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
aa6ac28f-b995-4617-a0b7-fd8d495e9da1
https://ja.whitefieldfarm.org/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/aa6ac28f-b995-4617-a0b7-fd8d495e9da1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
a324cdd0-3aea-4e60-82f2-4a1c8cdc4386
https://ja.whitefieldfarm.org/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/a324cdd0-3aea-4e60-82f2-4a1c8cdc4386
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
7a87b428-6fd4-4965-8577-ea1a28b6ac60
https://ja.whitefieldfarm.org/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/7a87b428-6fd4-4965-8577-ea1a28b6ac60
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
wikicell.org.1122452.es6.js
jsc.mgid.com/w/i/ 		262 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fba181120a67efa8848bf01cfe5098a49a42882f702c0e1a341fdefa3d6af02

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
293
cf-polished
origSize=267872
last-modified
Mon, 18 Jul 2022 10:53:32 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FE85E61E9ABTZCNG
x-amz-id-2
3Br66yA4gUradVvY81/FKlGupv6p9SA/vgj2c26i7B6CoahS9x9Lrrd2VxiLHlrIkfQKIy2MA4Y=
cf-bgj
minify
server
cloudflare
etag
W/"885ecd51430bc2e6aba2ee9c43754f6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
697wnVw05z3l6UNLp5vYzg__L7yMRKk_
cf-ray
73844deb2c292079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
wikicell.org.1122449.js
jsc.mgid.com/w/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1122449.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5eb562a62f05ad2458eb2c58985ef9757d98e90ca119a8f5d71ea30473ef77b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
293
cf-polished
origSize=2318
last-modified
Wed, 08 Jun 2022 10:32:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FEMD36SKM5BHWFBD
x-amz-id-2
u2RQiJYj6gLhdAY5CipfBmrlJmqqObK24AUQhVN2KikyIc4Wnj4Ob6xgNDZfmnBgB10YcwbkFpQ=
cf-bgj
minify
server
cloudflare
etag
W/"5f605ecdd6569053244a802513d83140"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
ZAW9jJw4Xd.zKbBmxthMSzZPt9e5F5Iw
cf-ray
73844deb2c2a2079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
setuid
ib.adnxs.com/ Frame 82C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBRjZlQYX5w7AOfUaLy0Zzc&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBRjZlQYX5w7AOfUaLy0Zzc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQrrnTlQIY6qjTzgEwAQ&v=APEucNVlJVxN9tab1qDQlQRkkkd2KV6gT0Lnniz0c7EbQ9kZ3zuIWb_1WdDXNZg5IZvdUgNNIzDJ0ZlXdage2RsAkF9tEHjrdQ
Protocol
HTTP/1.1
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:46 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e8cc45d8-f6e8-4b90-9f0f-421c68b452c8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBRjZlQYX5w7AOfUaLy0Zzc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 82C9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk4NzYyMTAyNTM1Mjg5NzY0NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk4NzYyMTAyNTM1Mjg5NzY0NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQrrnTlQIY6qjTzgEwAQ&v=APEucNVlJVxN9tab1qDQlQRkkkd2KV6gT0Lnniz0c7EbQ9kZ3zuIWb_1WdDXNZg5IZvdUgNNIzDJ0ZlXdage2RsAkF9tEHjrdQ
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:46 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2c6eda7c-e8a6-4a7a-978c-79f36b036df4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk4NzYyMTAyNTM1Mjg5NzY0NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 82C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQrrnTlQIY6qjTzgEwAQ&v=APEucNVlJVxN9tab1qDQlQRkkkd2KV6gT0Lnniz0c7EbQ9kZ3zuIWb_1WdDXNZg5IZvdUgNNIzDJ0ZlXdage2RsAkF9tEHjrdQ
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
date
Tue, 09 Aug 2022 23:34:46 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 82C9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDcyMDI3MTgtYjRjYy0yODAzLWUyMDUtM2JlNTFjMTQyZDkw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDcyMDI3MTgtYjRjYy0yODAzLWUyMDUtM2JlNTFjMTQyZDkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQrrnTlQIY6qjTzgEwAQ&v=APEucNVlJVxN9tab1qDQlQRkkkd2KV6gT0Lnniz0c7EbQ9kZ3zuIWb_1WdDXNZg5IZvdUgNNIzDJ0ZlXdage2RsAkF9tEHjrdQ
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDcyMDI3MTgtYjRjYy0yODAzLWUyMDUtM2JlNTFjMTQyZDkw
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
wikicell.org.1122449.es6.js
jsc.mgid.com/w/i/ 		251 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1122449.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122449.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d245b3901ffeec689926bb1dc288de6d16ae037201bd4e9aacff38fe59d22841

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
139
cf-polished
origSize=257087
last-modified
Mon, 18 Jul 2022 10:53:50 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
18YA49W7QX17WQTV
x-amz-id-2
CPoWHivO8XwBx6JlYqRCWWYWtbrrGZske2QgUTy+zXAnFrUDWFI/VKx9e+sde6/MBp6jQnEXt0+R8pb7GY0j8A==
cf-bgj
minify
server
cloudflare
etag
W/"54c89c109a012c1c0981dee1b237b90f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
dOJpeiYdQOEllHHeaFQTLIUCqZ0QGOql
cf-ray
73844deb3c3f2079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
wikicell.org.1305780.js
jsc.mgid.com/w/i/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1305780.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c6dd37553ea057b90058b7effacee6bb3306f168d74911e6ab6306ebe67e6b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
139
cf-polished
origSize=2318
last-modified
Wed, 15 Jun 2022 13:35:12 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
31RPZ8ZTR1N1DHGB
x-amz-id-2
Cyl65ezBpNccxqYMYiMRePYWPKLiWwW2qdYfAvyvOaiYo3B415qYek6w6HP9JHVzcJSWg3Ii1Zg=
cf-bgj
minify
server
cloudflare
etag
W/"cb44cfcddd42987e0ff5feee258ddc24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
1NuhfqUrRWNIbXcs4R3ph.CgOAd0p975
cf-ray
73844deb3c422079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
wikicell.org.1305780.es6.js
jsc.mgid.com/w/i/ 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/i/wikicell.org.1305780.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1305780.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66dd64864abbe7d329dd2f81c05bf0a712b48a079608d48132606a1a83b56d1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
138
cf-polished
origSize=256010
last-modified
Mon, 18 Jul 2022 11:04:00 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QD06V7NYDG9KQA5C
x-amz-id-2
5LHFvwI9qsz+H3s2wPIiDO+lQ8U+trjFXYDD5CQ186aTS60B+x8kv4z7Kmr2/JGJH2URJhrfFEs=
cf-bgj
minify
server
cloudflare
etag
W/"317da744a2f28f1a8e8a5c19669947ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
JWpIbQWzjVMIf2qR22ta3mhY6U2O5tuD
cf-ray
73844deb5c592079-NRT
expires
Wed, 10 Aug 2022 02:34:46 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C31C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BemCYKOiXy-p_A2OG3YFW7gUTp4zK95MSBQmuTIzzMMGr9nV5GAW0DN87NMI09U5T7UVFNNq3idHqyAG3G5m_FwySfSX8tNTwVQWhpOgmbcpmb8wBGPfA0KphRSxhA9D8Jp05mfENCX3QZ2f5o-VSK2Fa4pA&cry=1&dbm_d=AKAmf-BrlpDPwZYmQc6366uPnp2gj2lqCvTNN4DaIKmDevCm6wCBPN5Ec37tr8nFi1_5gRNk9158QgDRIT-rLwiR122z9SIC0YvmcA9HyH9RCiRp9yFu3P3iPPL1nVCklvc0ASPb-CFbLdobFrFo2PZnEruhk8vhKh5FrUqhmSIuvfCT1PeaSWPhpvLb9Q8BSjQ-1bwZbVzyvHw1BtQ7JQeTl2-OShC9nk6vMAjMWwP7fMzpQ9d1b3vjfxyT54EEFitxLDGf71tFdVHbHcDy0B8AmbKu3x1QSaZJxXkCIu3WgeSE-qTCqRj65Hwe6Veo_PRvL2escDdbf0vFVtNRY__2W5CFdyVsgDVQtpzTqhoDuLUvJ2AJ-r3_FeDSq8mg4dbvZLOUH9uXR1G4TIGyEPJTRLkfnlYB-ld0JOdyIMUODmnih2vV90YzYfR2YypCP-UqyZspdGEE38y4Vt2zWclkGYXFAKM-l7z8zqUldtL2F1mXPQL5ja4PEoAvPCr58lXxnpeRRqsvWHU66i0G-BLKM4wyLrc7cTmtM8W6YLb9v8xu9Kn3CSAte8YB8C-mcTMPZfqYam5jVtr7yussg1EmKAM_nFj7BpzvSUlFE53vqoOBvOlh44F9AoSFFuXywztKFNKcHiBgDVl_LqKT7t3Lce2D0e3ZxTBCAKRqsWXUmLyUKiAIL5GDK-ZxaLGrIm_8LmOxG1jNsUg7IBnscTYd3JQ7FD1Dyvm0tTZ9PCFz-DjNeUpCFC_H5rhn_zLSni44QT9FvZYERjf1MYDk_K-5hLibzZpruM_A9TkqMmGo0fPVA4saW7DfLygUasYt_xF6nieTI3ABS9MwmDOTGbzOAMx9p_l9iSBzJcRXKTRqKVN9m7eexOz2vYtgeeIi4V4JwRkVbcjgx3nu4c505s_Xk193XCMOGtabOh1YwPwIwNkaQjBu_Y_eW2G19vlb4Zqw8K-gzt0caxwyFltpM-Mw6Q_DcIbzQ5BHtRXUvG1ASMnqUScuSK0BiFYFmlrdJHulib7IC3NVAW-C4TjDZv-gOxv9TxP6wK0t4pr4mqz_SHKmZ_FWXCVX2iJ5RuBLJBZojhKLLg96vbcRwy_dRf6Qtw1lyVKgkdOyYwp3_BU5wNGxHEgE8wzR8BaLXEHU5XrYaqJ1CwE1BoGuxcaFTCYR05ViqpCjFjDnT0cSD6dFXaYLTsQhbgdApltEdKAQhNrfNGGUIo3zZZABesri3FUG8kTDdD-WFWAGJb_jgs_N2_HPvYo7_b9kXFdufE4luMO4I6R5MSYR37ZA0u4hH4S5GygSNhBq_BaPC2eqb-qbq896eiZaQqckR5_Vx7fkLzAjOkgWT-0Z1JUAvrXL3i0BqXIr-XrDEa8lDx2LUULDlpDhOx33pNvQxU7HcIjbiiPNj2_cf-u7JpjPKNN4k1TakPNaX0dHlplmek8W08C0D1w2tUtaGXKkG8a-D-5g0Noncvbm9oEzgZVlfU2bFZZUw6T7eG1Wy0yqkwmO6HAx05vzYBt6uxR4osJlmjKedthzkmQroy94zqaKM2DSRDfZ38LC7vfCbYU-CjMgybDeOOJF736fpY9It2GuCG7S1AY2h6quYtunbBpQ5OPWv65lYVJrZhZg2b8wnGD9AtdfIv2nSQFRqvkWAQa2bYWlAf2C4Yf94jwpDFGyM3OIaoVZsHk9BC0WpwSVdl2cVufkctUdIJ81Cp5HUpIzbTRXnf5ZWg0CZ5oUlAN3EUUGql9Y5CfG18tgpI9viRZ81OnJAH5CFxSXVBeuMVymHO4ilGmX1EgTDnx6jc1e8-j_0LTGGol5dy6Fr6wXznPwSNOfYdIHosI9HzAE-hV1B48EEbiEho7sTCxH2kUKxkEhUPNM5d4NcwRm4AgwqZdIaDqOU6XteD1G4iLCKhECXHBSXciVc0tcd0-Wn-ynGO-dPTiqvtXsMkLfgDzIeup9dRNGW2PyjKCzVSwcc8Fa0aTLIiqOOFv4Gw1t3zoBQ1hVFSmDTQm5cff9UYO853-6cNojGeQOJbIVuJW0WFXtU8YSbn2psQkbkxDIBG0ii3uwQ_oFCdiq-Gzg9a_88ehqICz91qI6Ihw_cVdesfr8kcet3tvmDjhmZDMUyRxGAz101SmTMqY1e0zpRbU0uD2cMOmg9lK2LtKvTdpCXqC4KadAMDH7LKz_KEK_sfj_JDCVbx3xQxX_kTfKVnHmXJdOk76S-1VD8FDR-1xQmZh0WFNKMLMykHqlsNYkF2iKmjGUWTEZqe2ElqOtPw-Ugr0ugJv_P8baEz5C_IMwKSwzapmfV35k89vH0oZiqzbSJDguS1ECR9gsrLKY_A04DVp4ULIP1XCpRVd7y2TCbWh5woyl-ClkzJK-rmc-aFgT2WZnos663fTGzUSRUBM08K2cWZOBC1nDTVA87SWYQrAx5vGcLTz1qKRX2MxFQ9uEmDx-45FiC0yGg29ECWDR1zRxUlNTrvBcC0gjR9fVfK6XNtugSgoIlvwS_KXAAxt1LEfsusPb6kn136xM5vni5RpIixkZMjFFsoyiITGkpWeOW3T8Vz1ZH90GaIgzbEjX2qKyXwpW84yqVsR1dGL-MtPLlx0Yh4s72jIZ2liIEa0j-BGGMfKeA-NvGHHGjczaWyCE3i8-U2QOwcR-Jd7fHyHyY9HoluyvqcxSQ7-TcMFZYkxADreE0m52WKf64UhFyTfi63p58YbFkg6Cneeun68XZk4xO8k6yICoYUXH5mLw6yg0dnvurpGbjgFAa3T6VRmxJ2tAkU2juFdvkT0UXmxmPSQDy4dhQ2RyaAvu8VDAkco7Jh6a8-aHyZ7_WJORCfv9SluaYrUt79GKsQE144PMeTX-a4TkRYoOJXBGCjmZyjDN9Q4ZYPl2OPcCAPNgb4aPk8LXWlBYhXTxTKyqIORvvD9cFwKb8tSULj7K2xBGf4eDwgD0oP3wy081t7MNVIU-O8VFQW7ze3SBbYZIvtSYUxdhR_RrYAdeMETtGPkxatgYfa-l7vMKddfic26EeUDk_5dWS8fV-hBHf0qXxpJ55brrXMdVA9UIbzM&cid=CAASJeRoXpF-M7zw4vsnz7clKtP0JYN6gt-HPBKKNl4xynTMo1HFYIU&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 12:36:38 GMT
ca575eb1-5c90-4768-8e90-4358cce66369
https://ja.whitefieldfarm.org/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/ca575eb1-5c90-4768-8e90-4358cce66369
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
87ec590e-3861-455a-9a3d-e25ee7375af3
https://ja.whitefieldfarm.org/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/87ec590e-3861-455a-9a3d-e25ee7375af3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8D25 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
138726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 09:02:40 GMT
expires
Tue, 08 Aug 2023 09:02:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0504c495-b7cd-43d0-8da5-d0e9b0315c46
https://ja.whitefieldfarm.org/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/0504c495-b7cd-43d0-8da5-d0e9b0315c46
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
43cbe58c-56d3-4933-9b8c-4ae2e922f6c9
https://ja.whitefieldfarm.org/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/43cbe58c-56d3-4933-9b8c-4ae2e922f6c9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
600386e3-5ff5-4033-92be-6c35c1b62a18
https://ja.whitefieldfarm.org/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/600386e3-5ff5-4033-92be-6c35c1b62a18
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
f29368e6-b68d-459d-8e80-26bd2ac2c668
https://ja.whitefieldfarm.org/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/f29368e6-b68d-459d-8e80-26bd2ac2c668
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 8D25 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
342895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Aug 2023 00:19:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A91 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSzS8Fu_yYtu2BIK52gSEmL6wAwAAAAA4AeAEAg&bg=!DwylDEjNAAZGjrx1Zo47ACkAdvg8WjPiFm3wZA5yWn8frtFWWIX5EQ3yDMns2nZkppdzAzaEjZxdVgIAAABxUgAAAAFoAQeZA0X79FqZsJ0z7Tfn_TTPzLUZAvj_rEE8bAEsdZxO06oSVcF5lwrIrvnyk3ZKL6mLULcn-_3o3YMb6TQnCo-gu4TOqpwCY8RNtDrp_3O-NYQ800y-UEa7axSJjfmTsDKFnPOyHqUelrhrbk3LXplb_k5Z0gMdM9QfgilRlwt6kKx7ryqDUFUAEcoRB4H5sUQ0Fe7QwRrW3QsmLdGfVGS1fpNVvxnBs_3OZppOcgzDv3agV-YWTB_HtgQXDJ6SBIWBZ_sXALe98G_8oMj7EvApUK7wBL68n7_c36jH98SPvXPyDui15F4MSlFiW1uf2THjo2Z0EuLlvq1QV9yrlf2VTK6ytuavBzxCTi17vNcuRsnjt4iXUey3K-DbJx5KzL3M0SXEeSfbLGtdFveJ1MgLfO4fCwOc1Cc03kAICyGVgB87gmznqHi26dJ28g5ZeIpbxHRhGMgluoU0dg5xTt0Xs8tM9HCdP1KKZCAyHZrDGtkga3xcODHTKtcn0z0MJz0qaI8MSJFExw9wvYmrZixJM80SP0AgikCFq1h1BTyqdKhVCSjYM_CUoMlBvVCYpLNfd86DC1muaSF2DvZHvu6R36avfmuKPYPCamAOjyxuWFjDOT8llHfiAzRlc4532iiKrPVoEA7e6JY9iTO_bzeT50NsGt55II-rxF7neldWPd0FnC5jiShPlFQ5SBDBNFZZUXkYOPLn2RY5ReuydjjtH4gb69JzfIvOuvLz2IaTgYeGmL8_0sPc3s48dvUcQbW4IC1TdF1Z5RWSBdTSgJP5g3DWcFMKBvZ_Jm9yNkzbJLygujXWUmSvunFVqJ6VLzxfCWIXjz_uvtJjyaEFcgBYvOaYZ5ET6Ga_C3-fRpv_lCcOo9hcYrutADKBrvqjrHo1l6_ds_Bc6cLCHfXmmsyfXESue3U7Zyfo29vbFpmKWnIC2WiaMqQv7BqsPVKy1nA_sbD1ymXdhpT9gl3VVhnmlnygnrMOD7G1tIZc4Ka3PMQLzL04eljahmU3x_wTl6WqfKmKq9PzuagHL8iaXIdaC8S0phg9ZESewGzERraK7UWFwOVNkrujMuk-vl2FmKKrd0qqvBvPcSh0MbaAJ3kcWUZYk4O5CC8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1duwt.json
www.bigmp3db.com/ 		60 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
8e8315af11defa31ce48a1417d64612996580a51455e5839dc9002f9eed44984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
container.html
094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC3F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:44 GMT
expires
Wed, 09 Aug 2023 23:34:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 518F 		441 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARimm4pkMAE&v=APEucNURJ7txsFsZ9Di57VoRwhals9gW4ICQsStfdT_m__LBjXSVzdcmseDcu0-RZf6Wx5maijmDIsYXPKtKFJWZUxUwT1ri_A
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
227
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 23:34:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EC3F 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrH_rTnbB1vvBFsCDc6Cf2vlt517-vI4igEV8x_mvI2-GoFo-RUaULu8QhPveJRwo6u_A1PD93ZLlkOjBGkEPFM1gsE6KUU3QbSOl3JKlAA3S0cYCF5T0Qxf23oMsoIz61uziQSoHmoh8BnUXwE_LO76Dzog&cry=1&dbm_d=AKAmf-D1rx4_NjxySWi_tp_KPM20OjRMMlyjKRtPLHIALWg-K1JyYw4RwEV6UFkdg0J8cWoKHIxgif2rMpRMQPCmt-xiZ_bT9R-OekuDW_wby79WqRLZ6AtrYWiXq7w_Xoqh-mZdL4riUQ9pjy0vzN9-qrgI_oURvhdytu8QUxhQS9F2fO8SF-h4li7YJ0LgGY8FxP_yGFkicIgaOy506BhnV1Kxk6yZ5HICgqJ7vRpv57hqyVz_m5XiPbcciOT5HFirWXk2pw55JxYJETWOGto8oKN1bPo_cGuX7GaSi5bAbD6MMY3HJopJOyXsrsnMy_iCRYN3XKtVsY-tWXNlviNJzRwatpUP6mswHXsedgbOhswdBcKx4aQozcJrmSwldtgMDTEXCq7Ev2ZhrS76XW6GqBYcZMEqM_aQASFHXDhuBXfdrkdGrqoOGrHWpaqy-cOnUV6PinOxRN7koCSkR-HusCFbT65QNzTQs2P--duwJIIqnXxksVJjL-37Tt7piDmsd1_AHu4W7v40I7ZNWjRCrGCAO-pK8cM2tiGH_ymUFcxMVyMOITDS-h4v5Dy8AwN6dwiJioarcewoSTrAcG_hBjiknU5GFOE61HkDktdlZE6gzNsZKGHRYG0E9dU5DNPO3Ojl1L8FgRVoO_1MahOfsQ_0WtTSfU4KW8YJWlJuTYHH6Sb36qW-0yGUwM-Y8BeNLnab0FGWoSXvcXiRSP97iQQvOWaZl0mL4VNXBd4tW0YHayL60zJPLrQlVpLwTC3l0HLMa5LiXLTJxwAJBjk9pLZhi11Z3O5DbX-cMHiNCyw9skNzubw2uXalyZCRhzrmsm_dkAUlm-gS7OMtgaf7rThzAGbzZGY5fjKSTm8A685MJDSACe5mwZUzb-JwtgOwz4sf7m-3ApklX7N9xVaO9khI_WOmRCgDrZk6pL-DR16CVx96LzteWV7qyfsJwkPBJRZEC8z9a9P4zPSXBQZrEPX7aPNviG4riIWKd4XBbmw2ULFj-fiEDDYn_mpPb4QWJcGgUEEp0yFqxDNtinLf0vNkt4zxhZp2_ndfxcohW31-5LumEoURKQGS-xHpbtXroFmrEYzCgy69U8dnT-ZjPDZQ6q_Gc6THPrjiCbemeC04ZYzQFHTw4uEfvKfOTa48IYInGaLmwcVjPw6CIkRZRGocAKV5C9sx4um5VZgOeufZXMZvi56Vwn4Vcnp9QNCbB8FbQprag6g7-aDKXaEM0oGrWSbR7C2VWKpMDvGgAjTG_bXVI_cG8WXqyi6ljfufln2D5hlcNTp4xWkrAHVkKx_D3wmA36dEdzfkO6jNoCe_iEO4tyXTgWaFg11RRAq_K5JaKUIoWwEPBfmLvoMoFKiAZpwvZ1e_aFcVOCr30puAqnUPjJrnGDfKdy3a2E8qPI7rWySvpzbDCUC7lrpCDecKXSM1pKGUOXF2obAhet1trDyZUOcN1hLJlOgSMyV8uOe01Z7_eBXh_-JqwuskuciVvhzq2dtpvwTnA1xU_Tg0we0vJQCPPiwqVpqkVQ6bhP4fYb6O3hdyKVfVoW3UhLPaBU6hTWIGjMiBOj6CA7OV_9MGvyiGO9dPANrWthS2lS9PjzN2jYCTvLvFNbf4uPeaQPgGhZqCQ8xRHBldrIMcMtc9hYfjXZtRapxm8EPcarnHxPPFdupE7b9je55oSJhhaZav3Euen8x2ViZFuqIFGMvIPtrViR5POCA47hpmUyelamDvhlYUDmoApt20Z7KjlkNY-fnG7NabDCh3egXqBRhPqHkDPCbjhajJRosR-3OFzV0Vx-sXqP5Rn0lZD8m-Zw0YIX-94-3s_nsiUHqL91rzXo87SZ2bsTYewVJXjlZqzdVCfDp2imh8hdq30TFTN5ogCOKffnWQq5pbREgQRMzqtMaTcS4WnRQnfMjndRFo5rmF66WR7UihbwN1ou9zl2LdewZYa8CPQxoxzmcHB7EBlBbz9whD3LsJtNzt4jU-FrYs3zwR6jezQx7zc1ONqjtq7TDDG1gaTVKf1_y2eQN5Mws2S2VHfi1WMBJq9VsJVhgahJSlNcDoVnZbFb_CmdJWLK3tQwjbKEcBoBOxSGncSIXvfwVwUYOvyIs3fYVRzPv9hGIOOTOkMRgZ_ZKnLLVzeR2z9glIxs9Cb7Ym8BnbppMHDuAv3oaBOR25bRQ04YCVOEXQZ39QYVbtdwMsFo45JrkXQ5mpa5Pyvl820h2QI9grByzRBXEw0cxwTykVDczd4etbpOKJeiZlduqJu12tNNucvVnz2XvgOYXldHVydkriTdUlpIUjhMnYyzuCwRWwudfez3r73gtcEvQdpDXnIvEwwemmHT13rnufUM8xCC3N5DD9tWhJPz4h_hQB4kgG-fhZAeDsWzXV_2E_AFyUsoD4wVazRRQzhPoCLEEVHacHNdkA1HGpKpJUAjVf0bCwOmfyClro9ohjRMaVYlPlJ0CS-Z4lRQfJGI_7CDjXMXjumGZRnJayt8StU1MYtysJKrUSB6XN6yLhAju-pN3hC3kdbKerp_mTEwEH2uV7ppGweWanLC8ecijTX9NKbl22S15gvpXdSaxX52qRXyVJov4nei75hnqPlN2tNQAyp3YAJk5kVH91wzRvWBYKbgcK1pU6spPY38mb-kxa7O1bLpFaUr2hPrmXb2uwd2A0Gk_OlsxsmzUmc-_aEBSrX2YzmbjL6JkRnPuqRvJYGy6lGxyUVs9sOhzDLqQzrsbwXR3Fz66bd2xrsV3N_VO7cO1juZlAyEFRbMFNVA07gxiuyhigUu5wJtqxoG72NSzidaH7ErCJTjQDFrZVVQs0k7HR5X7W1jbA1xyPRn8m3dlTV08aEZS7r9lWnvlVgqRBJ2-EipBcOX4MRL2kBKjYPsKx3qqobX2EmFtQqiHxCdczhguQB6sfGHVKC7Gxcho8hryOWBcuBPnMCW064jXrB60vYeO2qmjQQFDpfJUDdi4SDY2f6JnriTJ2bN2PTTJQoYYsDRj8Qvu2l90k0n9oSK6a7YdwY7JOw13BhNgT4nvRon9evKsyzGyymiveLeoW45W3mWV3pq4ShKGSb0k9ikukRA0zLCp8EMoE9yaJRvaxbE3ZMRD-cN0lIXCfiXgjUrWQWpQwjok2IjsuJGQD9oMs4Mm04R1XUXg7YqsDO3CcURQf2ChoC1yY_bbwqDUgbXm5AhfIIzuUL-36pTs-eotd5NCmxehz2zkgPnV7gUjWP3x4Ocz34ceQV2kCcnFjb_CAiNMStnFuvTJ-8I4gLQHMY_jgVC5mS1M9fSBjtPocBCHutE1yHSxMUKk8v8tmZHEclsURxu5XJ9MI2masUgdXFk4B1wKMh0rsqLgmvnEXesovEGrQ2lqjl-itS2U1UH23CivAFpWS1hCiklNadqxCj6jAX6oKxZifEzSdaOy0ys8uBgqnvoyOOCyFowp3dpCLhvAZJrRuwz-egJI51HtiQuWi2JsbeoStObHr_tCIKXlpO5XZJQt8JWY_IC_40rY&cid=CAASJeRokf6XzlU5lLxNb-gZjzEAiCs6QL_AoOUGBXH2ffzYhhm_NdI&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84b1ad47dbcadfc398bdb4e136679f275ea9b2d60f2c9debd0ec50cda3a54597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17082
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC3F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BekD1GtXoa2zcqwlw9DuxbwBct3I-E_Z6nX9FomP7sFhOtZ6pz9_tUOJKcFUVfs8A5YoFvwZa0llY9AaYykxPUfkswpmtRjPrd5lZlFCxZCFMImTI
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame EC3F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115846&plc=4181641&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gwIjPq14Qgj9oiZvP-uyjc&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32323016&DVP_DBM_4=209882534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=917300748424&turl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Jul 2022 08:29:57 GMT
Server
Microsoft-IIS/10.0
ETag
"f8e0a365b799d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame EC3F 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gwIjPq14Qgj9oiZvP-uyjc&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32323016&DVP_DBM_4=209882534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=917300748424&turl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&DVP_PP_BUNDLE_ID=
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4075e4e380188626166832e49f139f780a4d7a98a12cd8d83ef1aac70fc57489

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 Aug 2022 11:29:43 GMT
Server
Microsoft-IIS/10.0
ETag
"806d3afd50aad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame EC3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:28:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC3F 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 23:34:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame EC3F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
849
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:20:37 GMT
l
www.google.com/ads/measurement/ Frame EC3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGVhqphdxxUa3sUGcah2S6zUUCAanDnsmr05IIokAlDVsb0rb-KNTyVfHI_dgp1kQwcVaEVoZe1xaVERG-ycjwEl00Zw
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
/
c.mgid.com/pv/ 		0
44 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1660088086493587951411&uniqId=0b283&lct=1658102400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&lu=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&sessionId=62f2ef16-16837&pageView=1&pvid=18284f5efde969bff48&site=703366&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dec99a2204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
um
sync.teads.tv/ Frame 518F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMBQoe-ncaYi_DYSaByq9Ug&google_cver=1
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMBQoe-ncaYi_DYSaByq9Ug&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARimm4pkMAE&v=APEucNURJ7txsFsZ9Di57VoRwhals9gW4ICQsStfdT_m__LBjXSVzdcmseDcu0-RZf6Wx5maijmDIsYXPKtKFJWZUxUwT1ri_A
Protocol
H2
Server
23.194.211.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-194-211-88.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 09 Aug 2022 23:34:46 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEMBQoe-ncaYi_DYSaByq9Ug&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 518F
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5N2IwOGItYzIwYi00ZTkzLWJjMWYtOGI2MTM5MTU2OGNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5N2IwOGItYzIwYi00ZTkzLWJjMWYtOGI2MTM5MTU2OGNl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARimm4pkMAE&v=APEucNURJ7txsFsZ9Di57VoRwhals9gW4ICQsStfdT_m__LBjXSVzdcmseDcu0-RZf6Wx5maijmDIsYXPKtKFJWZUxUwT1ri_A
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Zjg5N2IwOGItYzIwYi00ZTkzLWJjMWYtOGI2MTM5MTU2OGNl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Tue, 09 Aug 2022 23:34:46 GMT
sync
partners.tremorhub.com/ Frame 518F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEN1eZCX3Nnsa_YPPLJJGii0&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEN1eZCX3Nnsa_YPPLJJGii0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARimm4pkMAE&v=APEucNURJ7txsFsZ9Di57VoRwhals9gW4ICQsStfdT_m__LBjXSVzdcmseDcu0-RZf6Wx5maijmDIsYXPKtKFJWZUxUwT1ri_A
Protocol
H2
Server
2600:1f18:612b:4200:28b9:a08b:bd3b:4ddc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:47 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEN1eZCX3Nnsa_YPPLJJGii0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
627c1ef4-f216-410e-bdb4-e57251e419e6
https://ja.whitefieldfarm.org/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/627c1ef4-f216-410e-bdb4-e57251e419e6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
ff62c773-84ae-4e70-b0ab-299ab805b1e4
https://ja.whitefieldfarm.org/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/ff62c773-84ae-4e70-b0ab-299ab805b1e4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D25 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba_4zFu_yYuucD46Kid4P3LmtmA4AAAAAOAHgBAI&bg=!7O-l76vNAAZGjrx1Zo47ACkAdvg8WkpXqytDihEI65EO5cVwLBBoN2ZWErm_fx4rRI6QQhudzau2RwIAAABmUgAAAAJoAQeZAzsF49yFkeocdCUrheElWNaoWLx0hlHF25EYCVrR_E890k42QSlsyA88evgmpCF-5trNwoySrx-970UpHTbal-ohPKYRH6Vkn4BlO2NCx0Igf63svJvroLLGQbaaIOTb3EVpvcnDPdmD6eeUJrEDIf44NGB7j_qXL0blfdLMgZHgGFRqJG2mOqlud4EYPmPsK1qN4w2qOiLYwETzzd69MVeE5qnRIh8d7KpfzASK2MTStV4Ujbq2fQjfAQfhDvcwKGxW4KWR_qZicyvXLWC3WfVZnXF0wjo_ZvdTkT8UuRrHv6OyQNeHN821ttvuY4sO25GFTo7WfiUV1sTLB43GJFn-xbD4utA0vnqJJmpodEHjbs3Gf-ZXxyEopV_gKlpnxzjZJxNqmJdzL0i-PdqgOwMe8dskd2r3qqbFL_0IX-2tRZQw0wrMxfCqUJmAUBpNshSz6PCqoxzu9dTzK-xp_gCVBOvjMfSA4bMpWobRcylwa5hZRfYz_u5MHSybxu2wuZF_A-4NXAFb-mKfI_fLHFkzrsapnlL0umoIHbSBMgWXdajljUmNC0RvT10RA-jwrQ56xr2icfCezZ6i5LciA_3334Ng95Nl9uUd-P-_4eDW9juemykmb93zDksPQ5KQqIwJLKNVUUF6PgbLF42MCufU1uhmh0QJWX1aahfSmMjw8P1xPU1CRtduAZRH3GR1bnch3MTDYi8TQzXUcRW0mXvkLq1LG8-vOO_B4cfhfh8fgmWyIp7bzq22Us-w2idPZgg10AUF0GG3v1B2SZsRLGDAr_8boRA6J-VJyyECybQDSQ2LIiD8AquQsxrEY4CZu30Hq473zE-QTMIdT-fygFHj4gFW7aNCjYC5pKdA5AFvlqWzFqt__7FZJe7TDKPG-q6vXW9bdVkbpvTo6ZAqfGpEadt_qOYy4lm0SEOXxvQGHS0a7t48501IoSI--OIvXvRO9bccLLffdF5oNz-g7bPs54KIaazbWegDOdZr_3OxmZ7Oa53v9K4J9UO5rl13B7rGZXInsVFOtpQJKgtz1j-QU2caxdS5jDowh4dS83HQ7xkFbP-PDHa3JaELvbKVoro45i8L7kD1hxzWyw
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQZ016TJQM3CQAQ
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844decb9be204a-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
6569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844decb9bf204a-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
b3701080-708e-4b83-bf5c-a08fb74fa1cf
https://ja.whitefieldfarm.org/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/b3701080-708e-4b83-bf5c-a08fb74fa1cf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame EC3F 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrH_rTnbB1vvBFsCDc6Cf2vlt517-vI4igEV8x_mvI2-GoFo-RUaULu8QhPveJRwo6u_A1PD93ZLlkOjBGkEPFM1gsE6KUU3QbSOl3JKlAA3S0cYCF5T0Qxf23oMsoIz61uziQSoHmoh8BnUXwE_LO76Dzog&cry=1&dbm_d=AKAmf-D1rx4_NjxySWi_tp_KPM20OjRMMlyjKRtPLHIALWg-K1JyYw4RwEV6UFkdg0J8cWoKHIxgif2rMpRMQPCmt-xiZ_bT9R-OekuDW_wby79WqRLZ6AtrYWiXq7w_Xoqh-mZdL4riUQ9pjy0vzN9-qrgI_oURvhdytu8QUxhQS9F2fO8SF-h4li7YJ0LgGY8FxP_yGFkicIgaOy506BhnV1Kxk6yZ5HICgqJ7vRpv57hqyVz_m5XiPbcciOT5HFirWXk2pw55JxYJETWOGto8oKN1bPo_cGuX7GaSi5bAbD6MMY3HJopJOyXsrsnMy_iCRYN3XKtVsY-tWXNlviNJzRwatpUP6mswHXsedgbOhswdBcKx4aQozcJrmSwldtgMDTEXCq7Ev2ZhrS76XW6GqBYcZMEqM_aQASFHXDhuBXfdrkdGrqoOGrHWpaqy-cOnUV6PinOxRN7koCSkR-HusCFbT65QNzTQs2P--duwJIIqnXxksVJjL-37Tt7piDmsd1_AHu4W7v40I7ZNWjRCrGCAO-pK8cM2tiGH_ymUFcxMVyMOITDS-h4v5Dy8AwN6dwiJioarcewoSTrAcG_hBjiknU5GFOE61HkDktdlZE6gzNsZKGHRYG0E9dU5DNPO3Ojl1L8FgRVoO_1MahOfsQ_0WtTSfU4KW8YJWlJuTYHH6Sb36qW-0yGUwM-Y8BeNLnab0FGWoSXvcXiRSP97iQQvOWaZl0mL4VNXBd4tW0YHayL60zJPLrQlVpLwTC3l0HLMa5LiXLTJxwAJBjk9pLZhi11Z3O5DbX-cMHiNCyw9skNzubw2uXalyZCRhzrmsm_dkAUlm-gS7OMtgaf7rThzAGbzZGY5fjKSTm8A685MJDSACe5mwZUzb-JwtgOwz4sf7m-3ApklX7N9xVaO9khI_WOmRCgDrZk6pL-DR16CVx96LzteWV7qyfsJwkPBJRZEC8z9a9P4zPSXBQZrEPX7aPNviG4riIWKd4XBbmw2ULFj-fiEDDYn_mpPb4QWJcGgUEEp0yFqxDNtinLf0vNkt4zxhZp2_ndfxcohW31-5LumEoURKQGS-xHpbtXroFmrEYzCgy69U8dnT-ZjPDZQ6q_Gc6THPrjiCbemeC04ZYzQFHTw4uEfvKfOTa48IYInGaLmwcVjPw6CIkRZRGocAKV5C9sx4um5VZgOeufZXMZvi56Vwn4Vcnp9QNCbB8FbQprag6g7-aDKXaEM0oGrWSbR7C2VWKpMDvGgAjTG_bXVI_cG8WXqyi6ljfufln2D5hlcNTp4xWkrAHVkKx_D3wmA36dEdzfkO6jNoCe_iEO4tyXTgWaFg11RRAq_K5JaKUIoWwEPBfmLvoMoFKiAZpwvZ1e_aFcVOCr30puAqnUPjJrnGDfKdy3a2E8qPI7rWySvpzbDCUC7lrpCDecKXSM1pKGUOXF2obAhet1trDyZUOcN1hLJlOgSMyV8uOe01Z7_eBXh_-JqwuskuciVvhzq2dtpvwTnA1xU_Tg0we0vJQCPPiwqVpqkVQ6bhP4fYb6O3hdyKVfVoW3UhLPaBU6hTWIGjMiBOj6CA7OV_9MGvyiGO9dPANrWthS2lS9PjzN2jYCTvLvFNbf4uPeaQPgGhZqCQ8xRHBldrIMcMtc9hYfjXZtRapxm8EPcarnHxPPFdupE7b9je55oSJhhaZav3Euen8x2ViZFuqIFGMvIPtrViR5POCA47hpmUyelamDvhlYUDmoApt20Z7KjlkNY-fnG7NabDCh3egXqBRhPqHkDPCbjhajJRosR-3OFzV0Vx-sXqP5Rn0lZD8m-Zw0YIX-94-3s_nsiUHqL91rzXo87SZ2bsTYewVJXjlZqzdVCfDp2imh8hdq30TFTN5ogCOKffnWQq5pbREgQRMzqtMaTcS4WnRQnfMjndRFo5rmF66WR7UihbwN1ou9zl2LdewZYa8CPQxoxzmcHB7EBlBbz9whD3LsJtNzt4jU-FrYs3zwR6jezQx7zc1ONqjtq7TDDG1gaTVKf1_y2eQN5Mws2S2VHfi1WMBJq9VsJVhgahJSlNcDoVnZbFb_CmdJWLK3tQwjbKEcBoBOxSGncSIXvfwVwUYOvyIs3fYVRzPv9hGIOOTOkMRgZ_ZKnLLVzeR2z9glIxs9Cb7Ym8BnbppMHDuAv3oaBOR25bRQ04YCVOEXQZ39QYVbtdwMsFo45JrkXQ5mpa5Pyvl820h2QI9grByzRBXEw0cxwTykVDczd4etbpOKJeiZlduqJu12tNNucvVnz2XvgOYXldHVydkriTdUlpIUjhMnYyzuCwRWwudfez3r73gtcEvQdpDXnIvEwwemmHT13rnufUM8xCC3N5DD9tWhJPz4h_hQB4kgG-fhZAeDsWzXV_2E_AFyUsoD4wVazRRQzhPoCLEEVHacHNdkA1HGpKpJUAjVf0bCwOmfyClro9ohjRMaVYlPlJ0CS-Z4lRQfJGI_7CDjXMXjumGZRnJayt8StU1MYtysJKrUSB6XN6yLhAju-pN3hC3kdbKerp_mTEwEH2uV7ppGweWanLC8ecijTX9NKbl22S15gvpXdSaxX52qRXyVJov4nei75hnqPlN2tNQAyp3YAJk5kVH91wzRvWBYKbgcK1pU6spPY38mb-kxa7O1bLpFaUr2hPrmXb2uwd2A0Gk_OlsxsmzUmc-_aEBSrX2YzmbjL6JkRnPuqRvJYGy6lGxyUVs9sOhzDLqQzrsbwXR3Fz66bd2xrsV3N_VO7cO1juZlAyEFRbMFNVA07gxiuyhigUu5wJtqxoG72NSzidaH7ErCJTjQDFrZVVQs0k7HR5X7W1jbA1xyPRn8m3dlTV08aEZS7r9lWnvlVgqRBJ2-EipBcOX4MRL2kBKjYPsKx3qqobX2EmFtQqiHxCdczhguQB6sfGHVKC7Gxcho8hryOWBcuBPnMCW064jXrB60vYeO2qmjQQFDpfJUDdi4SDY2f6JnriTJ2bN2PTTJQoYYsDRj8Qvu2l90k0n9oSK6a7YdwY7JOw13BhNgT4nvRon9evKsyzGyymiveLeoW45W3mWV3pq4ShKGSb0k9ikukRA0zLCp8EMoE9yaJRvaxbE3ZMRD-cN0lIXCfiXgjUrWQWpQwjok2IjsuJGQD9oMs4Mm04R1XUXg7YqsDO3CcURQf2ChoC1yY_bbwqDUgbXm5AhfIIzuUL-36pTs-eotd5NCmxehz2zkgPnV7gUjWP3x4Ocz34ceQV2kCcnFjb_CAiNMStnFuvTJ-8I4gLQHMY_jgVC5mS1M9fSBjtPocBCHutE1yHSxMUKk8v8tmZHEclsURxu5XJ9MI2masUgdXFk4B1wKMh0rsqLgmvnEXesovEGrQ2lqjl-itS2U1UH23CivAFpWS1hCiklNadqxCj6jAX6oKxZifEzSdaOy0ys8uBgqnvoyOOCyFowp3dpCLhvAZJrRuwz-egJI51HtiQuWi2JsbeoStObHr_tCIKXlpO5XZJQt8JWY_IC_40rY&cid=CAASJeRokf6XzlU5lLxNb-gZjzEAiCs6QL_AoOUGBXH2ffzYhhm_NdI&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11825
x-xss-protection
0
server
cafe
etag
9647346768486398696
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:21:17 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EC3F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrH_rTnbB1vvBFsCDc6Cf2vlt517-vI4igEV8x_mvI2-GoFo-RUaULu8QhPveJRwo6u_A1PD93ZLlkOjBGkEPFM1gsE6KUU3QbSOl3JKlAA3S0cYCF5T0Qxf23oMsoIz61uziQSoHmoh8BnUXwE_LO76Dzog&cry=1&dbm_d=AKAmf-D1rx4_NjxySWi_tp_KPM20OjRMMlyjKRtPLHIALWg-K1JyYw4RwEV6UFkdg0J8cWoKHIxgif2rMpRMQPCmt-xiZ_bT9R-OekuDW_wby79WqRLZ6AtrYWiXq7w_Xoqh-mZdL4riUQ9pjy0vzN9-qrgI_oURvhdytu8QUxhQS9F2fO8SF-h4li7YJ0LgGY8FxP_yGFkicIgaOy506BhnV1Kxk6yZ5HICgqJ7vRpv57hqyVz_m5XiPbcciOT5HFirWXk2pw55JxYJETWOGto8oKN1bPo_cGuX7GaSi5bAbD6MMY3HJopJOyXsrsnMy_iCRYN3XKtVsY-tWXNlviNJzRwatpUP6mswHXsedgbOhswdBcKx4aQozcJrmSwldtgMDTEXCq7Ev2ZhrS76XW6GqBYcZMEqM_aQASFHXDhuBXfdrkdGrqoOGrHWpaqy-cOnUV6PinOxRN7koCSkR-HusCFbT65QNzTQs2P--duwJIIqnXxksVJjL-37Tt7piDmsd1_AHu4W7v40I7ZNWjRCrGCAO-pK8cM2tiGH_ymUFcxMVyMOITDS-h4v5Dy8AwN6dwiJioarcewoSTrAcG_hBjiknU5GFOE61HkDktdlZE6gzNsZKGHRYG0E9dU5DNPO3Ojl1L8FgRVoO_1MahOfsQ_0WtTSfU4KW8YJWlJuTYHH6Sb36qW-0yGUwM-Y8BeNLnab0FGWoSXvcXiRSP97iQQvOWaZl0mL4VNXBd4tW0YHayL60zJPLrQlVpLwTC3l0HLMa5LiXLTJxwAJBjk9pLZhi11Z3O5DbX-cMHiNCyw9skNzubw2uXalyZCRhzrmsm_dkAUlm-gS7OMtgaf7rThzAGbzZGY5fjKSTm8A685MJDSACe5mwZUzb-JwtgOwz4sf7m-3ApklX7N9xVaO9khI_WOmRCgDrZk6pL-DR16CVx96LzteWV7qyfsJwkPBJRZEC8z9a9P4zPSXBQZrEPX7aPNviG4riIWKd4XBbmw2ULFj-fiEDDYn_mpPb4QWJcGgUEEp0yFqxDNtinLf0vNkt4zxhZp2_ndfxcohW31-5LumEoURKQGS-xHpbtXroFmrEYzCgy69U8dnT-ZjPDZQ6q_Gc6THPrjiCbemeC04ZYzQFHTw4uEfvKfOTa48IYInGaLmwcVjPw6CIkRZRGocAKV5C9sx4um5VZgOeufZXMZvi56Vwn4Vcnp9QNCbB8FbQprag6g7-aDKXaEM0oGrWSbR7C2VWKpMDvGgAjTG_bXVI_cG8WXqyi6ljfufln2D5hlcNTp4xWkrAHVkKx_D3wmA36dEdzfkO6jNoCe_iEO4tyXTgWaFg11RRAq_K5JaKUIoWwEPBfmLvoMoFKiAZpwvZ1e_aFcVOCr30puAqnUPjJrnGDfKdy3a2E8qPI7rWySvpzbDCUC7lrpCDecKXSM1pKGUOXF2obAhet1trDyZUOcN1hLJlOgSMyV8uOe01Z7_eBXh_-JqwuskuciVvhzq2dtpvwTnA1xU_Tg0we0vJQCPPiwqVpqkVQ6bhP4fYb6O3hdyKVfVoW3UhLPaBU6hTWIGjMiBOj6CA7OV_9MGvyiGO9dPANrWthS2lS9PjzN2jYCTvLvFNbf4uPeaQPgGhZqCQ8xRHBldrIMcMtc9hYfjXZtRapxm8EPcarnHxPPFdupE7b9je55oSJhhaZav3Euen8x2ViZFuqIFGMvIPtrViR5POCA47hpmUyelamDvhlYUDmoApt20Z7KjlkNY-fnG7NabDCh3egXqBRhPqHkDPCbjhajJRosR-3OFzV0Vx-sXqP5Rn0lZD8m-Zw0YIX-94-3s_nsiUHqL91rzXo87SZ2bsTYewVJXjlZqzdVCfDp2imh8hdq30TFTN5ogCOKffnWQq5pbREgQRMzqtMaTcS4WnRQnfMjndRFo5rmF66WR7UihbwN1ou9zl2LdewZYa8CPQxoxzmcHB7EBlBbz9whD3LsJtNzt4jU-FrYs3zwR6jezQx7zc1ONqjtq7TDDG1gaTVKf1_y2eQN5Mws2S2VHfi1WMBJq9VsJVhgahJSlNcDoVnZbFb_CmdJWLK3tQwjbKEcBoBOxSGncSIXvfwVwUYOvyIs3fYVRzPv9hGIOOTOkMRgZ_ZKnLLVzeR2z9glIxs9Cb7Ym8BnbppMHDuAv3oaBOR25bRQ04YCVOEXQZ39QYVbtdwMsFo45JrkXQ5mpa5Pyvl820h2QI9grByzRBXEw0cxwTykVDczd4etbpOKJeiZlduqJu12tNNucvVnz2XvgOYXldHVydkriTdUlpIUjhMnYyzuCwRWwudfez3r73gtcEvQdpDXnIvEwwemmHT13rnufUM8xCC3N5DD9tWhJPz4h_hQB4kgG-fhZAeDsWzXV_2E_AFyUsoD4wVazRRQzhPoCLEEVHacHNdkA1HGpKpJUAjVf0bCwOmfyClro9ohjRMaVYlPlJ0CS-Z4lRQfJGI_7CDjXMXjumGZRnJayt8StU1MYtysJKrUSB6XN6yLhAju-pN3hC3kdbKerp_mTEwEH2uV7ppGweWanLC8ecijTX9NKbl22S15gvpXdSaxX52qRXyVJov4nei75hnqPlN2tNQAyp3YAJk5kVH91wzRvWBYKbgcK1pU6spPY38mb-kxa7O1bLpFaUr2hPrmXb2uwd2A0Gk_OlsxsmzUmc-_aEBSrX2YzmbjL6JkRnPuqRvJYGy6lGxyUVs9sOhzDLqQzrsbwXR3Fz66bd2xrsV3N_VO7cO1juZlAyEFRbMFNVA07gxiuyhigUu5wJtqxoG72NSzidaH7ErCJTjQDFrZVVQs0k7HR5X7W1jbA1xyPRn8m3dlTV08aEZS7r9lWnvlVgqRBJ2-EipBcOX4MRL2kBKjYPsKx3qqobX2EmFtQqiHxCdczhguQB6sfGHVKC7Gxcho8hryOWBcuBPnMCW064jXrB60vYeO2qmjQQFDpfJUDdi4SDY2f6JnriTJ2bN2PTTJQoYYsDRj8Qvu2l90k0n9oSK6a7YdwY7JOw13BhNgT4nvRon9evKsyzGyymiveLeoW45W3mWV3pq4ShKGSb0k9ikukRA0zLCp8EMoE9yaJRvaxbE3ZMRD-cN0lIXCfiXgjUrWQWpQwjok2IjsuJGQD9oMs4Mm04R1XUXg7YqsDO3CcURQf2ChoC1yY_bbwqDUgbXm5AhfIIzuUL-36pTs-eotd5NCmxehz2zkgPnV7gUjWP3x4Ocz34ceQV2kCcnFjb_CAiNMStnFuvTJ-8I4gLQHMY_jgVC5mS1M9fSBjtPocBCHutE1yHSxMUKk8v8tmZHEclsURxu5XJ9MI2masUgdXFk4B1wKMh0rsqLgmvnEXesovEGrQ2lqjl-itS2U1UH23CivAFpWS1hCiklNadqxCj6jAX6oKxZifEzSdaOy0ys8uBgqnvoyOOCyFowp3dpCLhvAZJrRuwz-egJI51HtiQuWi2JsbeoStObHr_tCIKXlpO5XZJQt8JWY_IC_40rY&cid=CAASJeRokf6XzlU5lLxNb-gZjzEAiCs6QL_AoOUGBXH2ffzYhhm_NdI&rfl=1%2Chttps%253A%252F%252Fja.whitefieldfarm.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 12:36:38 GMT
f0a724a2-aaf6-43b0-98ac-066c06cedc73
https://ja.whitefieldfarm.org/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/f0a724a2-aaf6-43b0-98ac-066c06cedc73
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
c1c00acd-9c2e-4d9b-8602-814661a5dae4
https://ja.whitefieldfarm.org/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ja.whitefieldfarm.org/c1c00acd-9c2e-4d9b-8602-814661a5dae4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7335 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
138726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 09:02:40 GMT
expires
Tue, 08 Aug 2023 09:02:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQZ016TJQM3CQAQ
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844deced992079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
6569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844deced9a2079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122449.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQZ016TJQM3CQAQ
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844ded1db52079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122449.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
6569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844ded1db62079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame C31C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1082138/64281289/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0...
65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0kIx1Bo_O8YjZumzUhabEA-m73FdTkeMKbLwoNsNrkfzQ9E7Vzs9SRjZbLKRHd5q3OqyGrMDVmh-b85-XD4zl7NIFaVv5y0xnpQSuRQAoCZ_4EVQb6reX_1YJySFUC9wuxwpDpnloSCraZ1CbWYdux7CDrEsIn2NMKt1Pimq7GVURx2_O4glgQbnVGvlhx8FsBfiFp9kAUR9R37VZnWdU2kBvpoGsvjGJuKJUBkwjvlOUoaCOazyL19ydhrRsx-KWY1bs05FQnrGei9_zk3aas6GtkfmVxbsNTw_PfmMH_BK_N1EpS3C_kFkfnU9siBlKZmTBxZlFsvP7IVOXUxAR57jKStsarS08O9_Ozo-9Sjk1Cf7TsrgWUZcDo_k47lgvJfgQCJMBz81GcC8EQPRPj1AcNid_Jix_w-C63cbmvJpOALKrRNUfui7tsyRKmEeYv9hZntB6aVVUUyqO2Hz6yihUxwWe1rKPaSQdfPPYqr-bjJWBIY9ETB5dN6ECeuu7uveVrTT25sFdIdZsSknJ9_NRRvmv964V8bJ3E4bECZyTifRFaKED1MI4tzpkC_MhusLH4brUa-FlLfnfkEQCTSp3iwUS6BZFBEeYPdR5smXDnrnUh2LjJRpIvhy93Q0lcWw2LBFDUthax53HIugo4Iej60e585mQLvxQTjWnLyJjHRgjScveDrxzgT_Ft9S-aQ8DdiFnh4IL3-rHJqZiwgeWLD7k9IBFA20itvxKYm7UlyBZXhwHuXZZC3WSUNrF47PF2ROvGMRAMSk1R3iNKi4JXJc8b8N-Jwwg4miXVEnJIq5-rU-JooD_GPkcinj2gJh1VAwlYmqrVSZPU2M82PT_RTOqUMwZDMQPs1trSqp4dhChi5DAUYv9c6oriXOTpDS6ApgesNLhbBzdJGsBCH0rMGWxFeZt7Xl75Mhr4kEtBdmnEC6PtZ63wVA1PX--6urPm_uwpnMyh_h2g4RpI0-SLBy4kWEwRNW4qJ8OZQn2RY6BgTEQbgkx5HhyJuqgbhzGq5l5JAnfjma2AitmUpEvPodIR16c-92LOy8EziQUL0nhnRcHePkj-rmiZO-pg-a1vdgISIitg0j-d3DoKsmsASLgQkA3vpH_SDhhJ65frVM7yWNRmAlWwlATNsQ45bWc4KK_BAZUBiELO_R6YrKxtqFRdq64IFn4xSYw0xR85nz4UlbeyNYqeDpcu32HZKGXi-ifb9t4aw2QTrMVqL8uUQG3k6VpLJqWRTd8uDCdABNR5gUn6YOQJ14eTrlTl7xNqkA-xkdX_jba8rhNb5frnaeDpgryO6z2XuRWl3vwvs5FOJMGEhZLC6ZqbI1nnwvdpDDIcCtj5xqBveAGkyoFBM2o2CCm0ZCRUnA64qJ05NTnojhxRgR1CKZadOga4MmGFpNMfKwxqY9fW7lj1dFnCUBfXQOAEHxTed0S8WOQjELFn3qQ-S9pG4_gvKw8aw96-zOw_QbEQ5bZYyeBa9N76gkb6qrxAaJEYdA9x7sjdzEXkloiUXlzDNhbPbFHekAeajOjtdnHtYbrEgWlSWrHcgE4ujCXotwuEmBrvp1db21UlVOeJc9DMIuGDDfGQD7GdmCRwNDoYgbtxTnzdH5QspsDQNYYmv1-a812r3lnlhvJeQrFDCwwoB_M9OBnJ7Xvv1Pj1SuW2bxy6T6zbpFlDzh8KfK0erGzk7e-PB0HTSk5PtA-QqWtjELlkF0YT56QE2b0Z_X1UVce6q7M-wMuZnR5GdYnGrAYS76c0ssSmrw2R8lk72aHwPNY0BqjlBnZ6EVm_eYTe01U5LWIP2jbMNHLWiqYFxm0iE7qcZxBJRekY3CJ-8fyfsDhyazCrsq_ve6dDuW_MYwsxe7nGbbJlPVXz4U6BFxBTTN3YiaYWpRhHqdIWRJnC77o1cGbsQ_bxEHEoMigmAhoI4jUtg4JSYptT_BWRIU5SvFxQAlWfMffKSOWNkjcahChgeYmkVZEVDODsnj_hnMrz1OS3bU1Kl9YmtKxoRtKHlZzGLkAf_SlEkSF4YVkuIDxSqhPANmH6GHQB9RfPXedHzSiix0mWaN1_2aiPqJX2r6GcDGLGHZ2CTdcNHQ_eJL-wBA7-EtDIOrmcXIxD0p0p8LcJRGeBL_ncL5P2SReLS7YGNa_hI2x_2WhxJTlfi-SOAexLecyTp2yw3c-JwThVisNtdJhKsZiSpG1h-DRqCfBHuXApI-2KqrnopQTkALz3svidBYsHIFiYfsUqDZNG1FdU8n6RV8OX_g75B7-7DBIOyXzkgIC4e2SJbCZZY7CMAlUTxxcJIYYn4zENuTceZ4AUAtxKjEfjSNrtMxYRwLs240VkTYvq2PvEICD27k6BOeNASvydF7OoOAAvee_mGLlP8exHUPBvJttxCWcT4NjybuXRrS-l4bvV8bkJOnbaGmdC67SzVrQQVRrHqtZcB1iI90TR4QX4ji-y3juuvLmyY7maG_IJA3YAdGd4y1Y-UPD3La7Bnrsd_sEdHnUWofMWKBu8gGs__pPozEVer4hZ3SG4qB0Qq-Nk6iC6KmFSv9xWuOD8KGwTnkvwTobZjTxlMfpe2ZpLuNiQZ6kmOL3ndmWUNRCv89mXBFSdbibqvBmfF7-vvoQHjXL4MQyrBbtMKLyjxhlxcyok0lzrvUdvHbOpb-Pt4J0vGBJ2crJ6nBsgsX1v8TjVVyMITNF0MeZs1oWXvUxKw5SNYgycw_3VpGEivXt4ecarm9cL3uL25AgF69M62i7rwbLBcZM97y-nV6TnqjqmbboGUBiE2WxmVy06Kdxo8uDYdl-c7lwxhEmyZtwYZieYijrdlBoskmS03E72Sg3jntqucvsAhdrszpemlBbuP8GHCkMNYkeHNQOzRtGHDiHtjLQ4Fke-iwooybK2rUDOAtuPs8bu7HbDAILc5AGCHvHbzrGciC_9aeKw-NKncAnfI2jz1_CR6AZlAY_tMas0JduOxA_9M3hUcJzq4-Y1FB495Igp7ah7UJ31lttlCg3629X_X6stMY3-YuBmH4uBZ3zbWLY3ZbxCBVxSbaQlLbKNCQpn5C4GqHvXmlAxMGu8zz-DEf9SVS9dwUH9sMulmoPeDT3fb49630UV-L32uZtm-RNfoKwLDIAHVFM9bGCdb_o47K08j95BNDYa2evYeo0E4iBHMpKPPWBxniS4LlpM_CPlUPESNyewncV4Nzid_P7WowWC5HuF6fmffTomp9GMUeBURibNcqcxBgOm-euYfUL0uYJeXZT1tCFwAjcTxAudixasSiebSkfl32gDlmNMnN15u-AyJwYar_6iAZeu_qJs98RtvHVGxWY37KA7FotVUJWntsPRjbbrpO0PAw94Vw-rPlRU_gul8TBvMgvOBLhnFyA5O1phbvlNn5kJX4522co7ysyR-WGderXDzdoBzAwqkaCYr27ouv8DsmqjKawqg7kOj8SZ3Z8vZ9wp9T4kpivjSLiORjshA9mhZ8CCBc4y4tIq-90YjDc3KsMr_h_K1W_PbucNw9XUsHl09uS4RHqYRbyOaD2LPikotYOEJRfN4IuBsequBhmNXb7SMdYty2oGjwpd8T2ivJGikIABIl5GhekX4zvPDi-yfPtyUq0_Qlg3qC34c8Eoo2XjHKdMyjUcVghWAB&cry=1
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
73acb571774e5c15d702f41f6b4098f1f2ebee3232e56e860133fbf80c1775cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22480
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-server-name
app02.jp.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0kIx1Bo_O8YjZumzUhabEA-m73FdTkeMKbLwoNsNrkfzQ9E7Vzs9SRjZbLKRHd5q3OqyGrMDVmh-b85-XD4zl7NIFaVv5y0xnpQSuRQAoCZ_4EVQb6reX_1YJySFUC9wuxwpDpnloSCraZ1CbWYdux7CDrEsIn2NMKt1Pimq7GVURx2_O4glgQbnVGvlhx8FsBfiFp9kAUR9R37VZnWdU2kBvpoGsvjGJuKJUBkwjvlOUoaCOazyL19ydhrRsx-KWY1bs05FQnrGei9_zk3aas6GtkfmVxbsNTw_PfmMH_BK_N1EpS3C_kFkfnU9siBlKZmTBxZlFsvP7IVOXUxAR57jKStsarS08O9_Ozo-9Sjk1Cf7TsrgWUZcDo_k47lgvJfgQCJMBz81GcC8EQPRPj1AcNid_Jix_w-C63cbmvJpOALKrRNUfui7tsyRKmEeYv9hZntB6aVVUUyqO2Hz6yihUxwWe1rKPaSQdfPPYqr-bjJWBIY9ETB5dN6ECeuu7uveVrTT25sFdIdZsSknJ9_NRRvmv964V8bJ3E4bECZyTifRFaKED1MI4tzpkC_MhusLH4brUa-FlLfnfkEQCTSp3iwUS6BZFBEeYPdR5smXDnrnUh2LjJRpIvhy93Q0lcWw2LBFDUthax53HIugo4Iej60e585mQLvxQTjWnLyJjHRgjScveDrxzgT_Ft9S-aQ8DdiFnh4IL3-rHJqZiwgeWLD7k9IBFA20itvxKYm7UlyBZXhwHuXZZC3WSUNrF47PF2ROvGMRAMSk1R3iNKi4JXJc8b8N-Jwwg4miXVEnJIq5-rU-JooD_GPkcinj2gJh1VAwlYmqrVSZPU2M82PT_RTOqUMwZDMQPs1trSqp4dhChi5DAUYv9c6oriXOTpDS6ApgesNLhbBzdJGsBCH0rMGWxFeZt7Xl75Mhr4kEtBdmnEC6PtZ63wVA1PX--6urPm_uwpnMyh_h2g4RpI0-SLBy4kWEwRNW4qJ8OZQn2RY6BgTEQbgkx5HhyJuqgbhzGq5l5JAnfjma2AitmUpEvPodIR16c-92LOy8EziQUL0nhnRcHePkj-rmiZO-pg-a1vdgISIitg0j-d3DoKsmsASLgQkA3vpH_SDhhJ65frVM7yWNRmAlWwlATNsQ45bWc4KK_BAZUBiELO_R6YrKxtqFRdq64IFn4xSYw0xR85nz4UlbeyNYqeDpcu32HZKGXi-ifb9t4aw2QTrMVqL8uUQG3k6VpLJqWRTd8uDCdABNR5gUn6YOQJ14eTrlTl7xNqkA-xkdX_jba8rhNb5frnaeDpgryO6z2XuRWl3vwvs5FOJMGEhZLC6ZqbI1nnwvdpDDIcCtj5xqBveAGkyoFBM2o2CCm0ZCRUnA64qJ05NTnojhxRgR1CKZadOga4MmGFpNMfKwxqY9fW7lj1dFnCUBfXQOAEHxTed0S8WOQjELFn3qQ-S9pG4_gvKw8aw96-zOw_QbEQ5bZYyeBa9N76gkb6qrxAaJEYdA9x7sjdzEXkloiUXlzDNhbPbFHekAeajOjtdnHtYbrEgWlSWrHcgE4ujCXotwuEmBrvp1db21UlVOeJc9DMIuGDDfGQD7GdmCRwNDoYgbtxTnzdH5QspsDQNYYmv1-a812r3lnlhvJeQrFDCwwoB_M9OBnJ7Xvv1Pj1SuW2bxy6T6zbpFlDzh8KfK0erGzk7e-PB0HTSk5PtA-QqWtjELlkF0YT56QE2b0Z_X1UVce6q7M-wMuZnR5GdYnGrAYS76c0ssSmrw2R8lk72aHwPNY0BqjlBnZ6EVm_eYTe01U5LWIP2jbMNHLWiqYFxm0iE7qcZxBJRekY3CJ-8fyfsDhyazCrsq_ve6dDuW_MYwsxe7nGbbJlPVXz4U6BFxBTTN3YiaYWpRhHqdIWRJnC77o1cGbsQ_bxEHEoMigmAhoI4jUtg4JSYptT_BWRIU5SvFxQAlWfMffKSOWNkjcahChgeYmkVZEVDODsnj_hnMrz1OS3bU1Kl9YmtKxoRtKHlZzGLkAf_SlEkSF4YVkuIDxSqhPANmH6GHQB9RfPXedHzSiix0mWaN1_2aiPqJX2r6GcDGLGHZ2CTdcNHQ_eJL-wBA7-EtDIOrmcXIxD0p0p8LcJRGeBL_ncL5P2SReLS7YGNa_hI2x_2WhxJTlfi-SOAexLecyTp2yw3c-JwThVisNtdJhKsZiSpG1h-DRqCfBHuXApI-2KqrnopQTkALz3svidBYsHIFiYfsUqDZNG1FdU8n6RV8OX_g75B7-7DBIOyXzkgIC4e2SJbCZZY7CMAlUTxxcJIYYn4zENuTceZ4AUAtxKjEfjSNrtMxYRwLs240VkTYvq2PvEICD27k6BOeNASvydF7OoOAAvee_mGLlP8exHUPBvJttxCWcT4NjybuXRrS-l4bvV8bkJOnbaGmdC67SzVrQQVRrHqtZcB1iI90TR4QX4ji-y3juuvLmyY7maG_IJA3YAdGd4y1Y-UPD3La7Bnrsd_sEdHnUWofMWKBu8gGs__pPozEVer4hZ3SG4qB0Qq-Nk6iC6KmFSv9xWuOD8KGwTnkvwTobZjTxlMfpe2ZpLuNiQZ6kmOL3ndmWUNRCv89mXBFSdbibqvBmfF7-vvoQHjXL4MQyrBbtMKLyjxhlxcyok0lzrvUdvHbOpb-Pt4J0vGBJ2crJ6nBsgsX1v8TjVVyMITNF0MeZs1oWXvUxKw5SNYgycw_3VpGEivXt4ecarm9cL3uL25AgF69M62i7rwbLBcZM97y-nV6TnqjqmbboGUBiE2WxmVy06Kdxo8uDYdl-c7lwxhEmyZtwYZieYijrdlBoskmS03E72Sg3jntqucvsAhdrszpemlBbuP8GHCkMNYkeHNQOzRtGHDiHtjLQ4Fke-iwooybK2rUDOAtuPs8bu7HbDAILc5AGCHvHbzrGciC_9aeKw-NKncAnfI2jz1_CR6AZlAY_tMas0JduOxA_9M3hUcJzq4-Y1FB495Igp7ah7UJ31lttlCg3629X_X6stMY3-YuBmH4uBZ3zbWLY3ZbxCBVxSbaQlLbKNCQpn5C4GqHvXmlAxMGu8zz-DEf9SVS9dwUH9sMulmoPeDT3fb49630UV-L32uZtm-RNfoKwLDIAHVFM9bGCdb_o47K08j95BNDYa2evYeo0E4iBHMpKPPWBxniS4LlpM_CPlUPESNyewncV4Nzid_P7WowWC5HuF6fmffTomp9GMUeBURibNcqcxBgOm-euYfUL0uYJeXZT1tCFwAjcTxAudixasSiebSkfl32gDlmNMnN15u-AyJwYar_6iAZeu_qJs98RtvHVGxWY37KA7FotVUJWntsPRjbbrpO0PAw94Vw-rPlRU_gul8TBvMgvOBLhnFyA5O1phbvlNn5kJX4522co7ysyR-WGderXDzdoBzAwqkaCYr27ouv8DsmqjKawqg7kOj8SZ3Z8vZ9wp9T4kpivjSLiORjshA9mhZ8CCBc4y4tIq-90YjDc3KsMr_h_K1W_PbucNw9XUsHl09uS4RHqYRbyOaD2LPikotYOEJRfN4IuBsequBhmNXb7SMdYty2oGjwpd8T2ivJGikIABIl5GhekX4zvPDi-yfPtyUq0_Qlg3qC34c8Eoo2XjHKdMyjUcVghWAB&cry=1
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 28C1 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c4:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:49:22 GMT
content-encoding
gzip
age
485126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 b37bef2041652ba1d4a26e5e191fdc70.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
SFO5-C1
content-type
application/javascript
x-amz-cf-id
4iZETUK2FdgL_OtxQ-1sIlo2pHjBSOqM5Z2Mx9LQCF4F91KnpJV_gQ==
1
servicer.mgid.com/1122452/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122452/1?pv=5&cbuster=1660088086634806577977&uniqId=0b283&lct=1658102400&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=780&h=274&maxw_3=252&maxh_3=224&cols=3&ref=&cxurl=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&lu=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&sessionId=62f2ef16-16837&pageView=1&pvid=18284f5efde969bff48&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13fbef868d59608ed7991d4cfbaaa8fa8b5c23705c9151de7c1a9f95949f53bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
73844ded7a6c204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1122452/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122452/1?mp4=1&ap=1&w=780&h=274&maxw_3=252&maxh_3=224&cols=3&pv=5&cbuster=1660088086635835028105&uniqId=10fe9&lct=1658102400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&lu=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&sessionId=62f2ef16-16837&pageView=0&pvid=18284f5efde969bff48&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81861539f51c4904fd2e74230fb9aadf2445f7372b61406101ef0cdc5ef29287

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
73844ded7a70204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7O0v,pingTime:-3,time:54,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7O0w,pingTime:-6,time:55,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:ja.whitefieldfarm.org*&br=c
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 7335 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 00:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
342895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Aug 2023 00:19:51 GMT
dvbs_src_internal107.js
cdn.doubleverify.com/ Frame EC3F 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115846&plc=4181641&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gwIjPq14Qgj9oiZvP-uyjc&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32323016&DVP_DBM_4=209882534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=917300748424&turl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 14:27:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0f7cd18d7cd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18120
1
servicer.mgid.com/1122452/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122452/1?mp4=1&ap=1&w=780&h=274&maxw_3=252&maxh_3=224&cols=3&pv=5&cbuster=1660088086650624114520&uniqId=16990&lct=1658102400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&lu=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&sessionId=62f2ef16-16837&pageView=0&pvid=18284f5efde969bff48&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a0a40126f07091df697ced05289afff8e8a5bdd9ee1cf7cca767ba65f39fe3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
73844ded8a7c204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7O0J,pingTime:-2,time:68,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:382,beZ:383,mfA:385,cmA:386,inA:386,inZ:390,prA:390,prZ:397,si:404,poA:405,poZ:423,cmZ:423,mfZ:423,loA:436,loZ:439,ltA:449,ltZ:449%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:44,readyFired:false%7D&br=c
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1
servicer.mgid.com/1122449/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122449/1?mp4=1&ap=1&w=780&h=4513&maxw_7=336&maxh_7=279&ident_p=true&cols=1&pv=5&cbuster=1660088086654782005777&uniqId=0414e&lct=1658102400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&lu=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&sessionId=62f2ef16-16837&pageView=0&pvid=18284f5efde969bff48&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122449.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f82334a8ed3f147188fb2d0440fe44d07dbc7b225865e139efed3972264019b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
73844ded9a7e204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1305780.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQZ016TJQM3CQAQ
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844ded9e1c2079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1305780.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
6569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844ded9e1d2079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
a969589ff81b3fc225b612adcd1c6fdf1d05d81f9899a7b83027b78f83896eca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
verify.js
rtb0.doubleverify.com/ Frame EC3F 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_478724681951&jsTagObjCallback=__tagObject_callback_478724681951&num=6&ctx=1828362&cmp=115846&plc=4181641&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=478724681951&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=104&bridua=3&dup=null&turl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gwIjPq14Qgj9oiZvP-uyjc&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32323016&DVP_DBM_4=209882534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=917300748424&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8Tar9EEADTbpTauTau_hc4efd7724ab_64bc7%60faaa2ac56ecc%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8Tau492%3F86%5CD%3D24%3CD%5C5672F%3DE%5C3C%40HD6C%5C49C%40%3E6%5C7%3AC67%40I%5CD272C%3A%5C_%60hgc_a%5Cbgec&dvp_exetime=4.50&callbackName=__verify_callback_478724681951
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
1a5abb3b5038bd2565021218f2b88d8990f2e6285160778582a2300b8aaabcb5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:47 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
0
Expires
08/08/2022 23:34:47
1
servicer.mgid.com/1305780/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1305780/1?mp4=1&ap=1&w=780&h=0&wrongImageSize=1&cols=1&pv=5&cbuster=1660088086709762639984&uniqId=15de9&lct=1658102400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&lu=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&sessionId=62f2ef16-16837&pageView=0&pvid=18284f5efde969bff48&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1305780.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02624bd72d952430302ced79bd9e7991a503024d1c9b054353255ba970ab96e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
73844dedeab6204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQZ016TJQM3CQAQ
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844dee1ec72079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
6569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844dee1ec82079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvNWNjN...
s-img.mgid.com/g/13268984/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13268984/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvNWNjNzlkYTk0ZjIzMDZhMWM1Y2M3N2EyZWRhMzdlNWMuanBlZw.webp?v=1660088086-j4WWKgGxt2rd9wDFT_TK9HxYC4jmvlaGOSSsS_ywlDo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a973a7aa9531456f7a0c043f5c144e71733aa7a300df1954d23d2a1e00c887

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Jun 2022 11:45:24 GMT
x-mg-request-uuid
dbc9604f-bedf-4314-9fde-4c66608bbad3
age
4707482
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee3e1f2083-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14314
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc.webp
s-img.mgid.com/g/8193534/492x277/0x124x788x443/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193534/492x277/0x124x788x443/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc.webp?v=1660088086-i4cCJbkQKHosX0J-fOwgkGM7xzJ7pfhwuW9UsxHmTTM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2012672f6ec3b497cb4d30d45f6555e299a16c20a152fb95ccad6bd1bf02dc9

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:30:17 GMT
x-mg-request-uuid
7e18505b-dd5f-48b1-9e22-bb0e9b75d07e
age
2467732
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee3e202083-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8900
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzM0NDEyOTg1Y2NjOTY3YmUzZTA3MDBkZDBlZWMwNjcxLmpwZWc.webp
s-img.mgid.com/g/3805634/492x277/0x32x594x334/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805634/492x277/0x32x594x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzM0NDEyOTg1Y2NjOTY3YmUzZTA3MDBkZDBlZWMwNjcxLmpwZWc.webp?v=1660088086-20uZaH274twruPI1eRvLTiQXo-jCbNy1u_hEtk2nkq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2816c4b7db98789ff234ce74e26c93f64bcefbb8fe940198ce98ee680fd3bd07

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:26 GMT
x-mg-request-uuid
6dd1f2f7-6605-4d1b-8555-c45d67f2da55
age
2465342
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee3e212083-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14120
server
cloudflare
i.js
cm.mgid.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1660088086761659436562
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63210ee7345c648e3c4ba07138b8b1c1e5c4148fad409d8e03fa3ebc30d9e879

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844dee4af0204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame B468 		0
36 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1660088086778611864131
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844dee5afe204a-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQZ016TJQM3CQAQ
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844dee6f282079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1122452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
6569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844dee6f292079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjgvMTAxOTI0L2NkYzRlZTNmNDM2YmU3M2U3OTFiMDI1NWNkMDAxOTNjLmpwZw.webp
s-img.mgid.com/g/3805457/492x277/0x0x492x277/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805457/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjgvMTAxOTI0L2NkYzRlZTNmNDM2YmU3M2U3OTFiMDI1NWNkMDAxOTNjLmpwZw.webp?v=1660088086-9cI9cm3jzIdSiOObRVDC4rs8jKOjtJc_56y5t8dVe4U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4843043d9a96f090948b52a4067782773900e5dba4d25863f9dc382930b074

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Jul 2022 06:45:18 GMT
x-mg-request-uuid
9a35f17c-e04f-4149-9243-940666f819ee
age
2385006
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a7b80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11278
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvNjY4M...
s-img.mgid.com/g/13268971/492x277/-/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13268971/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvNjY4MDJiMDI2ZTE1OGVkZjEyNzFhNjgwN2IyMDJhZjMucG5n.webp?v=1660088086-8F1VVFyJjC6K7MDDvJBZufwCo8Qnz4IRGMGNApKMmKE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f6aaa20663a8d3b40293f99ff06d53ff9a901d4282becf40bb73824a307b2b

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Jun 2022 11:45:06 GMT
x-mg-request-uuid
198dd533-d2ed-4340-9d4a-67c0f45819bc
age
4707762
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a7980ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5260
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0LzNjNjFiYThmYjI3YjA2NGJiOTNjZjJkZjYzN2MxNmNmLmpwZWc.webp
s-img.mgid.com/g/3805628/492x277/0x0x952x535/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805628/492x277/0x0x952x535/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0LzNjNjFiYThmYjI3YjA2NGJiOTNjZjJkZjYzN2MxNmNmLmpwZWc.webp?v=1660088086-xIEKJ-ffXLejf2RMVTrDN6-NHLmSFeN8pns1GL_00sw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b627af885611afd4c78f288d48373186a444993b8240d44fc4bcc82e559b7caa

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:23 GMT
x-mg-request-uuid
b8741975-0df2-4106-85f4-7545e75abe09
age
2462432
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a7880ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11492
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2E3MzljNmFkNmQxMTQxOGJjNTUzOGIwOWJlN2M5MzE1LmpwZw.webp
s-img.mgid.com/g/3805561/492x277/0x0x0x0/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805561/492x277/0x0x0x0/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2E3MzljNmFkNmQxMTQxOGJjNTUzOGIwOWJlN2M5MzE1LmpwZw.webp?v=1660088086-bPqmJlhB_t-bNjtV6Qy2kXaRKoxt9i7EBE8ARFi2jYk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2850233ba3860983b553e2e618ba8d4975f787aca0e2eab9350fb594e7339119

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 09:58:30 GMT
x-mg-request-uuid
4817a9e9-d0b1-46e7-9e74-a0a523bbbd73
age
2112309
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a7d80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9308
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzJhNDVlNTI1OGQ5YjViMmJjNDcyZTRhMzI2ZGVjY2Y3LmpwZWc.webp
s-img.mgid.com/g/3866395/492x277/0x0x0x0/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3866395/492x277/0x0x0x0/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzJhNDVlNTI1OGQ5YjViMmJjNDcyZTRhMzI2ZGVjY2Y3LmpwZWc.webp?v=1660088086-KQjCKylrVswp_mzH-ceFhzZ8W0qPPV_4zCTfn9flxLI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86a8687bc1e03e605eb42b4744656fe2e6b8e7fe44383dd66dbfbeb575a1561

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 10:01:08 GMT
x-mg-request-uuid
79fd2e74-5cee-40a3-90d4-0784d1eabb7a
age
2456784
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a7f80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25492
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvYmQ1O...
s-img.mgid.com/g/13268963/492x277/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13268963/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvYmQ1OTc2Mjg2NmJkMjA2YzBlMGIzYTVkMmNkMDU2OWIuanBlZw.webp?v=1660088086-ZIxzDe0PSfsHr_wIHY2PTbOi06QKwrnVK5SfbLtnd0o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a469505c40cb7c2baf734dea5e4b8ff06d743483b824bedf66eff2e647d740

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Jun 2022 11:47:42 GMT
x-mg-request-uuid
406554d6-1b20-4f0e-a1c2-4e6ff39affea
age
4707266
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a8180ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13494
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2ZlM2I2NDMwZjZmMGE2YThjYmFhYjM0ZjZjNzBkZTI0LmpwZWc.webp
s-img.mgid.com/g/8052385/492x277/135x0x863x485/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052385/492x277/135x0x863x485/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0L2ZlM2I2NDMwZjZmMGE2YThjYmFhYjM0ZjZjNzBkZTI0LmpwZWc.webp?v=1660088086-8_jcY0SVBlhyB4isSAD5YNOpdCbFsTXrg61fUpIBCUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc35c21e8d304042ac4e9fdb53911115e4e5bacb2b251ad80fb7cf375e785cd7

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:33 GMT
x-mg-request-uuid
cc3f72b1-a6bd-46c1-8469-65c492e9dc1e
age
2467609
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a9180ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7666
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjM3LHlfMjAyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC9jNzExY...
s-img.mgid.com/g/12578203/492x277/-/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578203/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjM3LHlfMjAyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAxLzEwMTkyNC9jNzExYzliNmI2OGUzZDhlMjQ2NjFlZDc0MGM3YjViMi5qcGVn.webp?v=1660088086-P37mexo3-JMTKRUwFnDXaqZYG-aQp3i8vX0u4PQxvIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a154eb01762076ab27f8f38f4afc734ff8bb401a9ae4ab708b413bd259ff3af8

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 06:53:23 GMT
x-mg-request-uuid
d6ca1be8-9811-4c18-9b7b-7f631800636b
age
7916861
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a9a80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9606
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMTMvMTAxOTI0LzViYTFmYTdkMmIwOGM2YWI2OGQzOWYzNDkwNWM0NTQ5LmpwZw.webp
s-img.mgid.com/g/3805446/492x277/0x56x1369x770/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805446/492x277/0x56x1369x770/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMTMvMTAxOTI0LzViYTFmYTdkMmIwOGM2YWI2OGQzOWYzNDkwNWM0NTQ5LmpwZw.webp?v=1660088086-dAF7HUQKIwpIGDqUw1J4NkW4OhIZjFv8eBcp5YG_rFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c5aaea878c5ce45b806e64e7298005d6e3733c246409daf4b54094949fcd2e

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:10 GMT
x-mg-request-uuid
760052cb-a149-4e4b-9441-2234ef8f81d9
age
2384895
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a9c80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7986
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDgyLHlfNDQ4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC81YmYxM...
s-img.mgid.com/g/10881049/492x277/-/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881049/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDgyLHlfNDQ4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC81YmYxMmRkYTYyN2YyNWU2NDM3NDU3NzRlZDBjNTFmZi5qcGc.webp?v=1660088086-I19rAMLZw3tflkLQ6ISovg0WWeHv4V0Z62l8cmDoMZo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99185e7f650e6050a018a4e3b33a0eaee5a29a0d82677be51791be31c910a42e

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:49:28 GMT
x-mg-request-uuid
e83b5089-dfb9-471b-aef4-6911429cbc92
age
7704822
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a9e80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21944
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNGM4ODM3MjI4ZGEwZDE3Z...
s-img.mgid.com/g/12068046/492x277/-/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12068046/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNGM4ODM3MjI4ZGEwZDE3ZTE5MTE2MzM2YjNkNjA5NjguanBlZw.webp?v=1660088086-5beCF-CPYDZ5aajiO6AshJCeZfcTLBn3753nCeOxeWk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c5b1b621d142848c268a045165bd453dfbba25bbda05c8406bbc39c2e09b42a

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 14:12:58 GMT
x-mg-request-uuid
ae967962-b6ec-44a4-a029-82656c630441
age
7912888
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7a9f80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28886
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xNzU2ODUvN2QyZ...
s-img.mgid.com/g/13275061/492x277/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13275061/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xNzU2ODUvN2QyZWM0ODRhNmRjZDcxNjNjNWM1YWIyZDBjZjhiZjkuanBn.webp?v=1660088086-RFokL6RQqw9hWTy9Ka63SxpP4oFUPIe-U04Bvf3X3To
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec5b0f44b50e06bd3aa0a97e2fe26482149abcb11ce8bb487b8c9f6030071cf1

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 00:14:53 GMT
x-mg-request-uuid
78bbd2f9-5153-49ed-98a5-57453cc620e3
age
4662560
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa080ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9828
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.mgid.com/g/8193521/492x277/0x168x565x318/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193521/492x277/0x168x565x318/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1660088086-mxF4HWCFzwM3hWkSvxTNLhtgTpAQUwe9cZK2frLxk-E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354f855ea5325a5e54ae49175da8c615ec8e1f1998974db7e003acc0dbb05295

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Jul 2022 06:45:04 GMT
x-mg-request-uuid
f0074a02-c244-4fdf-846a-6f43abc03802
age
2385502
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa180ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10760
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzRiOTk1NjAzMzM5MzBiNDYzZjUwZjU4MjJjOTViZWUzLmpwZWc.webp
s-img.mgid.com/g/12578197/492x277/0x16x565x318/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578197/492x277/0x16x565x318/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzRiOTk1NjAzMzM5MzBiNDYzZjUwZjU4MjJjOTViZWUzLmpwZWc.webp?v=1660088086-8Omn_o9PiLQDgtGeNK_6efnAbmN4yIAFTt6NX8sRWdI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa6f57fc1512e6edf0f8cbef9b14486ed3bc8f424cf78675f1fbcd989e3cb6e

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:14 GMT
x-mg-request-uuid
9205ac1d-199a-427b-884d-4f246da22464
age
2392741
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa280ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15076
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4NTMxYzQzYzAyN2M2MWNlNTNiMTliOWMwZWI4OTAwLmpwZWc.webp
s-img.mgid.com/g/3901243/492x277/0x0x501x282/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3901243/492x277/0x0x501x282/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4NTMxYzQzYzAyN2M2MWNlNTNiMTliOWMwZWI4OTAwLmpwZWc.webp?v=1660088086-j1OPykv_DTqCOdtoZIk2dRwYbV9v75tEZdN2X5bu-as
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d28f7b90acda6645d0bdc4ac0941ef73d48a77bf0b7e2e3dd491ad76820fde4

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:31:24 GMT
x-mg-request-uuid
308daf6e-a1e3-49ea-964b-295221c24f95
age
2467930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa380ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13610
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNmExMzAwYzJkMGU0MjQxN...
s-img.mgid.com/g/12578192/492x277/-/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578192/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNmExMzAwYzJkMGU0MjQxNTE1Y2YzMGYyOTNmZjViYjIuanBlZw.webp?v=1660088086-Pwj-5KwrFeyTlvEVwQ3g-QEsrHql0x5qeFPv0ocx5yM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80680a0cc000c57b92cf516ab83073867ba502b699143c1958f0ef3d574ac618

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 06:54:47 GMT
x-mg-request-uuid
f63024c6-a44e-4b09-bde0-092cd7eb06e4
age
7706645
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa480ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvYmY5ODdmMjI3MzFkZDEwM...
s-img.mgid.com/g/12578216/492x277/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578216/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvYmY5ODdmMjI3MzFkZDEwMmY0MjhjODVkYzliMjdiNzYucG5n.webp?v=1660088086-gZ4A-SwKjCuJkskb7mq_An98F30qew56WKSovyondbQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e54b6da03221b58355de51049877347487845fd71e5d560d175c473f343b38d

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 06:53:53 GMT
x-mg-request-uuid
889e15cc-67b5-45e4-b32c-897739019798
age
7710408
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa680ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8760
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x563/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x563/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1660088086-z47S54kz7ttaX4bdmKBpFHEfshk0krvV7ATudLlgYno
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a75b6a3153f0ffdb7bc4e230463cddfb47bcbd844ef486458ec09c1a370dfa0

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:18 GMT
x-mg-request-uuid
196e2660-9101-4655-9482-ecd1b3c65512
age
2467559
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa780ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19440
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE1MTA5NWJkOGNiNWVmMzhhNzg2OTEwYTdlZWM3MTcwLmpwZWc.webp
s-img.mgid.com/g/4021004/492x277/0x0x535x301/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4021004/492x277/0x0x535x301/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE1MTA5NWJkOGNiNWVmMzhhNzg2OTEwYTdlZWM3MTcwLmpwZWc.webp?v=1660088086-F86t6dujwoLWZt_QpO2MHm0A4v4Zm8HU9YnflQ1V0q0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bfccadd27bf1b29a2cf5e173e0b4c31288f3188b3f23f7c75d19cc49cf88ccf

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:46 GMT
x-mg-request-uuid
ba302511-0a59-403f-84de-929d7666d247
age
2467942
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa880ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26192
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvYmQ1N...
s-img.mgid.com/g/13404739/492x277/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13404739/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvYmQ1Nzg2OGViM2ZmMDk0ZWIzNWNjYWY5ZTE2YjQzNTQuanBlZw.webp?v=1660088086-TWEL2es_RbMAT9Njs7Q3gqaHVZiRWYZj_6UOsmgbBCY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cff52f24eb90ebd0d726764eaca43cc2435bb027f22c72608d3aed90b21630

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Jul 2022 07:16:42 GMT
x-mg-request-uuid
04e3df13-9cfb-4864-b1c3-a14f4cce4916
age
3426863
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aa980ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9194
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp
s-img.mgid.com/g/8164910/492x277/0x9x612x344/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164910/492x277/0x9x612x344/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2YwOGJiYTYyZTZiNTczY2MzZThhMzY1ZTUyMjU2ZWQ0LmpwZWc.webp?v=1660088086-CfmbmknKNrFjEl_o-5a8h5JGHkmJ6R9YHHT1TXYJyO0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e253cf7acddf63a5c639b4e2678871aa7b51bbf1d63f415c8d7b93b98b57e94

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 08:29:09 GMT
x-mg-request-uuid
fe373280-14d3-4b39-aca4-a44bc0e276e6
age
2467652
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844dee7aaa80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13302
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7335 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOfyJFu_yYoblHNSD8AK8gpy4BwAAAAA4AeAEAg&bg=!hoWlhcHNAAZGjrx1Zo47ACkAdvg8Wq8nBHfegaz3Od5nTRE4ofWD3wvXixoVqFmSVff8BnuFK6s-9AIAAABkUgAAAAJoAQeZAz9ngcIA7mr6WcmPcFKIXJXzP9wVPlHRWuSd7fRhybi9V0tubN-5aYO80-lkm2Yiow-5CrppcRhMwY1G5RfiQ-ZFOICcpsgT1WNic4_me0a2C47LsAMJqD1y18vLagRdYSBVDfw_kz-ZdMap3ZZkJTthUjd3XyqyTcakCUAGMkFaUAQPrcPA7654SmyH2lE93AyypDRPtVCHdPeOuAN2Wv3yQWlziTXsrflfLhA8i7eVoOaAwX_ESxPUsS0XhvonUC6dyB423H4tLq-kUclRLtC8kMz845aLSBTzqM8-oImde2IScxNyG9K0UwGg0TZK-Ztre_cyPirPo_6g2uxfiwT2PtHlJ_3bw3z3fm_livmkABd7_m4_K2Hse5eUGu04fpTuKj8JR1-C2shrvsk3y5Q6pX0EeMWohyss_qM7GWeKupjCyDgA9x6WZlhgHzIXXADbNseS6iZCEnvK1H6HhFaEwlQbFjkbj0tz0c4LjHZunNQ3IcA5OSHLJSCED2t7S9YGe-wTPtMPeYUB1-b1DHHV8r1WHR-RIB34hcL8F0m4YOdeyxHFLNpRQW7M_TVuOhmZMCFGY46j7X4XIDgtcbCXKG0ASNGZl2pbHyOC0d07DNthikPW2_nG8GTgV07NcDj5Q7iWHMAPNUH_KrNg5F2tqdLrySQpPkMZ6vxUoNblNezgaupYkQOE9EJUfR03h0Qr3ghnmfHD4QBdZkfjFlvzWi7H-O3YPjcj4nD_LrSfC1nSwp5dE_y7iSlyy9U6bvHitIi4t-tAURITFmxgVprk9-nlr-2807NhTI6gfJnTxkRV_KKeHgm-CAWB4rD5aGUUPUewsrfSufWQlEV0rHrlDfwX07m6w2w5pirHBmIOCvl5Pu_tzWF_HXcTUSFaYAqJ3UvULzeXqAWqdWpGOit2ybV7drfDHl9vYKWXCytvIiTz0oyhrH-tUEwVU8c3t0g6Uh5VVJyrPRpgZqm4AFeH--BWa_AJjHeH5zTlgSKZAoQvNdlIkPIKmfQEAS_72VfLn1IDpFBWqBVrhvmLEw_fEpUdqPCaFntwI75NhcV95541ZLNH87eZaOCGbSeLS0mgkDElu5b72uyWwicaiKY
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget-ssp-performance
c.mgid.com/ 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844deeaf712079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1305780.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQZ016TJQM3CQAQ
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844deebf782079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/i/wikicell.org.1305780.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
cf-cache-status
HIT
age
6569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BQQP2P0ZGAY0CMXJ
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
73844deebf7a2079-NRT
expires
Wed, 10 Aug 2022 23:34:46 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C31C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Origin
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 23:16:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame C31C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1082138/64281289/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0kIx1Bo_O8YjZumzUhabEA-m73FdTkeMKbLwoNsNrkfzQ9E7Vzs9SRjZbLKRHd5q3OqyGrMDVmh-b85-XD4zl7NIFaVv5y0xnpQSuRQAoCZ_4EVQb6reX_1YJySFUC9wuxwpDpnloSCraZ1CbWYdux7CDrEsIn2NMKt1Pimq7GVURx2_O4glgQbnVGvlhx8FsBfiFp9kAUR9R37VZnWdU2kBvpoGsvjGJuKJUBkwjvlOUoaCOazyL19ydhrRsx-KWY1bs05FQnrGei9_zk3aas6GtkfmVxbsNTw_PfmMH_BK_N1EpS3C_kFkfnU9siBlKZmTBxZlFsvP7IVOXUxAR57jKStsarS08O9_Ozo-9Sjk1Cf7TsrgWUZcDo_k47lgvJfgQCJMBz81GcC8EQPRPj1AcNid_Jix_w-C63cbmvJpOALKrRNUfui7tsyRKmEeYv9hZntB6aVVUUyqO2Hz6yihUxwWe1rKPaSQdfPPYqr-bjJWBIY9ETB5dN6ECeuu7uveVrTT25sFdIdZsSknJ9_NRRvmv964V8bJ3E4bECZyTifRFaKED1MI4tzpkC_MhusLH4brUa-FlLfnfkEQCTSp3iwUS6BZFBEeYPdR5smXDnrnUh2LjJRpIvhy93Q0lcWw2LBFDUthax53HIugo4Iej60e585mQLvxQTjWnLyJjHRgjScveDrxzgT_Ft9S-aQ8DdiFnh4IL3-rHJqZiwgeWLD7k9IBFA20itvxKYm7UlyBZXhwHuXZZC3WSUNrF47PF2ROvGMRAMSk1R3iNKi4JXJc8b8N-Jwwg4miXVEnJIq5-rU-JooD_GPkcinj2gJh1VAwlYmqrVSZPU2M82PT_RTOqUMwZDMQPs1trSqp4dhChi5DAUYv9c6oriXOTpDS6ApgesNLhbBzdJGsBCH0rMGWxFeZt7Xl75Mhr4kEtBdmnEC6PtZ63wVA1PX--6urPm_uwpnMyh_h2g4RpI0-SLBy4kWEwRNW4qJ8OZQn2RY6BgTEQbgkx5HhyJuqgbhzGq5l5JAnfjma2AitmUpEvPodIR16c-92LOy8EziQUL0nhnRcHePkj-rmiZO-pg-a1vdgISIitg0j-d3DoKsmsASLgQkA3vpH_SDhhJ65frVM7yWNRmAlWwlATNsQ45bWc4KK_BAZUBiELO_R6YrKxtqFRdq64IFn4xSYw0xR85nz4UlbeyNYqeDpcu32HZKGXi-ifb9t4aw2QTrMVqL8uUQG3k6VpLJqWRTd8uDCdABNR5gUn6YOQJ14eTrlTl7xNqkA-xkdX_jba8rhNb5frnaeDpgryO6z2XuRWl3vwvs5FOJMGEhZLC6ZqbI1nnwvdpDDIcCtj5xqBveAGkyoFBM2o2CCm0ZCRUnA64qJ05NTnojhxRgR1CKZadOga4MmGFpNMfKwxqY9fW7lj1dFnCUBfXQOAEHxTed0S8WOQjELFn3qQ-S9pG4_gvKw8aw96-zOw_QbEQ5bZYyeBa9N76gkb6qrxAaJEYdA9x7sjdzEXkloiUXlzDNhbPbFHekAeajOjtdnHtYbrEgWlSWrHcgE4ujCXotwuEmBrvp1db21UlVOeJc9DMIuGDDfGQD7GdmCRwNDoYgbtxTnzdH5QspsDQNYYmv1-a812r3lnlhvJeQrFDCwwoB_M9OBnJ7Xvv1Pj1SuW2bxy6T6zbpFlDzh8KfK0erGzk7e-PB0HTSk5PtA-QqWtjELlkF0YT56QE2b0Z_X1UVce6q7M-wMuZnR5GdYnGrAYS76c0ssSmrw2R8lk72aHwPNY0BqjlBnZ6EVm_eYTe01U5LWIP2jbMNHLWiqYFxm0iE7qcZxBJRekY3CJ-8fyfsDhyazCrsq_ve6dDuW_MYwsxe7nGbbJlPVXz4U6BFxBTTN3YiaYWpRhHqdIWRJnC77o1cGbsQ_bxEHEoMigmAhoI4jUtg4JSYptT_BWRIU5SvFxQAlWfMffKSOWNkjcahChgeYmkVZEVDODsnj_hnMrz1OS3bU1Kl9YmtKxoRtKHlZzGLkAf_SlEkSF4YVkuIDxSqhPANmH6GHQB9RfPXedHzSiix0mWaN1_2aiPqJX2r6GcDGLGHZ2CTdcNHQ_eJL-wBA7-EtDIOrmcXIxD0p0p8LcJRGeBL_ncL5P2SReLS7YGNa_hI2x_2WhxJTlfi-SOAexLecyTp2yw3c-JwThVisNtdJhKsZiSpG1h-DRqCfBHuXApI-2KqrnopQTkALz3svidBYsHIFiYfsUqDZNG1FdU8n6RV8OX_g75B7-7DBIOyXzkgIC4e2SJbCZZY7CMAlUTxxcJIYYn4zENuTceZ4AUAtxKjEfjSNrtMxYRwLs240VkTYvq2PvEICD27k6BOeNASvydF7OoOAAvee_mGLlP8exHUPBvJttxCWcT4NjybuXRrS-l4bvV8bkJOnbaGmdC67SzVrQQVRrHqtZcB1iI90TR4QX4ji-y3juuvLmyY7maG_IJA3YAdGd4y1Y-UPD3La7Bnrsd_sEdHnUWofMWKBu8gGs__pPozEVer4hZ3SG4qB0Qq-Nk6iC6KmFSv9xWuOD8KGwTnkvwTobZjTxlMfpe2ZpLuNiQZ6kmOL3ndmWUNRCv89mXBFSdbibqvBmfF7-vvoQHjXL4MQyrBbtMKLyjxhlxcyok0lzrvUdvHbOpb-Pt4J0vGBJ2crJ6nBsgsX1v8TjVVyMITNF0MeZs1oWXvUxKw5SNYgycw_3VpGEivXt4ecarm9cL3uL25AgF69M62i7rwbLBcZM97y-nV6TnqjqmbboGUBiE2WxmVy06Kdxo8uDYdl-c7lwxhEmyZtwYZieYijrdlBoskmS03E72Sg3jntqucvsAhdrszpemlBbuP8GHCkMNYkeHNQOzRtGHDiHtjLQ4Fke-iwooybK2rUDOAtuPs8bu7HbDAILc5AGCHvHbzrGciC_9aeKw-NKncAnfI2jz1_CR6AZlAY_tMas0JduOxA_9M3hUcJzq4-Y1FB495Igp7ah7UJ31lttlCg3629X_X6stMY3-YuBmH4uBZ3zbWLY3ZbxCBVxSbaQlLbKNCQpn5C4GqHvXmlAxMGu8zz-DEf9SVS9dwUH9sMulmoPeDT3fb49630UV-L32uZtm-RNfoKwLDIAHVFM9bGCdb_o47K08j95BNDYa2evYeo0E4iBHMpKPPWBxniS4LlpM_CPlUPESNyewncV4Nzid_P7WowWC5HuF6fmffTomp9GMUeBURibNcqcxBgOm-euYfUL0uYJeXZT1tCFwAjcTxAudixasSiebSkfl32gDlmNMnN15u-AyJwYar_6iAZeu_qJs98RtvHVGxWY37KA7FotVUJWntsPRjbbrpO0PAw94Vw-rPlRU_gul8TBvMgvOBLhnFyA5O1phbvlNn5kJX4522co7ysyR-WGderXDzdoBzAwqkaCYr27ouv8DsmqjKawqg7kOj8SZ3Z8vZ9wp9T4kpivjSLiORjshA9mhZ8CCBc4y4tIq-90YjDc3KsMr_h_K1W_PbucNw9XUsHl09uS4RHqYRbyOaD2LPikotYOEJRfN4IuBsequBhmNXb7SMdYty2oGjwpd8T2ivJGikIABIl5GhekX4zvPDi-yfPtyUq0_Qlg3qC34c8Eoo2XjHKdMyjUcVghWAB&cry=1&ias_dspID=3&ias_campId=28762859&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=17328609328&bidurl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0girGZE3tH35ugv8I1SC-Du&adsafe_url=https%3A%2F%2Fja.whitefieldfarm.org%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d08d24de-e4df-01cc-7f0f-11bbf92da577,c:kQ7NZZ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-85dcc8dbbc-l2xgk,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:23,oid:da745ef1-183b-11ed-8f3a-c6777a4d98a6,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:29:24 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame C31C 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1082138/64281289/xbbe/creative/adj?p=APEucNU2Jh7uBz2IlDB7haaTelKgBUwQiutXoxyDPKhYOS2Waj4RBds&d=CokBAKAmf-BgvEEZi3PW7x0aYXA7Ua7jpuw7FuHvpwP4rAPoRqmDFY7rOBOciRN8UW8Q94oCbH7Gu10Va55HtJ_k0kIx1Bo_O8YjZumzUhabEA-m73FdTkeMKbLwoNsNrkfzQ9E7Vzs9SRjZbLKRHd5q3OqyGrMDVmh-b85-XD4zl7NIFaVv5y0xnpQSuRQAoCZ_4EVQb6reX_1YJySFUC9wuxwpDpnloSCraZ1CbWYdux7CDrEsIn2NMKt1Pimq7GVURx2_O4glgQbnVGvlhx8FsBfiFp9kAUR9R37VZnWdU2kBvpoGsvjGJuKJUBkwjvlOUoaCOazyL19ydhrRsx-KWY1bs05FQnrGei9_zk3aas6GtkfmVxbsNTw_PfmMH_BK_N1EpS3C_kFkfnU9siBlKZmTBxZlFsvP7IVOXUxAR57jKStsarS08O9_Ozo-9Sjk1Cf7TsrgWUZcDo_k47lgvJfgQCJMBz81GcC8EQPRPj1AcNid_Jix_w-C63cbmvJpOALKrRNUfui7tsyRKmEeYv9hZntB6aVVUUyqO2Hz6yihUxwWe1rKPaSQdfPPYqr-bjJWBIY9ETB5dN6ECeuu7uveVrTT25sFdIdZsSknJ9_NRRvmv964V8bJ3E4bECZyTifRFaKED1MI4tzpkC_MhusLH4brUa-FlLfnfkEQCTSp3iwUS6BZFBEeYPdR5smXDnrnUh2LjJRpIvhy93Q0lcWw2LBFDUthax53HIugo4Iej60e585mQLvxQTjWnLyJjHRgjScveDrxzgT_Ft9S-aQ8DdiFnh4IL3-rHJqZiwgeWLD7k9IBFA20itvxKYm7UlyBZXhwHuXZZC3WSUNrF47PF2ROvGMRAMSk1R3iNKi4JXJc8b8N-Jwwg4miXVEnJIq5-rU-JooD_GPkcinj2gJh1VAwlYmqrVSZPU2M82PT_RTOqUMwZDMQPs1trSqp4dhChi5DAUYv9c6oriXOTpDS6ApgesNLhbBzdJGsBCH0rMGWxFeZt7Xl75Mhr4kEtBdmnEC6PtZ63wVA1PX--6urPm_uwpnMyh_h2g4RpI0-SLBy4kWEwRNW4qJ8OZQn2RY6BgTEQbgkx5HhyJuqgbhzGq5l5JAnfjma2AitmUpEvPodIR16c-92LOy8EziQUL0nhnRcHePkj-rmiZO-pg-a1vdgISIitg0j-d3DoKsmsASLgQkA3vpH_SDhhJ65frVM7yWNRmAlWwlATNsQ45bWc4KK_BAZUBiELO_R6YrKxtqFRdq64IFn4xSYw0xR85nz4UlbeyNYqeDpcu32HZKGXi-ifb9t4aw2QTrMVqL8uUQG3k6VpLJqWRTd8uDCdABNR5gUn6YOQJ14eTrlTl7xNqkA-xkdX_jba8rhNb5frnaeDpgryO6z2XuRWl3vwvs5FOJMGEhZLC6ZqbI1nnwvdpDDIcCtj5xqBveAGkyoFBM2o2CCm0ZCRUnA64qJ05NTnojhxRgR1CKZadOga4MmGFpNMfKwxqY9fW7lj1dFnCUBfXQOAEHxTed0S8WOQjELFn3qQ-S9pG4_gvKw8aw96-zOw_QbEQ5bZYyeBa9N76gkb6qrxAaJEYdA9x7sjdzEXkloiUXlzDNhbPbFHekAeajOjtdnHtYbrEgWlSWrHcgE4ujCXotwuEmBrvp1db21UlVOeJc9DMIuGDDfGQD7GdmCRwNDoYgbtxTnzdH5QspsDQNYYmv1-a812r3lnlhvJeQrFDCwwoB_M9OBnJ7Xvv1Pj1SuW2bxy6T6zbpFlDzh8KfK0erGzk7e-PB0HTSk5PtA-QqWtjELlkF0YT56QE2b0Z_X1UVce6q7M-wMuZnR5GdYnGrAYS76c0ssSmrw2R8lk72aHwPNY0BqjlBnZ6EVm_eYTe01U5LWIP2jbMNHLWiqYFxm0iE7qcZxBJRekY3CJ-8fyfsDhyazCrsq_ve6dDuW_MYwsxe7nGbbJlPVXz4U6BFxBTTN3YiaYWpRhHqdIWRJnC77o1cGbsQ_bxEHEoMigmAhoI4jUtg4JSYptT_BWRIU5SvFxQAlWfMffKSOWNkjcahChgeYmkVZEVDODsnj_hnMrz1OS3bU1Kl9YmtKxoRtKHlZzGLkAf_SlEkSF4YVkuIDxSqhPANmH6GHQB9RfPXedHzSiix0mWaN1_2aiPqJX2r6GcDGLGHZ2CTdcNHQ_eJL-wBA7-EtDIOrmcXIxD0p0p8LcJRGeBL_ncL5P2SReLS7YGNa_hI2x_2WhxJTlfi-SOAexLecyTp2yw3c-JwThVisNtdJhKsZiSpG1h-DRqCfBHuXApI-2KqrnopQTkALz3svidBYsHIFiYfsUqDZNG1FdU8n6RV8OX_g75B7-7DBIOyXzkgIC4e2SJbCZZY7CMAlUTxxcJIYYn4zENuTceZ4AUAtxKjEfjSNrtMxYRwLs240VkTYvq2PvEICD27k6BOeNASvydF7OoOAAvee_mGLlP8exHUPBvJttxCWcT4NjybuXRrS-l4bvV8bkJOnbaGmdC67SzVrQQVRrHqtZcB1iI90TR4QX4ji-y3juuvLmyY7maG_IJA3YAdGd4y1Y-UPD3La7Bnrsd_sEdHnUWofMWKBu8gGs__pPozEVer4hZ3SG4qB0Qq-Nk6iC6KmFSv9xWuOD8KGwTnkvwTobZjTxlMfpe2ZpLuNiQZ6kmOL3ndmWUNRCv89mXBFSdbibqvBmfF7-vvoQHjXL4MQyrBbtMKLyjxhlxcyok0lzrvUdvHbOpb-Pt4J0vGBJ2crJ6nBsgsX1v8TjVVyMITNF0MeZs1oWXvUxKw5SNYgycw_3VpGEivXt4ecarm9cL3uL25AgF69M62i7rwbLBcZM97y-nV6TnqjqmbboGUBiE2WxmVy06Kdxo8uDYdl-c7lwxhEmyZtwYZieYijrdlBoskmS03E72Sg3jntqucvsAhdrszpemlBbuP8GHCkMNYkeHNQOzRtGHDiHtjLQ4Fke-iwooybK2rUDOAtuPs8bu7HbDAILc5AGCHvHbzrGciC_9aeKw-NKncAnfI2jz1_CR6AZlAY_tMas0JduOxA_9M3hUcJzq4-Y1FB495Igp7ah7UJ31lttlCg3629X_X6stMY3-YuBmH4uBZ3zbWLY3ZbxCBVxSbaQlLbKNCQpn5C4GqHvXmlAxMGu8zz-DEf9SVS9dwUH9sMulmoPeDT3fb49630UV-L32uZtm-RNfoKwLDIAHVFM9bGCdb_o47K08j95BNDYa2evYeo0E4iBHMpKPPWBxniS4LlpM_CPlUPESNyewncV4Nzid_P7WowWC5HuF6fmffTomp9GMUeBURibNcqcxBgOm-euYfUL0uYJeXZT1tCFwAjcTxAudixasSiebSkfl32gDlmNMnN15u-AyJwYar_6iAZeu_qJs98RtvHVGxWY37KA7FotVUJWntsPRjbbrpO0PAw94Vw-rPlRU_gul8TBvMgvOBLhnFyA5O1phbvlNn5kJX4522co7ysyR-WGderXDzdoBzAwqkaCYr27ouv8DsmqjKawqg7kOj8SZ3Z8vZ9wp9T4kpivjSLiORjshA9mhZ8CCBc4y4tIq-90YjDc3KsMr_h_K1W_PbucNw9XUsHl09uS4RHqYRbyOaD2LPikotYOEJRfN4IuBsequBhmNXb7SMdYty2oGjwpd8T2ivJGikIABIl5GhekX4zvPDi-yfPtyUq0_Qlg3qC34c8Eoo2XjHKdMyjUcVghWAB&cry=1&ias_dspID=3&ias_campId=28762859&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=17328609328&bidurl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0girGZE3tH35ugv8I1SC-Du&adsafe_url=https%3A%2F%2Fja.whitefieldfarm.org%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d08d24de-e4df-01cc-7f0f-11bbf92da577,c:kQ7NZZ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-85dcc8dbbc-l2xgk,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:23,oid:da745ef1-183b-11ed-8f3a-c6777a4d98a6,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11825
x-xss-protection
0
server
cafe
etag
9647346768486398696
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 23:21:17 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQxMCx5XzQwNS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xM...
s-img.mgid.com/g/13054675/200x200/-/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13054675/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQxMCx5XzQwNS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvZjdhNTFkYzMyZGMxM2EwNTk2N2U3MjRkNGYwNTIzNjUuanBlZw.webp?v=1660088086-T4DfneKKUkLi08Vlfj81-m27noJ3mskSrgvDFguq1rU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d79e9ac2a9c3ab9a954ace7a5a3b94e9306a0563228866b273dcda2ea6c5904

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 11:45:01 GMT
x-mg-request-uuid
edbac090-9b2b-4ce5-a566-c8b9e0bd7fca
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844deecaea80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5374
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvMTAxOTI0LzFmM2I0ZWQ5NTlhMzBkMjVlO...
s-img.mgid.com/g/12068042/200x200/-/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12068042/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvMTAxOTI0LzFmM2I0ZWQ5NTlhMzBkMjVlOWFiYWRiODk2ZDE1M2I2LnBuZw.webp?v=1660088086-HjSxvaD2zX7tt2cscW0BB1XJOjy71fHRijVR7RGXqb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98fc92094eec30ef4531d6e21f178dbe6384da8c4362e776bc15c9b73fbcc338

Request headers

Referer
https://ja.whitefieldfarm.org/
Origin
https://ja.whitefieldfarm.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 14:13:04 GMT
x-mg-request-uuid
ab960b7e-b2b4-426c-b99e-90315b164eba
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
73844deecaeb80ea-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3772
server
cloudflare
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6D33 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
49604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 09:48:02 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 09:48:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C31C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4b89933724022e4fd02f87a5fc36a60587a85d9dac2c0b22477271ceae9e8b8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 6D33
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAaQ00A9Lw3uS8V3ZotSnp4&google_cver=1&google_push=AehlK4A1VeDfY-kLKYYKL2qNuoaA27FXhk3YIK6sn0_daobBcI_vCvtNUyfh48Dtdn-UlfKOYV6KLj0...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4A1VeDfY-kLKYYKL2qNuoaA27FXhk3YIK6sn0_daobBcI_vCvtNUyfh48Dtdn-UlfKOYV6KLj0O2vULZn3FhUAmBoZ_-_ey&google_hm=h57WRnVLQj27vlPgl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4A1VeDfY-kLKYYKL2qNuoaA27FXhk3YIK6sn0_daobBcI_vCvtNUyfh48Dtdn-UlfKOYV6KLj0O2vULZn3FhUAmBoZ_-_ey&google_hm=h57WRnVLQj27vlPglA-T38w
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4A1VeDfY-kLKYYKL2qNuoaA27FXhk3YIK6sn0_daobBcI_vCvtNUyfh48Dtdn-UlfKOYV6KLj0O2vULZn3FhUAmBoZ_-_ey&google_hm=h57WRnVLQj27vlPglA-T38w
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D33
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEHAR8JIIl0YaKd1yaF50Deo&google_cver=1&google_push=AehlK4AD-c_Y_5d1Q-vFs46SQVez4VUMqodoIQ2VdZKidPVb5IB_WEcJzEJ2NeS9eJA3Sl4hK_iSOH-WngsHKwVUY0deHMNsCeig
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mmx0dGNpUDhBczZKWFhMZEYtX3lZZw%3D%3D&google_push=AehlK4AD-c_Y_5d1Q-vFs46SQVez4VUMqodoIQ2VdZKidPVb5IB_WEcJzEJ2NeS9eJA3Sl4hK_iSOH-WngsHK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mmx0dGNpUDhBczZKWFhMZEYtX3lZZw%3D%3D&google_push=AehlK4AD-c_Y_5d1Q-vFs46SQVez4VUMqodoIQ2VdZKidPVb5IB_WEcJzEJ2NeS9eJA3Sl4hK_iSOH-WngsHKwVUY0deHMNsCeig
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Mmx0dGNpUDhBczZKWFhMZEYtX3lZZw%3D%3D&google_push=AehlK4AD-c_Y_5d1Q-vFs46SQVez4VUMqodoIQ2VdZKidPVb5IB_WEcJzEJ2NeS9eJA3Sl4hK_iSOH-WngsHKwVUY0deHMNsCeig
date
Tue, 09 Aug 2022 23:34:47 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 6D33
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENAzyz9my6n-PjLrO4ESj6A&google_cver=1&google_push=AehlK4AczRC7Icb3vjCqS4VQec3iqOGP4KQt4Bn0Dp3gzU2Gs4CqrdDjH3LiSdF3geLAfkKPBEJkt3R2reR2m5G0aB...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AczRC7Icb3vjCqS4VQec3iqOGP4KQt4Bn0Dp3gzU2Gs4CqrdDjH3LiSdF3geLAfkKPBEJkt3R2reR2m5G0aBaL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AczRC7Icb3vjCqS4VQec3iqOGP4KQt4Bn0Dp3gzU2Gs4CqrdDjH3LiSdF3geLAfkKPBEJkt3R2reR2m5G0aBaLxTEAsL8
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AczRC7Icb3vjCqS4VQec3iqOGP4KQt4Bn0Dp3gzU2Gs4CqrdDjH3LiSdF3geLAfkKPBEJkt3R2reR2m5G0aBaLxTEAsL8
Date
Tue, 09 Aug 2022 23:34:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6D33
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECOo8GteZfr32vJoLgosk8w&google_cver=1&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMWx...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESECOo8GteZfr32vJoLgosk8w%26google_cver%3D1%26google_push%3DAehlK4AynQ9oKpR_rtO1sa...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1495245886472877484&exchange=193&google_gid=CAESECOo8GteZfr32vJoLgosk8w&google_cver=1&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPl...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMWxEAkNqVB6H8kkhFIT4Szl
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4AynQ9oKpR_rtO1saMfIefs-h48o7Y4ZtL6s721D3ItKPPlVV8zq6ef6jc6WDc5L_kBPrsyUMWxEAkNqVB6H8kkhFIT4Szl
Date
Tue, 09 Aug 2022 23:34:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6D33
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH9hXwMgbfwrH7m3qGcoOxA&google_cver=1&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91QxiknuKJ5lQ0h4abPV8...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH9hXwMgbfwrH7m3qGcoOxA&google_cver=1&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91QxiknuKJ5lQ0h4abPV8...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05NEpzY21GRTJ1SGJzbkc4N2R3N3l1U1VXMUs4REdtaX5B&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91Qx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05NEpzY21GRTJ1SGJzbkc4N2R3N3l1U1VXMUs4REdtaX5B&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91QxiknuKJ5lQ0h4abPV8P1XpYXsoa8vf80DOJsjOhtxv5QwQ
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS05NEpzY21GRTJ1SGJzbkc4N2R3N3l1U1VXMUs4REdtaX5B&google_push=AehlK4AcUJrOqkuKuZ0KeTxGwTVxLB-JxPbVdmcocxjO3qc0ca0UE91QxiknuKJ5lQ0h4abPV8P1XpYXsoa8vf80DOJsjOhtxv5QwQ
date
Tue, 09 Aug 2022 23:34:47 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dot.gif
s0.2mdn.net/ Frame 6D33 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGgUZvWd7U5IzFR0WlEF2r8&google_cver=1&google_push=AehlK4BVG4fr6Emdoq67ub9iTTmF6LKGxQA1iaDDsrfQQZ5QTAeuFzj1ls8HL-x8i36GatSXtyUmboUA0dFSa-KkKfl42HM5p0nAWA
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 23:34:46 GMT
/
b1sync.zemanta.com/usersync/googleadx/ Frame 6D33
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBTYgJNVDRQF4jtQYacfgyQ&google_cver=1&google_push=AehlK4A5Thu5SkDpS3RDGE5RcXcMZDbGHFc9C4KcFn47lrgLO8v_nznm1RTifyACOu-DxE5hSCK2rZw2GNjfT...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBTYgJNVDRQF4jtQYacfgyQ&google_push=AehlK4A5Thu5SkDpS3RDGE5RcXcMZDbGHFc9C4KcFn47lrgLO8v_nznm1RTifyACOu-DxE5hSCK2rZw2GNjfT...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AehlK4A5Thu5SkDpS3RDGE5RcXcMZDbGHFc9C4KcFn47lrgLO8v_nznm1RTifyACOu-DxE5hSCK2rZw2GNjfTGchPwQ-8HdtJuc7vw&google_hm=LTZrQVVfUmR4bWZMNz...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Protocol
HTTP/1.1
Server
64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:47 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6D33 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-OYjYO7CkgPSJMDa84clX3O-7gj7CIm_vFDfN7x-gkitX80rh8LYDWKvgaf9EtIpfxLnYAF08hQ
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/ Frame AF0A 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
259d433ec48f71c8b07f569bd85ccc1a9bfdc0c1d2901b99b19f60c2f28ce381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
242636
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1473
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Aug 2022 04:10:50 GMT
expires
Mon, 07 Aug 2023 04:10:50 GMT
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C31C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCbcvDvLJHxK4o3ShvHdEauZGEF3mgRq7yDdIvwp0PLhjkujxtET0PnyTRp1Ez-766S3vAULrb_QdRldh1zuCq6tzaY_3seahLmNc2lONsfSw8TRUH8edcNimxlWmNCqr-rHmu8WqU9OnkU80UJ201Y8xH-FD16mLz0SmMA5I&sai=AMfl-YRWNXPWpYfyCptikpla8nnYfb-N0t73VqoDoZKvDOv_AA5WZ2_QJNQILph1k5Y-hLJ1a-nJiBfpI7nkof2S21fXUNSKklt9a7FfOMIzrLxh3580E2buKDknfG51&sig=Cg0ArKJSzCUVZrC6HIz2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=59&cbvp=1&cstd=57&cisv=r20220808.77736&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
1duwt.json
www.bigmp3db.com/ 		60 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?fe8bae7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
76cfcf2c665f5086038fdccbde63b47b72e8dd78dc4ca9e02728f8cb33d178b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 23:34:47 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
sync.html
s.adtelligent.com/ Frame F9ED 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=754484
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1660088086761659436562
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.10.218 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0a1b8778f2cbb9e753c6b9a0c96a2ee5f7d6b29d4466fcbef62b275a0e72c747

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://ja.whitefieldfarm.org
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1212
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 23:34:46 GMT
Server
Adtelligent
X-Robots-Tag
noindex
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=99145223-a459-451f-87ef-4c4b5888af1f
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=99145223-a459-451f-87ef-4c4b5888af1f
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844df2fb4b2079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=99145223-a459-451f-87ef-4c4b5888af1f
date
Tue, 09 Aug 2022 23:34:47 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844df89ff82079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=718337&c=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
date
Tue, 09 Aug 2022 23:34:47 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bTc5S3ZzMXp4Vnln&muidn=m79Kvs1zxVyg
  • https://cm.mgid.com/google?muidn=m79Kvs1zxVyg&google_ula={guid},5&google_gid=CAESEP0kSVf9nAaPxoa-rfJ5G2k&google_cver=1
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=m79Kvs1zxVyg&google_ula={guid},5&google_gid=CAESEP0kSVf9nAaPxoa-rfJ5G2k&google_cver=1
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
cf-ray
73844def88422079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=m79Kvs1zxVyg&google_ula={guid},5&google_gid=CAESEP0kSVf9nAaPxoa-rfJ5G2k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=m79Kvs1zxVyg
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=m79Kvs1zxVyg
  • https://cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=&consentData=&uspString=
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=&consentData=&uspString=
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844df2db3c2079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=&consentData=&uspString=
Date
Tue, 09 Aug 2022 23:34:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=mgid
  • https://cm.mgid.com/m?cdsp=43070&c=L6MTL256-L-2NV1
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=43070&c=L6MTL256-L-2NV1
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844df21a712079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.mgid.com/m?cdsp=43070&c=L6MTL256-L-2NV1
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
Expires
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.242 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
content-length
0
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=m79Kvs1zxVyg
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=3590419838912882203&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/712107.gif?partner_uid=m79Kvs1zxVyg&
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIl97LlwYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIl97LlwYSBAgCEABCAEoA&google_gid=CAESEG-ik_znc09x2EAKKhNfi-w&google_cver=1
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=7f0a7074-0bb1-4f52-abb7-9efd5e283dec
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=7f0a7074-0bb1-4f52-abb7-9efd5e283dec
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=7f0a7074-0bb1-4f52-abb7-9efd5e283dec
date
Tue, 09 Aug 2022 23:34:47 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=41858e2c-b518-41a5-824e-972da936cd01&ttl=1662680087
43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=41858e2c-b518-41a5-824e-972da936cd01&ttl=1662680087
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844defd88c2079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=41858e2c-b518-41a5-824e-972da936cd01&ttl=1662680087
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
/
cm.idealmedia.io/setmuidn/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=m79Kvs1zxVyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844def5d9c80c3-NRT
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
1000.gif
id.rlcdn.com/
Redirect Chain
  • https://id.rlcdn.com/712056.gif?
  • https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJfey5cGEgUI6AcQAEIASgA
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJfey5cGEgUI6AcQAEIASgA
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 09 Aug 2022 23:34:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCJfey5cGEgUI6AcQAEIASgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=4SBCo0fVzDvaq6Xia6ZP&pi=mgid&tc=1
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=4SBCo0fVzDvaq6Xia6ZP&pi=mgid&tc=1
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844df3dbf22079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=4SBCo0fVzDvaq6Xia6ZP&pi=mgid&tc=1
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT, Tue, 09 Aug 2022 23:34:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=mgid&gdpr=0&user_id=2KB_AIv0KAXD8H8Bi_c0VIynLwPDqisH3qIXB2xS
  • https://cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=0&consentData=&uspString=
43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=0&consentData=&uspString=
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844df57d8f2079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=c488266c-4953-40f8-a996-47484890df95&gdpr=0&consentData=&uspString=
Date
Tue, 09 Aug 2022 23:34:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
styles.css
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/css/ Frame AF0A 		689 B
348 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f7dd14b2cc5f418f1a0c63bd633695258fce0873858d74eba4ff49c238221cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 13:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
319
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 13:55:58 GMT
bg1.jpg
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/ Frame AF0A 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb48532debb7b68b1b82705b7d68ec6dda2eb4177ee9f02099fe55a5e6929836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 03:32:43 GMT
x-content-type-options
nosniff
age
331323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84717
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 03:32:43 GMT
copy1.png
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/ Frame AF0A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d7bdcf763dee0f01d17a60ec587e6a07a0fbaf346ea260750b5f5b53b06950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 11:03:57 GMT
x-content-type-options
nosniff
age
304249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7045
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 11:03:57 GMT
copy2.png
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/ Frame AF0A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4984f51b52823b9b35860cb29dbc1a7566d0d3d9abd0af165953d8d7910fe8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 13:45:58 GMT
x-content-type-options
nosniff
age
294528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4305
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 13:45:58 GMT
copy2a.png
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/ Frame AF0A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/copy2a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfcf158df1b618640db4e06a6dedfd8d3571855af7020d2f3e999086882587d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 13:59:43 GMT
x-content-type-options
nosniff
age
293703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4305
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 13:59:43 GMT
cta.png
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/ Frame AF0A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe62e0b54762041c8e3a80416e0bb922ce2ae5bb5c1059c31944798abe2f125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 13:12:09 GMT
x-content-type-options
nosniff
age
210157
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5205
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Aug 2023 13:12:09 GMT
logo.png
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/ Frame AF0A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/assets/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e6939db7d00f39c07994b3a5884cfbef0f51cb08280065a8912abcf10011511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 03:24:23 GMT
x-content-type-options
nosniff
age
331823
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4972
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 03:24:23 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.7.0/ Frame AF0A 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.7.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13586586072714e236df6d92c31a101451f66f4324c54bb0ddec1707dd901607
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7081253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22621
timing-allow-origin
*
last-modified
Wed, 16 Jun 2021 06:30:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60c99a8b-585d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEK8V0sRmeyvi32KQqytZm2fK8HxiroAz9UydCwoLB7RITIZZ4ekWRaQsG%2FGrYS0ofwzbIsif%2BPX%2FveBagaXua2pl9zcM0tg4js5D8MOT7Zjiao7O%2BAAcVw%2FvVxZTeRudAFJ2CKLqNEzjW%2BK5d%2FjwFKe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73844def7c6580c0-NRT
expires
Sun, 30 Jul 2023 23:34:46 GMT
script.js
s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/js/ Frame AF0A 		1 KB
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:827::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
142b7695a35d9b0574195dc1465345baab6f7cf2e2c0cc871f97d7e2986c5da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1935388699305326083/H233783_D155247_Media_Banner_HTML5_SimpleRecipe_Machine_728x90_OL_Summer_2022_JP_jp/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 14:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293677
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
389
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 04:38:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 14:00:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C31C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCbcvDvLJHxK4o3ShvHdEauZGEF3mgRq7yDdIvwp0PLhjkujxtET0PnyTRp1Ez-766S3vAULrb_QdRldh1zuCq6tzaY_3seahLmNc2lONsfSw8TRUH8edcNimxlWmNCqr-rHmu8WqU9OnkU80UJ201Y8xH-FD16mLz0SmMA5I&sai=AMfl-YRWNXPWpYfyCptikpla8nnYfb-N0t73VqoDoZKvDOv_AA5WZ2_QJNQILph1k5Y-hLJ1a-nJiBfpI7nkof2S21fXUNSKklt9a7FfOMIzrLxh3580E2buKDknfG51&sig=Cg0ArKJSzCUVZrC6HIz2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&vt=11&dtpt=73&dett=3&cstd=57&cisv=r20220808.77736&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 23:34:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7O8J,time:564,type:e,im:%7Bpci:%7Btdr:517%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:564,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B558~0%5D,as:%5B558~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7Od4,pingTime:-10,time:833,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660088087417%7C%7C8fc4f9cc86d0781c07eda111c054d67f%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C6b3cf3fb32f40fc7a96d52f4d495dfbc%7C%7Ceca18c51df11959b0a9b981d15211a0d%7C%7C26decd416b91dede46b81df80d2a924f%7C%7C1e44533d96a2a487bcbc1d2c3bbdbf9e%7C%7C970d92cc1459a51975f7af809c1378bd%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame C31C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUC3wgsGYXlewTKWRhvbGLJqUvDssAK1E7Rj3cU31QuzWP1I-LuTk42BFCOq_CaS3ZGI6-qRWyfKlB5sWvBnWhyqGuG_X-R-07Ff_OgzA_OHdEKRbBCGn9OcFSIq5gJ5Hs2V_Km28VHw&sai=AMfl-YR3TQOpv2z3TB1yGH07KFNYrc44uu947TQmXdIb1N0HV-fSmTNiJGlVzE6flJwSam6eFs2lS0hr7HNZRf4YuGcOM2qHDDU3B04hB9apUUVs8KakslLPBXN12lhx&sig=Cg0ArKJSzHSO72lzjT9bEAE&cid=CAASJeRoXpF-M7zw4vsnz7clKtP0JYN6gt-HPBKKNl4xynTMo1HFYIU&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=940344607&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660088086204&rpt=665&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 2798 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame E92B
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
729 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.137 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
888e60dfbddafb5ba4f84d21cd7e978a42df3fe39ae46ddf80b1b6cd413f5e07

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
729
content-type
text/html
date
Tue, 09 Aug 2022 23:34:48 GMT
expires
Tue, 09 Aug 2022 23:34:48 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-596

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 09 Aug 2022 23:34:48 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-596
sync.html
s.console.adtarget.com.tr/ Frame 66F0 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.178 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame C55C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.10.218 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 23:34:47 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
de.tynt.com/deb/ Frame F162
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
6e95c48d84d75d5c58fec42a82dfadb6367ee9d7a8ccc1a3842698f656b7518a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1768
content-type
text/html
date
Tue, 09 Aug 2022 23:34:49 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 23:34:48 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame 0AA1
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8c3843a5-deec-467f-bad3-3d6c40b5329c
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8c3843a5-deec-467f-bad3-3d6c40b5329c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 09 Aug 2022 23:34:48 GMT
Etag
e0c72f070dd3b9a5
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73844df59cd480c3-NRT
content-length
0
date
Tue, 09 Aug 2022 23:34:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8c3843a5-deec-467f-bad3-3d6c40b5329c
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2CEB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame F9ED
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=99145223-a459-451f-87ef-4c4b5888af1f
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=99145223-a459-451f-87ef-4c4b5888af1f
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=99145223-a459-451f-87ef-4c4b5888af1f
date
Tue, 09 Aug 2022 23:34:47 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame F9ED
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=345dd38e-743b-4b81-bf3b-a5ba42d7ca86
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=345dd38e-743b-4b81-bf3b-a5ba42d7ca86
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=345dd38e-743b-4b81-bf3b-a5ba42d7ca86
date
Tue, 09 Aug 2022 23:34:48 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame F9ED
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=c2917b1d-c424-454e-9c69-a14957ad217d
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=c2917b1d-c424-454e-9c69-a14957ad217d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:47 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=c2917b1d-c424-454e-9c69-a14957ad217d
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
55cl7avjneslisrbuoms5a40qpioisf7
csync
sync.adtelligent.com/ Frame F9ED
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FHpmELZHnuCZF7XlRPeMPfsZ
0
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FHpmELZHnuCZF7XlRPeMPfsZ
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0

Redirect headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=FHpmELZHnuCZF7XlRPeMPfsZ
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
vid.vidoomy.com/ Frame F9ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d300::1 , Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame F9ED
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8987621025352897644
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8987621025352897644
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:47 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
4b46533a-0c32-4b15-aa8c-965fee4dfc69
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8987621025352897644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame F9ED
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8987621025352897644
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8987621025352897644
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:47 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fc7e8469-d5e9-4219-87d6-0ec29f2b307a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8987621025352897644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
m
cm.mgid.com/ Frame F9ED
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
  • https://cm.mgid.com/m?cdsp=617666&c=e0c72f070dd3b9a5
43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=617666&c=e0c72f070dd3b9a5
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
73844dfd0b9d2079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

Location
https://cm.mgid.com/m?cdsp=617666&c=e0c72f070dd3b9a5
Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0
bsevent.gif
rtbc-sgc.doubleverify.com/ Frame EC3F 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-sgc.doubleverify.com/bsevent.gif?flvr=0&impid=5057d227ff5d4b22a47cf14490f3d384&dvp_ac_version=0727a&dvp_acibv=&bsigr=17592444387840&cbust=1660088087931934
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:48 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
08/08/2022 23:34:48
/
servedby.flashtalking.com/imp/8/115846;4181641;201;js;DV360;DV360FY20CCCTXCategoryJPDSKBAN728x90/ Frame EC3F 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/115846;4181641;201;js;DV360;DV360FY20CCCTXCategoryJPDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=ja.whitefieldfarm.org&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fja.whitefieldfarm.org%2F&cachebuster=131223.39020890815
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app20.tky11 /
Resource Hash
a7b38278f29cc95e60e6e6bd0a7ea21dd9bde1edebbca065c4e4a2b997360cff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
prod-xre-app20.tky11
X-HW
1660088088.dop020.si2.t,1660088088.cds213.si2.shn,1660088088.dop020.si2.t,1660088088.cds228.si2.sc,1660088088.cds228.si2.p
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1468
Expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.mgid.com/ 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=324|112|28|gpyhv20L0xWHvVwK0858C1bIDUT7_iXpqimTfUI8j3FU1HE-LtSAk0Znw8CMNRMoB-3n0E2rUb0ecuio4vxGCg**&fw=1&extjs=66044&v=324|112|28|gpyhv20L0xWHvVwK0858C4VpsjflKvRv6xFP6JfA5W-aUVTI26cnNAWTlG4FmfUUzzu3WWJG1PTMAS4sfxIfVg**&cid=1305780&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=da9237c8-183b-11ed-8ca1-2cea7f92274e&tt=Direct&iv=11&pageImp=1&pvid=18284f5efde969bff48&muid=m79KrfYV2ayg&cbuster=1660088087971692409529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
40a4c4be-afec-467b-bbe8-28bd1cc77383
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
73844df5ddda2079-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
server
cloudflare
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7Omd,pingTime:0,time:1400,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D,%7Bpiv:100,vs:i,r:,t:1398%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:2,o:1398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1393~0,1~100%5D,as:%5B1394~728.90%5D%7D%7D,%7Bsl:i,t:1398,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1393~0,1~100%5D,as:%5B1394~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:142,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4BE9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FDC4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-98-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 23:34:48 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Aug 2022 23:34:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame DE58 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame C55C 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame FDC4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-98-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0301d47f4db06077df52ef4c6a97ee427303032de785033fd4bfc636b0b9ef1d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61036
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Wed, 10 Aug 2022 16:32:04 GMT
csync
sync.spotim.market/ Frame FDC4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&khaos=L6MTL256-L-2NV1
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Adtelligent
Etag
03b3278596bffa52
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
Expires
0
pixelSync
pixel.sitescout.com/dmp/ Frame E92B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D02f81188cac679c2
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
207.198.113.205 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
ptag
a.audrte.com/ Frame E92B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-220-103.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4e7173d2da32cdfd1e31e4a14c07f7b19f8f68b401a3fce67ed6dcd86a25b3ee

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame BFB6 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.93.150.152 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.AP-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 09 Aug 2022 23:34:48 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 25 Jul 2027 22:11:35 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
af5a18b82d76236e687e250220314908
x-cf-tsc
1658873496
x-cf1
29080:fD.tko2:co:1585621119:cacheN.tko2-01:H
x-cf2
H
x-cf3
M
x-cff
B
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FDC4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W1AXlxGTRLql10mgLLq8Mw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W1AXlxGTRLql10mgLLq8Mw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W1AXlxGTRLql10mgLLq8Mw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P3NT9FZM1CNY4BEA6A2N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W1AXlxGTRLql10mgLLq8Mw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FDC4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgyMDcxYWRlYmE4NGM3OWEyYmE3Yzk1ZDI2NjFjZTJjZDY2NGM5Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgyMDcxYWRlYmE4NGM3OWEyYmE3Yzk1ZDI2NjFjZTJjZDY2NGM5Yg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgyMDcxYWRlYmE4NGM3OWEyYmE3Yzk1ZDI2NjFjZTJjZDY2NGM5Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esync
token.rubiconproject.com/ Frame FDC4
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 09 Aug 2022 23:34:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame FDC4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41858e2c-b518-41a5-824e-972da936cd01&gdpr=0&gdpr_consent=&expires=30
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41858e2c-b518-41a5-824e-972da936cd01&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=41858e2c-b518-41a5-824e-972da936cd01&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
ecm3
s.amazon-adsystem.com/ Frame FDC4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pM29IfcyT5eXsFGxYuOFVw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pM29IfcyT5eXsFGxYuOFVw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pM29IfcyT5eXsFGxYuOFVw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EDAY5VES3TRXC4J6CXBZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pM29IfcyT5eXsFGxYuOFVw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FDC4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF6xBKgf9wv6vVqCBfBmeHI&google_cver=1
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF6xBKgf9wv6vVqCBfBmeHI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0963d041a95f271fbba7f411adc03573
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF6xBKgf9wv6vVqCBfBmeHI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FDC4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNVEwyNTYtTC0yTlYx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNVEwyNTYtTC0yTlYx
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNVEwyNTYtTC0yTlYx
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame FDC4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6MTL256-L-2NV1
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6MTL256-L-2NV1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 84EE1DB08BA74EA49EA8AFEF508F791D Ref B: TYAEDGE0920 Ref C: 2022-08-09T23:34:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXl12DYULOHaCso0n94aw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6MTL256-L-2NV1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
j-4181641-3868393.js
cdn.flashtalking.com/xre/418/4181641/3868393/js/ Frame EC3F 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/418/4181641/3868393/js/j-4181641-3868393.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115846;4181641;201;js;DV360;DV360FY20CCCTXCategoryJPDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=ja.whitefieldfarm.org&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fja.whitefieldfarm.org%2F&cachebuster=131223.39020890815
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
8117214b8d7bbf5a727a6097bef32047201d4f553869f741e2ae21dd4c65b2eb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Content-Encoding
gzip
x-amz-request-id
YEWPPS26WR8NYC2X
X-HW
1660088088.dop229.si2.t,1660088088.cds233.si2.shn,1660088088.dop229.si2.t,1660088088.cds253.si2.c
Connection
Keep-Alive
Content-Length
14378
x-amz-id-2
Fo7LVexSAqIY/4YntnQ68dJHHX7lSULGxhR/UAhk8+UVUwUcl5y3HJpPgD7M5kYKW4+8rry1Iv4=
Last-Modified
Mon, 16 May 2022 20:19:24 GMT
ETag
W/"62aa079e0c503854af3540b0975a13ac"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1022
Accept-Ranges
bytes
PugMaster
image6.pubmatic.com/AdServer/ Frame 2CEB 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76395651&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.whitefieldfarm.org%2F&domain=ja.whitefieldfarm.org&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ja.whitefieldfarm.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 09 Aug 2022 23:34:48 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
947
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.whitefieldfarm.org%2F&domain=ja.whitefieldfarm.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=curHtnxXY2dUaTRYa2htT0FxUDRzcEZXSzU3MjhLTExYMTViM05PY3FtWkd6N2UzWHdKV1dCNU4wdzhUUjliV2Y3b1lEUVA2UHM5eGZkYTgzMHdTakszMlFkR3BveGdnZUN6TU55dnVIT0puWGlxdjRPQTVLSlFhcjJERn...
347 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=curHtnxXY2dUaTRYa2htT0FxUDRzcEZXSzU3MjhLTExYMTViM05PY3FtWkd6N2UzWHdKV1dCNU4wdzhUUjliV2Y3b1lEUVA2UHM5eGZkYTgzMHdTakszMlFkR3BveGdnZUN6TU55dnVIT0puWGlxdjRPQTVLSlFhcjJERnZTVy8xYmJ0QlFiNDFyT3F2Si9STTh3aDYrVHFpZ2hyMUNTSmRaSlNuSENaSTd1ZS9yUWo1WkpIUkpjY0Rja1BuZ0hWZWNhdXZ0cG5WK0xtT3FWSTUxdkVyL1AzUE1HVWRoUzkrTDNkeGFocnliZ2ZPWWYrMjFHVmpNVnhXVjVJaUwzL0xvcUpqfA&cppv=2
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
eea479d7390ceb4cde665e0596b51665640fa688991b289771812f428ea93aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2182
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
location
https://mug.criteo.com/sid?cpp=curHtnxXY2dUaTRYa2htT0FxUDRzcEZXSzU3MjhLTExYMTViM05PY3FtWkd6N2UzWHdKV1dCNU4wdzhUUjliV2Y3b1lEUVA2UHM5eGZkYTgzMHdTakszMlFkR3BveGdnZUN6TU55dnVIT0puWGlxdjRPQTVLSlFhcjJERnZTVy8xYmJ0QlFiNDFyT3F2Si9STTh3aDYrVHFpZ2hyMUNTSmRaSlNuSENaSTd1ZS9yUWo1WkpIUkpjY0Rja1BuZ0hWZWNhdXZ0cG5WK0xtT3FWSTUxdkVyL1AzUE1HVWRoUzkrTDNkeGFocnliZ2ZPWWYrMjFHVmpNVnhXVjVJaUwzL0xvcUpqfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1338
content-length
509
expires
0
rid
match.adsrvr.org/track/ 		108 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
4e72483b168c7352401a821794ef05acec46d5cd53c0995ac79cb364e3b135c6

Request headers

Referer
https://ja.whitefieldfarm.org/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 08 Sep 2022 23:34:48 GMT
/
onetag-sys.com/usync/ Frame AA59 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1660088085638&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C47 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 00E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
73844dfa492b1eb3-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
usersync
ssp.wp.pl/bidder/ Frame B68A 		477 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 23:34:48 GMT
last-modified
Thu, 21 Jul 2022 14:22:10 GMT
server
nginx
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame CE42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
73844dfa492c1eb3-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
async_usersync.html
acdn.adnxs.com/dmp/ Frame C7CF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
68007
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 09 Aug 2022 23:34:48 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 533485
X-Served-By
cache-lga21936-LGA, cache-tyo11954-TYO
X-Timer
S1660088089.797651,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 456F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame ABF4 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1660088085638&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame B8F6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
68007
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 09 Aug 2022 23:34:48 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 103929
X-Served-By
cache-lga21936-LGA, cache-tyo11940-TYO
X-Timer
S1660088089.797995,VS0,VE0
isyn
prebid.a-mo.net/ Frame C127 		2 KB
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f8937d38b059e5810978444b74117d48e11e4b7473be1160e505437358c48a73

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
617
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 23:34:48 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
usersync
ssp.wp.pl/bidder/ Frame D44A 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 23:34:48 GMT
last-modified
Thu, 21 Jul 2022 14:22:10 GMT
server
nginx
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 56EE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame 2EEA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6523aa5ea27ec3233bd04f0a56fec204eab73617f4e0428f0c5a60b396daef1d

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
73844dfa5d84af46-NRT
content-encoding
gzip
content-type
text/html
date
Tue, 09 Aug 2022 23:34:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
apacdex
sync.quantumdex.io/usersync/ Frame 206A 		3 KB
948 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f359fe3ed15f8fb56bc6806ea1ed8e534325a27aa68725d8f8e356ff315002

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
73844dfa5d87af46-NRT
content-encoding
gzip
content-type
text/html
date
Tue, 09 Aug 2022 23:34:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame A7A8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
68006
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 09 Aug 2022 23:34:48 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 549915
X-Served-By
cache-lga21936-LGA, cache-tyo11975-TYO
X-Timer
S1660088089.799347,VS0,VE0
/
onetag-sys.com/usync/ Frame 7730 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1660088085637&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame AC76 		3 KB
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21f3da4cfe64362b05dcce6a52d8e96da9a52ab19a5ef0e0bd97370deb51b60

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
73844dfa6d8daf46-NRT
content-encoding
gzip
content-type
text/html
date
Tue, 09 Aug 2022 23:34:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame CE42 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 23:34:48 GMT
last-modified
Thu, 21 Jul 2022 14:22:10 GMT
server
nginx
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 70A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ja.whitefieldfarm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
73844dfa6848afb2-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
async_usersync
ib.adnxs.com/ Frame C7CF 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:48 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
99db1aa1-6bde-4e52-b30d-bd0b9a329e6e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=curHtnxXY2dUaTRYa2htT0FxUDRzcEZXSzU3MjhLTExYMTViM05PY3FtWkd6N2UzWHdKV1dCNU4wdzhUUjliV2Y3b1lEUVA2UHM5eGZkYTgzMHdTakszMlFkR3BveGdnZUN6TU55dnVIT0puWGlxdjRPQTVLSlFhcjJERnZTVy8xYmJ0QlFiNDFyT3F2Si9STTh3aDYrVHFpZ2hyMUNTSmRaSlNuSENaSTd1ZS9yUWo1WkpIUkpjY0Rja1BuZ0hWZWNhdXZ0cG5WK0xtT3FWSTUxdkVyL1AzUE1HVWRoUzkrTDNkeGFocnliZ2ZPWWYrMjFHVmpNVnhXVjVJaUwzL0xvcUpqfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 09 Aug 2022 23:34:48 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
957
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame B8F6 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:48 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8af0d3fb-b2f6-40fa-8dff-c282e5d0ee9a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A7A8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:48 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ae896267-91a3-453d-9420-a345d8f78ed7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d9core
d9.flashtalking.com/ Frame EC3F 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/418/4181641/3868393/js/j-4181641-3868393.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.207.73 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-207-73.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
95321277b83ecb5c82334d5a5d56330bf0030a7e841fce527b775d89f7ef7591

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
10814
dvtp_src.js
cdn.doubleverify.com/ Frame EC3F 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115846&sid=18330&plc=4181641&num=&adid=&advid=&adsrv=29&btreg=4181641&btadsrv=flashtalking&crt=3868393&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=20A4BE82-AAAD-9071-5884-282237B0055A&auevent=&352058085
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/418/4181641/3868393/js/j-4181641-3868393.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4075e4e380188626166832e49f139f780a4d7a98a12cd8d83ef1aac70fc57489

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 Aug 2022 11:29:43 GMT
Server
Microsoft-IIS/10.0
ETag
"806d3afd50aad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
img
img-1000557.ad-score.com/ Frame EC3F 		35 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-1000557.ad-score.com/img?pid=1000557&tid=13539&tt=g&l1=115846&l2=DV360&l3=4181641&l4=3868393&utid=20A4BE82-AAAD-9071-5884-282237B0055A&creative_type=display&cb=525666394
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
Last-Modified
Tue, 09 Aug 2022 23:34:49 UTC
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Sat, 26 Jul 1997 05:00:00 GMT
3868393.gif
cdn.flashtalking.com/xre/418/4181641/3868393/image/ Frame EC3F 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/xre/418/4181641/3868393/image/3868393.gif?385303117
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
43c5368250016efff42701a60c29938e5ca1e8518fd38f3e64a3fd5a3f781db3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 12 Apr 2022 17:41:13 GMT
x-amz-request-id
HH6CMRZASET10B8C
ETag
W/"b1fcf7ce5d51e3e4746ed6353b7cbb41"
Access-Control-Max-Age
3000
X-HW
1660088088.dop229.si2.t,1660088088.cds233.si2.shn,1660088088.dop229.si2.t,1660088088.cds215.si2.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1023
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25333
x-amz-id-2
WqNQs7SdluWdG1T9yB36bJNT+MSnVDetj2NXl0A8jNHBJAkTiDoDIuDZgtjLJErIWeCGIgTQF3Q=
iconc.png
secure.flashtalking.com/oba/icon/ Frame EC3F 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.56 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:31 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin
us
X-Varnish
394860326 286221358
Cache-Control
max-age=1907633
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1308
Expires
Thu, 01 Sep 2022 01:28:41 GMT
dv-measurements2960.js
cdn.doubleverify.com/ Frame 6BB6 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2960.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
643942a00b0c0700ad1d39d440c61776f2cb6d3d1267830dc128637e15ecf9fd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 Aug 2022 10:10:38 GMT
Server
Microsoft-IIS/10.0
ETag
"0e3fcf045aad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107745
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E65A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
49606
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 09:48:02 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 09:48:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EC3F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e181e8622373092543c3101777d860a1844039480812b72116d1abe3be5cd65d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements2960.js
cdn.doubleverify.com/ Frame 4768 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2960.js
Requested by
Host: ja.whitefieldfarm.org
URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
643942a00b0c0700ad1d39d440c61776f2cb6d3d1267830dc128637e15ecf9fd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 Aug 2022 10:10:38 GMT
Server
Microsoft-IIS/10.0
ETag
"0e3fcf045aad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107745
pixel
cm.g.doubleclick.net/ Frame E65A
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEMyjzoeoRSkGdtv-Hv4De1g&google_cver=1&google_push=AehlK4BuEzT9I2odlmA7D1EQ2ku286p_h6H_l04gPEK3AieHmWodglVqqvAPH9VKRnLhywiHzVhPvRfvjBMqWM68wsUJUyhhyZh3
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BuEzT9I2odlmA7D1EQ2ku286p_h6H_l04gPEK3AieHmWodglVqqvAPH9VKRnLhywiHzVhPvRfvjBMqWM68wsUJUyhhyZh3&google_hm=NHp0TlltMDE2QkRBWTAwOGZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BuEzT9I2odlmA7D1EQ2ku286p_h6H_l04gPEK3AieHmWodglVqqvAPH9VKRnLhywiHzVhPvRfvjBMqWM68wsUJUyhhyZh3&google_hm=NHp0TlltMDE2QkRBWTAwOGZFQXg
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4BuEzT9I2odlmA7D1EQ2ku286p_h6H_l04gPEK3AieHmWodglVqqvAPH9VKRnLhywiHzVhPvRfvjBMqWM68wsUJUyhhyZh3&google_hm=NHp0TlltMDE2QkRBWTAwOGZFQXg
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame E65A
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFuU_SJYalmq5C-C1AJgjIQ&google_cver=1&google_push=AehlK4CU2wB8Ucc3LQCyrybwzaC-pfVGk2UnqOei_R6EhvupKRhy4a2KkvmT4qk4Qo9LyESG7Hqmr3nx4DMiP-l8gtYd61YnHgw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CU2wB8Ucc3LQCyrybwzaC-pfVGk2UnqOei_R6EhvupKRhy4a2KkvmT4qk4Qo9LyESG7Hqmr3nx4DMiP-l8gtYd61YnHgw&google_hm=JBl-7tQ9z4kRkS3rBe_ZSg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CU2wB8Ucc3LQCyrybwzaC-pfVGk2UnqOei_R6EhvupKRhy4a2KkvmT4qk4Qo9LyESG7Hqmr3nx4DMiP-l8gtYd61YnHgw&google_hm=JBl-7tQ9z4kRkS3rBe_ZSg==
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:48 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CU2wB8Ucc3LQCyrybwzaC-pfVGk2UnqOei_R6EhvupKRhy4a2KkvmT4qk4Qo9LyESG7Hqmr3nx4DMiP-l8gtYd61YnHgw&google_hm=JBl-7tQ9z4kRkS3rBe_ZSg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
jhc33gifq3f34ue1d18iach9h5dr752m
pixel
cm.g.doubleclick.net/ Frame E65A
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENAzyz9my6n-PjLrO4ESj6A&google_cver=1&google_push=AehlK4CMoFzZFp-K4PfA6Kr5TpjEjjzUsLQArs6kuYOgZfmIBiXqiZAdBwHb91IISLmcnEUY-FgFxSNjT2hYSoY0zG...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4CMoFzZFp-K4PfA6Kr5TpjEjjzUsLQArs6kuYOgZfmIBiXqiZAdBwHb91IISLmcnEUY-FgFxSNjT2hYSoY0zGIt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4CMoFzZFp-K4PfA6Kr5TpjEjjzUsLQArs6kuYOgZfmIBiXqiZAdBwHb91IISLmcnEUY-FgFxSNjT2hYSoY0zGItOp455dzF
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE0OTUyNDU4ODY0NzI4Nzc0ODQ&google_push=AehlK4CMoFzZFp-K4PfA6Kr5TpjEjjzUsLQArs6kuYOgZfmIBiXqiZAdBwHb91IISLmcnEUY-FgFxSNjT2hYSoY0zGItOp455dzF
Date
Tue, 09 Aug 2022 23:34:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E65A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFKE_1xv3VreTfQy_VdjFZw&google_cver=1&google_push=AehlK4BliiJ4_9OQmX6f-X3kFpiR__0Y6ljaE5PgcWZ6avl4Tbv8ER7XOyS3sGSCraWwLDdP-qphM3...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4BliiJ4_9OQmX6f-X3kFpiR__0Y6ljaE5PgcWZ6avl4Tbv8ER7XOyS3sGSCraWwLDdP-qphM3KWNkM_VW0LsKPwYnLA88TT&google_hm=MzU5MDQxOT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4BliiJ4_9OQmX6f-X3kFpiR__0Y6ljaE5PgcWZ6avl4Tbv8ER7XOyS3sGSCraWwLDdP-qphM3KWNkM_VW0LsKPwYnLA88TT&google_hm=MzU5MDQxOTgzODkxMjg4MjIwMw%3D%3D
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4BliiJ4_9OQmX6f-X3kFpiR__0Y6ljaE5PgcWZ6avl4Tbv8ER7XOyS3sGSCraWwLDdP-qphM3KWNkM_VW0LsKPwYnLA88TT&google_hm=MzU5MDQxOTgzODkxMjg4MjIwMw%3D%3D
date
Tue, 09 Aug 2022 23:34:48 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E65A
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDThBj4Y1xi1weve7MGmplg&google_cver=1&google_push=AehlK4CgsHWN8VlmM18LJEaotqkhpfmhXiAg1Bk9Xe9Hte_fWblyW9zbiaS-NQYexGsk7RWM7em3j...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CgsHWN8VlmM18LJEaotqkhpfmhXiAg1Bk9Xe9Hte_fWblyW9zbiaS-NQYexGsk7RWM7em3jV27brEDD4e5JbLy_rqVDQo&google_hm=WXZMdkdjQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CgsHWN8VlmM18LJEaotqkhpfmhXiAg1Bk9Xe9Hte_fWblyW9zbiaS-NQYexGsk7RWM7em3jV27brEDD4e5JbLy_rqVDQo&google_hm=WXZMdkdjQ284WDBBQU11b2NQa0FBQUFB
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
55
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEDThBj4Y1xi1weve7MGmplg&google_cver=1&google_push=AehlK4CgsHWN8VlmM18LJEaotqkhpfmhXiAg1Bk9Xe9Hte_fWblyW9zbiaS-NQYexGsk7RWM7em3jV27brEDD4e5JbLy_rqVDQo","cluster_id":55,"gdpr":false,"ipv4":"217.138.252.204","key":"YvLvGcCo8X0AAMuocPkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad375"}
X-SO-Ads-Time
2
X-SO-Key
YvLvGcCo8X0AAMuocPkAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad375
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4CgsHWN8VlmM18LJEaotqkhpfmhXiAg1Bk9Xe9Hte_fWblyW9zbiaS-NQYexGsk7RWM7em3jV27brEDD4e5JbLy_rqVDQo&google_hm=WXZMdkdjQ284WDBBQU11b2NQa0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad375.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
217.138.252.204
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame E65A 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEFsmvBx2dFBW3D3WaPCpKF0&google_cver=1&google_push=AehlK4B0yoXAYGWc3L6VqiTDqXr7QZHxh7BspoCIVhVk5avHbFkxBLTCx62gJVTZEAKixX-XVlYrxGPrQq0IIjd1a5thaaFx-X91
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E65A
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMvhx7m4NxqQrTcUCV4UFjo&google_cver=1&google_push=AehlK4DPElYjuCX4OF0V26DzH1X8fIcVCk50HmlUAcBmK00r6adQzcvNkhhbF7Lc4MBurz3RBIsLnrIsPobnQuEjT...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmNmZWU0YmItNmY1OS00MTI2LTk0MGMtYzk4ZGE4ZDk3ZTI5&google_push=AehlK4DPElYjuCX4OF0V26DzH1X8fIcVCk50HmlUAcBmK00r6adQzcvNkhhbF7Lc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmNmZWU0YmItNmY1OS00MTI2LTk0MGMtYzk4ZGE4ZDk3ZTI5&google_push=AehlK4DPElYjuCX4OF0V26DzH1X8fIcVCk50HmlUAcBmK00r6adQzcvNkhhbF7Lc4MBurz3RBIsLnrIsPobnQuEjTdRGjUqRlHie9g
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NmNmZWU0YmItNmY1OS00MTI2LTk0MGMtYzk4ZGE4ZDk3ZTI5&google_push=AehlK4DPElYjuCX4OF0V26DzH1X8fIcVCk50HmlUAcBmK00r6adQzcvNkhhbF7Lc4MBurz3RBIsLnrIsPobnQuEjTdRGjUqRlHie9g
date
Tue, 09 Aug 2022 23:34:49 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E65A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5FjvASNJTCHjtb164Jrg2InVvh7o7m3Gcz8l82cVgpxExVlcVrrJtEJtrNxzesjHMeg3Tgw
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame 6BB6 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=125&ttfrms=26&brid=3&brver=104.0.5112.79&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8Tar9EEADTbpTauTau_hc4efd7724ab_64bc7%60faaa2ac56ecc%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8Tau492%3F86%5CD%3D24%3CD%5C5672F%3DE%5C3C%40HD6C%5C49C%40%3E6%5C7%3AC67%40I%5CD272C%3A%5C_%60hgc_a%5Cbgec&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2424&ddur=3&uid=1660088088984504&jsCallback=dvCallback_1660088088984116&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2960&tgjsver=2960&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=29&brh=2&sdf=2&dvp_epl=407&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gwIjPq14Qgj9oiZvP-uyjc&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32323016&DVP_DBM_4=209882534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=917300748424&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=113544972833.72502&dvp_tukv=10266816.325851323&dvp_uuid=209445913989.96204&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=247529677537
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
c885d09c67f074e17adb6e47d981e655c6e2a1bab2299155babccf73f627276d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:50 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
08/08/2022 23:34:50
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcb807af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a5c9840d-b1ab-44b9-a388-a64f29419a1e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844e0a9f66af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfe8a32af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 09 Aug 2022 23:34:49 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dff6b26af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
date
Tue, 09 Aug 2022 23:34:48 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=dfb5d7e4-229e-4d4e-8de0-037cd1192799
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=dfb5d7e4-229e-4d4e-8de0-037cd1192799
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfe39afaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=dfb5d7e4-229e-4d4e-8de0-037cd1192799
date
Tue, 09 Aug 2022 23:34:49 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcbff7af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
date
Tue, 09 Aug 2022 23:34:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455691000V10
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455691000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfd48aeaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 09 Aug 2022 23:34:49 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455691000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 09 Aug 2022 23:34:49 GMT
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=742788fd-a144-3436-2341-fae88b9b0f79
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=742788fd-a144-3436-2341-fae88b9b0f79
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844e00cc96af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=742788fd-a144-3436-2341-fae88b9b0f79
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 2EEA
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcbff8af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Tue, 09 Aug 2022 23:34:49 GMT
via
1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-P3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
BEfiyEaDT7pKK0gP83E1ww2pmUeYR9CGUs0wclNR5FW1jRbZiMo0Xg==
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfc8fbdaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
date
Tue, 09 Aug 2022 23:34:49 GMT
server
ATS/9.1.0.46
age
1
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcb811af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0707cab0-6914-423a-8e4d-a354bf935c62
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcbffaaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Tue, 09 Aug 2022 23:34:49 GMT
via
1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-P3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Ace2SC2J2Szv_LB8hr32YN2dV0dBLyLhCM60O_FaB4FB5-wyz6ikwA==
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844e0a9f68af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1fe69952-5c9f-3429-3147-632ca94060b9
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1fe69952-5c9f-3429-3147-632ca94060b9
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844e00cc90af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=1fe69952-5c9f-3429-3147-632ca94060b9
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1c1d8080-1274-41ad-ad4c-66f5cc88d9ea
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1c1d8080-1274-41ad-ad4c-66f5cc88d9ea
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfe39adaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1c1d8080-1274-41ad-ad4c-66f5cc88d9ea
date
Tue, 09 Aug 2022 23:34:49 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfeaa43af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 09 Aug 2022 23:34:49 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844e00ecafaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
date
Tue, 09 Aug 2022 23:34:49 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 206A
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455637000V10
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455637000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfd58cdaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 09 Aug 2022 23:34:49 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455637000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 09 Aug 2022 23:34:49 GMT
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfde95eaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOfjh6pfXkgUdfE2zXGOjCnc_VeuoduZDZFf1NZg
date
Tue, 09 Aug 2022 23:34:48 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcd828af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c3588d2-75b1-4611-a838-6efb7f32b20d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8987621025352897644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455668000V10
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455668000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfd58bbaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 09 Aug 2022 23:34:49 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3030896896455668000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 09 Aug 2022 23:34:49 GMT
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcb805af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A
date
Tue, 09 Aug 2022 23:34:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfcbffcaf46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Tue, 09 Aug 2022 23:34:49 GMT
via
1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
NRT57-P3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=551849a6
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ebjb0TpMNkV7pPVYAEp3D7wIg4VB_AbcmNTt35xNoOn-uIyC9ZHLdg==
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844e0a9f63af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e5290092-f15f-54de-88d0-3ec8ea22d1d3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=aa8d7c6f-e0b2-42d1-3bed-cd5da8db56f2
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=aa8d7c6f-e0b2-42d1-3bed-cd5da8db56f2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844e00dca5af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=aa8d7c6f-e0b2-42d1-3bed-cd5da8db56f2
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=65e92098-ccfd-4435-b475-80c2789b56d1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=65e92098-ccfd-4435-b475-80c2789b56d1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfe39b0af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=65e92098-ccfd-4435-b475-80c2789b56d1
date
Tue, 09 Aug 2022 23:34:49 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame AC76
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73844dfeaa44af46-NRT
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 09 Aug 2022 23:34:49 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cframe.js
assets.a-mo.net/js/ Frame C127 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eee34931cf505455f8eec63ed94483b298da6e0c3f636afe43a837662996b4d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
via
1.1 43e1ca23939d600169617c2c9d3732da.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
269
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 19 Jul 2022 22:02:30 GMT
server
cloudflare
etag
W/"5d4d1f5c97de125cd81d5ab18e85de45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
NRT57-P2
cf-ray
73844dfccbee1f3b-NRT
x-amz-cf-id
d4uggNWmtRy_H5P4Y8LtzGyQzxHnxxAOJZm6hHIeDnds89wqCpWHdA==
expires
Wed, 10 Aug 2022 00:34:49 GMT
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7OCW,pingTime:1,time:2437,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D,%7Bpiv:100,vs:i,r:,t:1398%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1039,o:1398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1393~0,2~100%5D,as:%5B1395~728.90%5D%7D%7D,%7Bsl:i,t:1398,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:134,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7OCX,pingTime:1,time:2438,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D,%7Bpiv:100,vs:i,r:,t:1398%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1040,o:1398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1393~0,2~100%5D,as:%5B1395~728.90%5D%7D%7D,%7Bsl:i,t:1398,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1037~100%5D,as:%5B1037~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:134,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame 0370 		54 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73844dfc8ccd0af8-NRT
content-encoding
br
content-type
text/html
date
Tue, 09 Aug 2022 23:34:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0NL%2Bv1FXg8LZ9rFJDr8RaMENA3e2laDUnx08hwLVcn8JFG%2BmpM9%2F39QOBF4xdhK1u2gJ4z4wnjI4ykNmFubKNUxdoDjWShGwj%2FU6%2BslwvVqMqpPcsns6X9rb3Jp%2Frj1FQOplRf77a9Dkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame B832 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 9DAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C1A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133762
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:49 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 7454 		54 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73844dfc8cce0af8-NRT
content-encoding
br
content-type
text/html
date
Tue, 09 Aug 2022 23:34:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Q%2B7QlvvGIrpj6LDGsXdXKz3nSFy8%2FaNhtpOnpmyUSAjsDGMYZHfq3HjDN%2BoveDuitkEmjk0nZCOHTwng791P0xCYIonbSXrIeYhowb0wCvYQtsBw%2FEMlasZxkSOyCy8aLyWmt%2BM490LeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame D27E 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 9988 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 36EF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133762
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:49 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 128F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0218 		54 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73844dfc8ccf0af8-NRT
content-encoding
br
content-type
text/html
date
Tue, 09 Aug 2022 23:34:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nRxUSWr%2FSmXeV8LgvMZw0NIwG2qAmotGxN46BmPGMLyWvDrSGxUO39VP3Gj9mTzPJSi3Ei68B4ybWAgH2QJiD50GkTSk508oQZ%2BwQ8aqlzJ%2BJ8Pb8ETJxDSw1VwG7RzjEFsJHsJeKmqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 280E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.172.244 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-172-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133762
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 23:34:49 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 11 Aug 2022 12:44:11 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BE65 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame B68A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
90e29ba7e805d1917c895a2f432a442dd7eccaafacb55fa65112ee1ba6801fe0

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:22:01 GMT
server
nginx
etag
W/"3aba659e7bfa4ae015fa621becb3cb66"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame D44A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
90e29ba7e805d1917c895a2f432a442dd7eccaafacb55fa65112ee1ba6801fe0

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:22:01 GMT
server
nginx
etag
W/"3aba659e7bfa4ae015fa621becb3cb66"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame CE42 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
90e29ba7e805d1917c895a2f432a442dd7eccaafacb55fa65112ee1ba6801fe0

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:22:01 GMT
server
nginx
etag
W/"3aba659e7bfa4ae015fa621becb3cb66"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame EC3F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.56.56 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-56-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:49 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin
us
X-Varnish
1570777
Cache-Control
max-age=803
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5953
Expires
Tue, 09 Aug 2022 23:48:12 GMT
visit.js
tps.doubleverify.com/ Frame 4768 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=174&ttfrms=6&brid=3&brver=104.0.5112.79&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8Tar9EEADTbpTauTau_hc4efd7724ab_64bc7%60faaa2ac56ecc%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%5DH9%3AE67%3A6%3D572C%3E%5D%40C8Tau492%3F86%5CD%3D24%3CD%5C5672F%3DE%5C3C%40HD6C%5C49C%40%3E6%5C7%3AC67%40I%5CD272C%3A%5C_%60hgc_a%5Cbgec&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2424&ddur=3&uid=1660088089051622&jsCallback=dvCallback_1660088089051599&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2960&tgjsver=2960&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=29&brh=2&sdf=2&dvp_epl=407&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115846&sid=18330&plc=4181641&crt=3868393&btreg=4181641&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=20A4BE82-AAAD-9071-5884-282237B0055A&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=113544972833.72502&dvp_tukv=650688570.5755584&dvp_uuid=38646994541.10911&dvp_strhd=0.10000228881835938&dvpx_strhd=0.10000228881835938&dvp_tuid=126407907757
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
b98fad6fae2a50ee223ecd47362981da5b104b56ffa73d68e1f51c238aa00942

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:50 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
08/08/2022 23:34:50
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 0EF4 		627 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.26 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Tue, 09 Aug 2022 23:34:49 GMT
etag
W/"62ec189b-273"
expires
Sun, 08 Aug 2027 23:34:49 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 5321 		636 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.26 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Tue, 09 Aug 2022 23:34:49 GMT
etag
W/"601b131c-27c"
expires
Sun, 08 Aug 2027 23:34:49 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame DB04 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANfpoHXQo2lIiOqs
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Length
0
Date
Tue, 09 Aug 2022 23:34:48 GMT
Etag
5656d821921accf8
Server
Adtelligent
cookie
cm.adform.net/ Frame 7FB7 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Tue, 09 Aug 2022 23:34:49 GMT
server
nginx
csync
sync.adtelligent.com/ Frame 66F0
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4aa6cb613ddaf895
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4aa6cb613ddaf895
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:49 GMT
Server
Adtelligent
Etag
e0c72f070dd3b9a5
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4aa6cb613ddaf895
Date
Tue, 09 Aug 2022 23:34:49 GMT
Server
Adtelligent
Etag
4aa6cb613ddaf895
Content-Length
0
usync
id.a-mx.com/ Frame C127 		0
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=1fed07ff-1646-44e8-89dc-0d134a792a82&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
JP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vh8EOvVsxyCNzMgBz2AudX818tUHB6JvJtUwDHk7SYz%2BqTlQObhuZVes57x6Jon1nDeVVDyIGFg%2BPJj4hupwXD0h3Dw3EeGsxzr0mB3Evf0gZsH58HpaMmLjKJskQl1C9cbMNyXd4Wu1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
73844dfd1a420a9c-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
yahoo
prebid.a-mo.net/setuid/ Frame C127
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=1fed07ff-1646-44e8-89dc-0d134a792a82
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A&gdpr=0&gdpr_consent=
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-4.N33FdE2uH3YWJ2HxYo0GBBDWIZ5KHatD9KjGI-~A&gdpr=0&gdpr_consent=
date
Tue, 09 Aug 2022 23:34:49 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame C127
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L6MTL256-L-2NV1&gdpr=0
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L6MTL256-L-2NV1&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L6MTL256-L-2NV1&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0963d041a95f271fbba7f411adc03573
Expires
0
cookie
cm.adform.net/ Frame C127 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame C127
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%...
  • https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=smartadserver&uid=3590419838912882203
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=smartadserver&uid=3590419838912882203
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=smartadserver&uid=3590419838912882203
date
Tue, 09 Aug 2022 23:34:48 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame C127 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D1fed07ff-1646-44e8-89dc-0d134a792a82%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.242 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:48 GMT
content-length
0
usermatchredir
ssum.casalemedia.com/ Frame C127 		43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%3Dindex_rtb%26uid%3D
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73844dfd29dfaf40-NRT
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYUGef47kpcfmamuPg2MLcLVu1GNfn3qPAI3wg00Ic0R31F6TJDBg5h8lv7mSPwPlTBI7yj07Qu0Zjswkzy%2BrBZ74MyzOjAiEkjtkz3IfnnWQVQx9tMSBwZqpa0RGCW8QE6ZWFGV"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
setuid
prebid.a-mo.net/ Frame C127
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Tue, 09 Aug 2022 23:34:49 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=sovrn&uid=FHpmELZHnuCZF7XlRPeMPfsZ
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame C127
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1fed07ff-1646-44e8-89dc-0d134a792a82%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=appnexus&uid=8987621025352897644
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=appnexus&uid=8987621025352897644
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d7611807-b190-4733-84fb-88398eb6dbd7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=1fed07ff-1646-44e8-89dc-0d134a792a82&bidder=appnexus&uid=8987621025352897644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame C127 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=1fed07ff-1646-44e8-89dc-0d134a792a82
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1a3eee4d-deb2-4933-8567-0dfae7ace323
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame C127 		86 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=1fed07ff-1646-44e8-89dc-0d134a792a82
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.99.87 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:49 GMT
content-length
86
content-type
image/png
setuid
prebid-server.rubiconproject.com/ Frame C127 		86 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=1fed07ff-1646-44e8-89dc-0d134a792a82
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.82.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0
usync.html
eus.rubiconproject.com/ Frame 456D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-98-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 23:34:49 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Aug 2022 23:34:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660088089125.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...
958 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f47196a16879644f6201493591480c95a14a724d889eb17b26316d5c4b37645a

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
537
content-type
text/html
date
Tue, 09 Aug 2022 23:34:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 09 Aug 2022 23:34:49 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000C
bidswitch
event.clientgear.com/gogocookie/ Frame F162
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=c488266c-4953-40f8-a996-47484890df95
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=c488266c-4953-40f8-a996-47484890df95
0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=c488266c-4953-40f8-a996-47484890df95
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:50 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

location
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=the33across&bsw_custom_parameter=c488266c-4953-40f8-a996-47484890df95
date
Tue, 09 Aug 2022 23:34:49 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
events-ssc.33across.com/ Frame F162
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660088089125.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=55a362f2-ef1a-4900-9d20-f665dac355cb
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=55a362f2-ef1a-4900-9d20-f665dac355cb
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Tue, 09 Aug 2022 23:34:51 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=55a362f2-ef1a-4900-9d20-f665dac355cb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Aug 2022 23:34:50 GMT
match
events-ssc.33across.com/ Frame F162
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1660088089125.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8987621025352897644
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8987621025352897644
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:50 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d5801737-fdba-4329-a02d-3e75061f9a49
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=8987621025352897644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 456D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-98-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0301d47f4db06077df52ef4c6a97ee427303032de785033fd4bfc636b0b9ef1d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61035
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Wed, 10 Aug 2022 16:32:04 GMT
match
events-ssc.33across.com/ Frame 456D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L6MTL256-L-2NV1
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L6MTL256-L-2NV1
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6MTL256-L-2NV1&ts=1660088090&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6MTL256-L-2NV1&ts=1660088090&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L6MTL256-L-2NV1&ts=1660088090&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
lgc
d9.flashtalking.com/ Frame EC3F 		118 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.207.73 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-207-73.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
29f98ea37416e169232cfb0a0ba1ee5d12ef92412c7052184b4b06da6b8749a8

Request headers

Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
118
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 0EF4 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.202.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-202-114.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:25:34 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
38671
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e863b36e031bf6bac4affa9bea0f3f30.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
NRT57-P3
x-amz-cf-id
Lk3vcpH3mVn45hmf8YkRxsu1Md2rizWCeY6vhs77lv0NJyyZiw_0dA==
GS.d
js.cookieless-data.com/ Frame 5321 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1660088089535
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:50 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
img.png
d9.flashtalking.com/img/ Frame EC3F 		70 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9.flashtalking.com/img/img.png?cnx=8df4bc15a8508636104fc87729dccc18
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.207.73 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-207-73.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:48 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Connection
keep-alive
Content-Length
70
Access-Control-Allow-Methods
GET,POST,SERVER
Content-Type
image/png
/
servedby.flashtalking.com/state/4181641;3868393;0;401;20A4BE82-AAAD-9071-5884-282237B0055A/ Frame EC3F 		42 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/4181641;3868393;0;401;20A4BE82-AAAD-9071-5884-282237B0055A/?ft_data=d9:fb4e8ef1a02d449283b8e23aae1ab010;d9s:fb4e8ef1a02d449283b8e23aae1ab010&cachebuster=427686318
Requested by
Host: 094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
URL: https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app8.tky11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
Server
prod-xre-app8.tky11
X-HW
1660088088.dop020.si2.t,1660088088.cds213.si2.shn,1660088088.dop020.si2.t,1660088089.cds228.si2.sc,1660088089.cds228.si2.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 0EF4 		155 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.202.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-202-114.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 14:00:19 GMT
via
1.1 28cc684478478d9f9a85bebbb1ed4154.cloudfront.net (CloudFront)
age
34471
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
NRT57-P3
accept-ranges
bytes
x-amz-cf-id
kWsfz1kZNkLJ0LUmU_gNX-Dhm27I97Dt2eM-pqxjz6vK6OH5yQWBYw==
data
bcp.crwdcntrl.net/6/ Frame 0EF4 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.91.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-91-142.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b16f7d5ae841d08de58618a110060f5e2febe0c9f61e2478e084ab5268e21100

Request headers

Referer
https://s.e-planning.net/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
cache-control
no-cache
x-server
10.42.22.38
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
555
expires
0
async_usersync
ib.adnxs.com/ Frame C7CF 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c0b6cffd-8f45-4c6f-98f9-2ba59d65e9e5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B8F6 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0d770d5d-850d-411b-9d4e-8bbd8c846b5a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A7A8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
X-Proxy-Origin
217.138.252.204; 217.138.252.204; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6fdba386-6106-4fdf-89b3-fa853ee2ab3e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 35BC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.202.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-202-114.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer
https://s.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
27736
cache-control
max-age: 86400
content-encoding
gzip
content-type
text/html
date
Tue, 09 Aug 2022 15:52:34 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e863b36e031bf6bac4affa9bea0f3f30.cloudfront.net (CloudFront)
x-amz-cf-id
KNRr9uNZKt3PGsKnA8g8b6rIuWf6_v9rZY9mmPLMdA7l0KeLdIdy0w==
x-amz-cf-pop
NRT57-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame 8D05 		941 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.91.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-91-142.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ead4302d128d5d8b01149cc5317bd395901426f15fa72e3625c45a3dcb20776c

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-length
941
content-type
text/html
date
Tue, 09 Aug 2022 23:34:49 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.27.153
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 8D05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.109.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
5907
tags.bluekai.com/site/ Frame 8D05 		62 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=6a72ff1570aa9f56bfe1390519f0a1b1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.194.211.57 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-194-211-57.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:50 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 8D05 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
image.sbxx
global.ib-ibi.com/ Frame 8D05 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=36700a6a45e5aa0421b000165944a38b
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.183 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8549987446109609232/ Frame 8D05
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/36700a6a45e5aa0421b000165944a38b/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://d3644149111097611587-t8549987446109609232.id.amgdgt.com/r/telco/tuid/8549987446109609232/duid/3644149111097611587/url/https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10915%2Ftp%3DTRNN%2Ftpid%3...
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8549987446109609232/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8549987446109609232/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Protocol
H2
Server
52.77.10.214 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-10-214.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.1.70
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8549987446109609232/gdpr=0
Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:49 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Content-Length
0
Strict-Transport-Security
max-age=15768000
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=41858e2c-b518-41a5-824e-972da936cd01/gdpr=0/ Frame 8D05
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=41858e2c-b518-41a5-824e-972da936cd01/gdpr=0/gdpr_consent=
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=41858e2c-b518-41a5-824e-972da936cd01/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=104%2C12%2C33%2C78%2C3%2C116&c=15238
Protocol
H2
Server
52.77.10.214 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-10-214.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.20.113
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=41858e2c-b518-41a5-824e-972da936cd01/gdpr=0/gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
activeview
pagead2.googlesyndication.com/pcs/ Frame EC3F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBv_dRpjhkkcis6h6gNC0z0k-9YwSSdY4HaRER5PeC70-vr-3NyaE3kwjvhDvSU3q-rN_FQZGFV6V0EL8sL06RkMyCywO2iq6gYI2HO_iuawMoHsgm_YLvpCQpL594AmrCUJpiMUbkGQ&sai=AMfl-YSmG8M9kyflcsUZ7MvJIeMAoYoMGM2t3NTOXK3fP36quLnLOKoVMcay8dxeoUVamhmpvfZStTN5_Zl5735NDvnpEPA0QVut-u9RBDEIWHbJlVpN3wCPpb9wegVq&sig=Cg0ArKJSzBTZFohrVKQSEAE&cid=CAASJeRokf6XzlU5lLxNb-gZjzEAiCs6QL_AoOUGBXH2ffzYhhm_NdI&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2851840497&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660088086410&rpt=2619&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 608A 		68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=8d24f8bc-a330-4648-9bd2-6e8cdca271af
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 23:34:51 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
openx
cs.nex8.net/cs/ Frame 608A 		0
0
dds
rtb.openx.net/sync/ Frame 608A
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=JBl-7tQ9z4kRkS3rBe_ZSg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lbqs1bp140upc4ug7532li2cv2bc4op1

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
jp-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&auid=8a5ad121-d8b3-4f6c-991e-6dba7305a41c
  • https://jp-u.openx.net/w/1.0/sd?id=537072588&val=b0P8-DQcFna-l
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=b0P8-DQcFna-l
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:50 GMT
Server
nginx
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Location
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=b0P8-DQcFna-l
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
sd
jp-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=304762f2-ef1a-4100-b0bd-665bbcf44389
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=304762f2-ef1a-4100-b0bd-665bbcf44389
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 09 Aug 2022 23:34:51 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=304762f2-ef1a-4100-b0bd-665bbcf44389
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Aug 2022 23:34:50 GMT
sd
us-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8549987446109609232&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8549987446109609232&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8549987446109609232&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fb4ff4d2-7dbb-76a7-f7e5-615cd6f6e3f0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=41858e2c-b518-41a5-824e-972da936cd01&ttd_puid=fb4ff4d2-7dbb-76a7-f7e5-615cd6f6e3f0&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=41858e2c-b518-41a5-824e-972da936cd01&ttd_puid=fb4ff4d2-7dbb-76a7-f7e5-615cd6f6e3f0&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=41858e2c-b518-41a5-824e-972da936cd01&ttd_puid=fb4ff4d2-7dbb-76a7-f7e5-615cd6f6e3f0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvLvGcCo8X0AAMuocPkAAAAA
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvLvGcCo8X0AAMuocPkAAAAA
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 09 Aug 2022 23:34:50 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":55,"gdpr":false,"ipv4":"217.138.252.204","key":"YvLvGcCo8X0AAMuocPkAAAAA","privacy_sensitive":false,"uid":"YvLvGcCo8X0AAMuocPkAAAAA","upstream_id":"m-ad375"}
X-SO-Key
YvLvGcCo8X0AAMuocPkAAAAA
X-SO-Upstream-ID
m-ad375
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad375.dc4p.scaleout.jp
X-SO-UID
YvLvGcCo8X0AAMuocPkAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
217.138.252.204
X-SO-Cluster-ID
55
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YvLvGcCo8X0AAMuocPkAAAAA
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZS9YwtXgd26ks8ADsaW1YkAfc8AAAGChPYBHw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZS9YwtXgd26ks8ADsaW1YkAfc8AAAGChPYBHw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
via
1.1 1a66f1841a66beb1461c34f28edb09ee.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZS9YwtXgd26ks8ADsaW1YkAfc8AAAGChPYBHw
cache-control
no-cache
content-length
0
x-amz-cf-id
A4-aAD9Ua98Vb9X5h4rh7zTDGQ7h6gcJ6mOyXFyoZUIeSXEVbgYXwQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 608A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDcyMDI3MTgtYjRjYy0yODAzLWUyMDUtM2JlNTFjMTQyZDkw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 608A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELp2b7t8oGSJvdC10deUxJU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptrack
a.audrte.com/ Frame E92B 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.252.204&p=M1353665098&artime=2022-08-09T23:34:50.897Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-220-103.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
65408f28aaf4bab5bfd42c821f5dd1275a83f16c60d7201c304ddc941b882ec1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:51 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
pixel
ps.eyeota.net/ Frame E92B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=l55PLc0MVceQ2CEPyq9SBN2dg&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.176.247.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:51 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame E92B
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7729131518783290630
  • https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091
  • https://a.audrte.com/match?uid=99145223-a459-451f-87ef-4c4b5888af1f&p=560038091
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-220-103.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:52 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 09 Aug 2022 23:34:52 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame E92B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l55PLc0MVceQ2CEPyq9SBN2dg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l55PLc0MVceQ2CEPyq9SBN2dg&gdpr=0&gdpr_consent=&google_gid=CAESECLou40YKcDyi_4TmB81qaA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-220-103.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 23:34:51 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 09 Aug 2022 23:34:51 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
dc_pre=CP_xq4j2uvkCFY2zvAodzs4Odw;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1
adservice.google.com/ddm/fls/z/ Frame 4768
Redirect Chain
  • https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366
  • https://ad.doubleclick.net/activity;dc_pre=CP_xq4j2uvkCFY2zvAodzs4Odw;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366
  • https://adservice.google.com/ddm/fls/z/dc_pre=CP_xq4j2uvkCFY2zvAodzs4Odw;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP_xq4j2uvkCFY2zvAodzs4Odw;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366
Protocol
H3
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/dc_pre=CP_xq4j2uvkCFY2zvAodzs4Odw;src=1295336;type=cs;cat=Viewa0;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1660088092254366
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=1295336;dc_pre=CPeOrIj2uvkCFSdEwgUdk90JZw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u...
adservice.google.com/ddm/fls/z/ Frame 4768
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_3...
  • https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CPeOrIj2uvkCFSdEwgUdk90JZw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5...
  • https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CPeOrIj2uvkCFSdEwgUdk90JZw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5B...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CPeOrIj2uvkCFSdEwgUdk90JZw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1660088092255784
Protocol
H3
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CPeOrIj2uvkCFSdEwgUdk90JZw;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115846;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1660088092255784
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7PET,pingTime:5,time:6402,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D,%7Bpiv:100,vs:i,r:,t:1398%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:5005,o:1398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1393~0,2~100%5D,as:%5B1395~728.90%5D%7D%7D,%7Bsl:i,t:1398,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:139,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:53 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
event.png
tpsc-sgc.doubleverify.com/ Frame 4768 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-sgc.doubleverify.com/event.png?impid=99388df9aa2d4608989689a94a0bcbdb&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=1072&eoid=12&msrjs=2960&dvp_ac_version=0727a&dvp_acibv=&bsigr=17592438096384&sdf=2&vit=2&isvelg=1&rmi=16&tltms=3&tetms=42&msltms=6&vltms=1072&sei=290&vetms=24&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=9&isumms=8&nvr=6&isgmmims=9&isgmv4mims=9&elmtp=6&isbxdms=3109&b0=100&b11=3164&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=3264&sftb=3264&msrdp=1&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1009&isuiabvms=1009&isgmpims=109&isgmv4dpims=1009&ispmxpms=1009&engalms=8&dvp_dpr=1&ttfurm=4084&cbust=1660088093130754
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:53 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
08/08/2022 23:34:53
event.png
tpsc-sgc.doubleverify.com/ Frame 6BB6 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-sgc.doubleverify.com/event.png?impid=ea4f9ab270f14d5292edaa2a6c586145&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=1137&eoid=12&msrjs=2960&dvp_ac_version=0727a&dvp_acibv=&bsigr=17592438096384&sdf=2&vit=2&isvelg=1&rmi=16&tltms=3&tetms=7&msltms=13&vltms=1137&sei=289&vetms=42&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=33&isumms=32&nvr=6&isgmmims=33&isgmv4mims=33&elmtp=6&isbxdms=3233&b0=100&b11=3259&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=3359&sftb=3359&msrdp=2&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1046&isuiabvms=1046&isgmpims=153&isgmv4dpims=1046&ispmxpms=1046&engalms=31&dvp_dpr=1&ttfurm=4201&cbust=1660088093161885
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2960.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 09 Aug 2022 23:34:53 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
08/08/2022 23:34:53
dc_oe=ChMI7PbUhfa6-QIVBIbpBR2C-whlEAAYACDF-4NTQhMI6I6jhfa6-QIVz8t8Ch2Q4wPq;met=1;&timestamp=1660088097321;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C31C 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7PbUhfa6-QIVBIbpBR2C-whlEAAYACDF-4NTQhMI6I6jhfa6-QIVz8t8Ch2Q4wPq;met=1;&timestamp=1660088097321;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:34:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
56697487
mc.yandex.ru/watch/ 		43 B
145 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/56697487?page-url=https%3A%2F%2Fja.whitefieldfarm.org%2Fchange-slacks-default-browser-chrome-firefox-safari-0198402-3864&charset=utf-8&browser-info=nb%3A1%3Acl%3A676%3Aar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A1%3Als%3A130547957005%3Ahid%3A1059716320%3Az%3A0%3Ai%3A20220809233501%3Aet%3A1660088101%3Ac%3A1%3Arn%3A225085744%3Arqn%3A2%3Au%3A1660088086453788168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660088081672%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660088101&t=gdpr(14)clc(0-0-0)lt(55000)aw(1)rqnt(2)ecs(1)rqnl(1)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://ja.whitefieldfarm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:35:01 GMT
last-modified
Tue, 09-Aug-2022 23:35:01 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ja.whitefieldfarm.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 09-Aug-2022 23:35:01 GMT
dt
dt.adsafeprotected.com/ Frame C31C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1082138&asId=d08d24de-e4df-01cc-7f0f-11bbf92da577&tv=%7Bc:kQ7Sga,pingTime:15,time:16401,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D,%7Bpiv:100,vs:i,r:,t:1398%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:15003,o:1398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1393~0,2~100%5D,as:%5B1395~728.90%5D%7D%7D,%7Bsl:i,t:1398,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15001~100%5D,as:%5B15001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:135,fm:te3KqLL+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17*.1082138-64281289%7C171%7C172%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:22a8:1ef8:27f2:ceae Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 23:35:03 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ssp.wp.pl
URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
adx.adform.net
URL
https://adx.adform.net/adx/openrtb
Domain
ssp.wp.pl
URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
adx.adform.net
URL
https://adx.adform.net/adx/openrtb
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
adx.adform.net
URL
https://adx.adform.net/adx/openrtb
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cookieconsent object| __cfQR object| rbConfig string| token object| rsdfhse function| ym boolean| __cfRLUnblockHandlers object| AdSlotCollection object| Sk object| _0x6c45 number| zxadflg_rich_stat boolean| cs_flg string| zxmngname_ext string| yamId string| zx_domaine_ext string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule number| nmprd object| t object| e string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| __ZXCONSENT boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| AdPlayerPro function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| _0x5263 object| $jscomp function| $jscomp$lookupPolyfilledValue number| mrwrk object| MpRd object| ggeac object| google_tag_data object| google_js_reporting_queue number| zxCheckAbs number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| ZxConsentCheckStatus number| ZxTimerConsensDelay object| sas object| apntag object| _ADAGIO string| didomiCountry object| didomiGeoRegulations object| ZXNT object| ABS_URL object| DATAZXNT undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms function| getCs number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays object| ed object| google_image_requests object| Ya object| yaCounter56697487 object| _mgIntExchangeNews object| MarketGidInfC1122452 boolean| mg_loaded_703366_1122452 object| MarketGidInfC1122449 boolean| mg_loaded_703366_1122449 object| MarketGidInfC1305780 boolean| mg_loaded_703366_1305780 object| onClickExcludes function| mgReject1122452 function| mgLoadAds1122452_0b283 function| MarketGidCReject1122452 function| MarketGidLoadGoods1122452_0b283 function| mgLoadAds1122452_10fe9 function| MarketGidLoadGoods1122452_10fe9 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag object| _mgPageViewEndPoint703366 string| _mgCanonicalUri object| _mgPageView703366 string| _mgPvid function| mgLoadAds1122452_16990 function| MarketGidLoadGoods1122452_16990 function| mgReject1122449 function| mgLoadAds1122449_0414e function| MarketGidCReject1122449 function| MarketGidLoadGoods1122449_0414e function| mgReject1305780 function| mgLoadAds1305780_15de9 function| MarketGidCReject1305780 function| MarketGidLoadGoods1305780_15de9 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping object| _mgPageImp703366

158 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: xNd252pbP6o
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 3lwqRmDh4Us
.us04.biz/ Name: uuid
Value: 9553ba71-9197-450d-ae18-16a0883db6cc
.whitefieldfarm.org/ Name: __cf_bm
Value: AsciPFQUQekhiSOEHvbg5P1oJ2EW144IbrhiBSI3Mjo-1660088084-0-AYId6DFaCybrbsoxj4B2Pr8rfs0pOQss2IXqU0TvStiPC9FAzjuLN1xDq2lsNfyyHqTpMi8Y2cL9U+hAHoLCsPYMby4lS/JhJsk9D32BN10wXdIgeshfJU1t7rYHz8ebYw==
ja.whitefieldfarm.org/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.whitefieldfarm.org/ Name: _sharedID
Value: 58d5c8a0-7289-4169-aa65-d8b196e5a282
ja.whitefieldfarm.org/ Name: zxntcmp
Value: 1
.quantumdex.io/ Name: uid
Value: 879a97d1-fadb-4291-8114-21515f455e58
.adnxs.com/ Name: uuid2
Value: 8987621025352897644
.adnxs.com/ Name: icu
Value: ChgIis9gEAoYAiACKAIwlN7LlwY4AkACSAIQlN7LlwYYAQ..
.whitefieldfarm.org/ Name: __gpi
Value: UID=0000087352744e7e:T=1660088084:RT=1660088084:S=ALNI_MYcY4mAId3oJpXhrQWWXdzKy5hXDw
.prebid.a-mo.net/ Name: __amc
Value: 1_1660088085_1660088085
.a-mo.net/ Name: amuid2
Value: 1fed07ff-1646-44e8-89dc-0d134a792a82
.prebid.a-mo.net/ Name: sd_amuid2
Value: 1fed07ff-1646-44e8-89dc-0d134a792a82
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnGTCcWWcjjXHM2VxhGrM5eyeWGZ3J2JNufTRpjLtBqjngMYk0OEdu22qyu
.whitefieldfarm.org/ Name: __gads
Value: ID=f3a2972feeff101b:T=1660088084:S=ALNI_Ma654BIepxc5NsXSPodYZwGy0GbQw
.whitefieldfarm.org/ Name: _ym_uid
Value: 1660088086453788168
.whitefieldfarm.org/ Name: _ym_d
Value: 1660088086
.casalemedia.com/ Name: CMID
Value: YvLvFmNv-zBvKhNiXK6r0wAA
.casalemedia.com/ Name: CMPS
Value: 5519
.mgid.com/ Name: __cf_bm
Value: Zn6Gj8BQDDvrjX3zf8S991plG_iGVWQNCgHe5QHspkI-1660088086-0-AQGeOKC2c3WFFVgCZUIty/Z7b6oF6RxCNLIIJdAJVzjkp2wY9ojBS8Vn6aOCJ1WfUVuLZ6IrYbNjUBIs0i6nZno=
.ad-m.asia/ Name: uid
Value: wplARlzKDt
.send.microad.jp/ Name: TR
Value: 92a2d9cc99a10d0453d0522f77eac436
.casalemedia.com/ Name: CMRUM3
Value: 2d62f2ef162760CAESEMtlhgS97TWcoGlAzfVqzOE
.openx.net/ Name: i
Value: 28e3cb8b-d43c-4950-ad33-a9b4b2d1d00d|1660088086
.yandex.ru/ Name: yandexuid
Value: 9575671881660088086
.yandex.ru/ Name: yuidss
Value: 9575671881660088086
mc.yandex.ru/ Name: yabs-sid
Value: 1702453071660088086
.yandex.ru/ Name: i
Value: jTh9j1RTfqJETzKLEOrveRqlFZc2Yh7mrVbutg+v1TtAfn6iKFjqXN8AN5SLS1ojOkw3is1K+mJo5vzgqi/P6APmFpo=
.yandex.ru/ Name: ymex
Value: 1975448086.yrts.1660088086#1975448086.yrtsi.1660088086
.whitefieldfarm.org/ Name: _ym_isad
Value: 2
.3lift.com/ Name: tluid
Value: 1160779484034315932735
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7a5226ba-e6ee-496e-b2b7-3a22570aaa80-004%22%7D
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A1495245886472877484
.teads.tv/ Name: tt_viewer
Value: f897b08b-c20b-4e93-bc1f-8b61391568ce
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7a5226ba-e6ee-496e-b2b7-3a22570aaa80-004%22%7D
.mgid.com/ Name: muidn
Value: m79KrfYV2ayg
ja.whitefieldfarm.org/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1122452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1660088086794%7D%2C%22C1122449%22%3A%7B%22page%22%3A1%2C%22time%22%3A1660088086799%7D%2C%22C1305780%22%3A%7B%22page%22%3A1%2C%22time%22%3A1660088086844%7D%7D
.ctnsnet.com/ Name: gid_CAESEAaQ00A9Lw3uS8V3ZotSnp4
Value: 1
.ctnsnet.com/ Name: cid_879ed646754b423dbbbe53e0940f93df
Value: 1
.adsrvr.org/ Name: TDID
Value: 41858e2c-b518-41a5-824e-972da936cd01
.yahoo.com/ Name: A3
Value: d=AQABBBfv8mICENdpq2_lIX3dse8VALjKUg4FEgEBAQFA9GL8YgAAAAAA_eMAAA&S=AQAAAi_wLY74fDPQXVAToqrBdtw
.yieldmo.com/ Name: yieldmo_id
Value: g67013b6eb72242c3d63%7C1660088086994%7C0%7C
.c.appier.net/ Name: _auid
Value: 2lttciP8As6JXXLdF-_yYg
.c.appier.net/ Name: _gu
Value: CAESEHAR8JIIl0YaKd1yaF50Deo
.dyntrk.com/ Name: dyn_u
Value: 05030001_62f2ef1703aee
.rubiconproject.com/ Name: khaos
Value: L6MTL256-L-2NV1
.pippio.com/ Name: did
Value: GMQkhteI5Zc_LCEu
.pippio.com/ Name: didts
Value: 1660088087
.pippio.com/ Name: nnls
Value:
.creativecdn.com/ Name: u
Value: 4SBCo0fVzDvaq6Xia6ZP
.creativecdn.com/ Name: ts
Value: 1660088087
.bidswitch.net/ Name: c
Value: 1660088087
.bidswitch.net/ Name: tuuid_lu
Value: 1660088087
.bidswitch.net/ Name: tuuid
Value: c488266c-4953-40f8-a996-47484890df95
.360yield.com/ Name: tuuid
Value: 99145223-a459-451f-87ef-4c4b5888af1f
.360yield.com/ Name: tuuid_lu
Value: 1660088087
.zemanta.com/ Name: zuid
Value: -6kAU_RdxmfL74ywymNB
.pippio.com/ Name: pxrc
Value: CJfey5cGEgQIAhAAEgYI7OsBEAA=
.e-volution.ai/ Name: v_usr
Value: 4f46af67-52b4-41bd-b541-ab8572e521cb
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A1495245886472877484
.linksynergy.com/ Name: rmuid
Value: 7f0a7074-0bb1-4f52-abb7-9efd5e283dec
.linksynergy.com/ Name: icts
Value: 2022-08-09T23:34:47Z
.quantserve.com/ Name: d
Value: ECYBDQHoJv7KwQA
.quantserve.com/ Name: mc
Value: 62f2ef17-bf3ee-fb561-82500
ads.us.e-planning.net/ Name: CT
Value: 1
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.csync.loopme.me/ Name: viewer_token
Value: 8c3843a5-deec-467f-bad3-3d6c40b5329c
.e-planning.net/ Name: E
Value: ANfpoHXQo2lIiOqs
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5334C9EB761A99|segment=(aixd)"
.smartadserver.com/ Name: pid
Value: 3590419838912882203
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.rlcdn.com/ Name: rlas3
Value: Q4BuY/QbdNR9VT+WsCHs/P7/RqrkecSXKvsMKKHtSMI=
.rlcdn.com/ Name: pxrc
Value: CJfey5cGEgUI6AcQABIGCJC8KxAB
.tynt.com/ Name: uid
Value: CoIKSmLy7xjCo+PCSFNOAg==
.lijit.com/ Name: ljt_reader
Value: FHpmELZHnuCZF7XlRPeMPfsZ
ja.whitefieldfarm.org/ Name: unifiedid
Value: %7B%22TDID%22%3A%2241858e2c-b518-41a5-824e-972da936cd01%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-09T23%3A34%3A48%22%7D
a4p.adpartner.pro/ Name: apuid
Value: 345dd38e-743b-4b81-bf3b-a5ba42d7ca86
.r-ad.ne.jp/ Name: r_ad_token
Value: 4ztNYm016BDAY008fEAx
.smaato.net/ Name: SCM
Value: 551849a6
.smaato.net/ Name: SCMp
Value: 551849a6
.adtelligent.com/ Name: a319130
Value: 8c3843a5-deec-467f-bad3-3d6c40b5329c
.adtelligent.com/ Name: a289656
Value: 99145223-a459-451f-87ef-4c4b5888af1f
.adtelligent.com/ Name: a297253
Value: 8987621025352897644
.adtelligent.com/ Name: a584890
Value: 8987621025352897644
.adtelligent.com/ Name: a309255
Value: c2917b1d-c424-454e-9c69-a14957ad217d
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~26hz:192w~26hz:196y~26hz"
.a-mx.com/ Name: amuid2
Value: 1fed07ff-1646-44e8-89dc-0d134a792a82
.socdm.com/ Name: SOC
Value: YvLvGcCo8X0AAMuocPkAAAAA
.casalemedia.com/ Name: CMTS
Value: 5504
.casalemedia.com/ Name: CMST
Value: YvLvFmLy7xkA
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1f2c933c-fb9e-4bab-8fa3-b3f7a07a18dc"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2409:u=1:x=1:i=1660088089:t=1660174489:v=2:sig=AQGDHzzsPQff_GVbPEnSbkmtyj98gokQ"
.media.net/ Name: visitor-id
Value: 3030896896455637000V10
.adnxs.com/ Name: anj
Value: dTM7k!M4/QE:2jUF']wIg2GTxhm0qr!]tc58i_iqf!oN/@E'zz<*Z0QZpG/nWE@5SiwOQ#x3Y0DX4]f:[fu_uuN.PxTD._*Pl[g2ozGM5YwX@DV%S4QD'R`bGQ:@mZNF^*G<$ISVCJ]jSGHrBT'aeMTaANR3KG4hPsXH%!(S=s5_Rl]
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMWZlZDA3ZmYtMTY0Ni00NGU4LTg5ZGMtMGQxMzRhNzkyYTgyIiwiZXhwaXJlcyI6IjIwMjItMTEtMDdUMjM6MzQ6NDlaIn19LCJiaXJ0aGRheSI6IjIwMjItMDgtMDlUMjM6MzQ6NDlaIn0=
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1660088089125%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1660088089125%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1660088089125%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1660088089125%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1660088089125%7D%5D
.id5-sync.com/ Name: id5
Value: b9df1d59-f612-4915-81f5-14c9e19ca05f#1660088088046#3
.whitefieldfarm.org/ Name: cto_bundle
Value: Gv9oA19MMDM4aEZmZXJNdklMZ3NHNVhVOGdick1EUUNWS0lQMExSenpRcGdJT296N3Y0cVV5clN6bEQyYnpFVEpvNEZhTUVxWnRnd3VNOTJxWmtkZmVHRkYlMkZSV3JaY3AwVUQzZlh6MmdCM0RMakFnYW1ZZHRXZnduTmpBamlTZHc4OUJZ
.whitefieldfarm.org/ Name: cto_bidid
Value: Ow7E8F9SajFXUWx0JTJGJTJGNkpMUjhHakhzUDVYS0tMcWZuM3dOUXZaZk45aGhHWjRCT21iQWhBQk1BMUtQcUJKQjJPZWZUbHBmaGxoeCUyQnolMkZNaiUyQnBzSlh3MlhMOUElM0QlM0Q
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjFmZWQwN2ZmLTE2NDYtNDRlOC04OWRjLTBkMTM0YTc5MmE4MiIsImV4cGlyZXMiOiIyMDIyLTA4LTIzVDIzOjM0OjQ5LjI2NDQ3NzkxOFoifSwicnViaWNvbiI6eyJ1aWQiOiJMNk1UTDI1Ni1MLTJOVjEiLCJleHBpcmVzIjoiMjAyMi0wOC0yM1QyMzozNDo0OS4yNjM5Mzk1NzVaIn19LCJiZGF5IjoiMjAyMi0wOC0wOVQyMzozNDo0OS4yNjM5Mzg0OFoifQ==
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
cm.mgid.com/ Name: mg_sync
Value: {"265689":1660088086,"363887":1660088086,"371158":1660088087,"43070":1660088087,"433145":1660088087,"433146":1660088086,"501037":1660088087,"516418":1660088086,"617666":1660088089,"709071":1660088086,"718337":1660088088}
.adtelligent.com/ Name: a307971
Value: ANfpoHXQo2lIiOqs
.adtelligent.com/ Name: vmuid
Value: e0c72f070dd3b9a5
.adtelligent.com/ Name: a310570
Value: FHpmELZHnuCZF7XlRPeMPfsZ
.adtelligent.com/ Name: a307558
Value: 345dd38e-743b-4b81-bf3b-a5ba42d7ca86
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMWZlZDA3ZmYtMTY0Ni00NGU4LTg5ZGMtMGQxMzRhNzkyYTgyIiwiZXhwaXJlcyI6IjIwMjItMDgtMjNUMjM6MzQ6NDkuMjk1ODcxNTMzWiJ9fSwiYmRheSI6IjIwMjItMDgtMDlUMjM6MzQ6NDkuMjk1ODY2NzMyWiJ9
.sharethrough.com/ Name: stx_user_id
Value: 65e92098-ccfd-4435-b475-80c2789b56d1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.spotim.market/ Name: vmuid
Value: 03b3278596bffa52
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.flashtalking.com/ Name: _D9J
Value: 2862f824854347eea39ec60eecb7fce4
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: aa8d7c6f-e0b2-42d1-3bed-cd5da8db56f2
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: AzZ8IIkA5Ux5jVGDdcX1Idg
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 36700a6a45e5aa0421b000165944a38b
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDYzNzBINEs0MU01TUw0MDEyTDIwMDA0M7U0MUk0tkhiAIKkT%2B8lQTQE8Fz4tkGfsa2c4T8jI8N5JPY5JPalU4%2FYYGq%2Bb5zCAmPv3ndZAMY%2BvHgOXHzt54d6MPGP759yw9jvliDUXD2pDhO%2B8sUSxgQAQyo%2B5w%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2BvReEkhBABMDA9cMEJOr6TOQBABMxQSA"
.console.adtarget.com.tr/ Name: vmuid
Value: 4aa6cb613ddaf895
.rubiconproject.com/ Name: audit
Value: 1|QAxLs4zy5Hlgu6B0MOAAZKR9+EF/EGsnmsXutYueDju9VIRjyUm7EuoQ6dKt4lzddP2PZawJ3g1CqQ3+tQhlLHMDvubSxZCGuJqroeLplSNkaZNfayZkBMcq9IayR2KL
.adtelligent.com/ Name: a318342
Value: 4aa6cb613ddaf895
.turn.com/ Name: uid
Value: 8549987446109609232
.33across.com/ Name: 33x_ps
Value: u%3D78192416933820%3As1%3D1660088090696%3Ats%3D1660088090696
.openx.net/ Name: pd
Value: v2|1660088090|jElYiuvOuIlUkaialQhI
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCOC01IC5mv06EAUYASACKAIyCwjAvfO9z5r9OhAFOAFaBmxvdGFtZWAC
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYwMDg4MDkwfQ
.admatrix.jp/ Name: uid
Value: 8a5ad121-d8b3-4f6c-991e-6dba7305a41c
.ladsp.com/ Name: cr
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|41858e2c-b518-41a5-824e-972da936cd01|1660088090891602
.ladsp.com/ Name: smn_uid
Value: xtSyuJHblAbv3IYP4TfU5g7GltWJAH0
.ladsp.com/ Name: lum
Value: CJ-C2KeoMBIFCAMQ0AU
.mathtag.com/ Name: uuid
Value: 304762f2-ef1a-4100-b0bd-665bbcf44389
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: e5290092-f15f-54de-88d0-3ec8ea22d1d3
.betweendigital.com/ Name: ut
Value: YvLvGwAD5BixQN_EjP8RVCIhK0zXQMR9mGcOPg==
.eyeota.net/ Name: SERVERID
Value: 20895~DM
.audrte.com/ Name: arcki2_ddp
Value: CAESECLou40YKcDyi_4TmB81qaA!20210804!1660088091401
.audrte.com/ Name: arcki2_TTT
Value: 1660088091402!l55PLc0MVceQ2CEPyq9SBN2dg!H4sIAAAAAAAAACWWS3JkIQwED8OaCBACpOPw0/2P4HztWcy0xzSIUlWKuHM2uT3PMiNrrJUtWs/mKt3f7jNKKuNJu+vkK89zi72yS115ezu3tytRd3Ix6Uc977p21rlP9iEjt1eqVite+kh1F4muJ4t+i1692V+UrHdEqyf6Dk96WjtPSrZRBou8ZNclfLp7nfPKujfVoEC5/H5Rju7h2YRFe2yXZ0Nn9dTiRZtxchnRc/NwalovX6+v6yjmt6ZzzXY5I1PXy3qs5W0hWbZ5tNtdhqclVedYPe93W26r3GyrvGxXVr2n+zBN8voxP5LPoxzdj+XVduacbbfH29HTMASMonn2aYgpk9vtYKWMoBK91DTN5NGSbHzK2m+geD+5NvW4smt7NV31GodD4g4K98YmbZR86Msr1rXvlrjOXutqrurfcadln1Hzez4FQe1cSbNe5EBx3/ylyzWvKJXL9iZ1Wr+3pee10Gp+tZrSYMSwqiWvUtfdVGvm6fW9mlfLt00Wvbfyuidy0aazty5NIs3rIc5Os1GYlj3y2uz56rC37/CIm+Kd42ff3EajwXIvfhPLpbnGqE+qWdKrtjFYFlmsvPhlu688a51IcLhcTauKlBpYJTCAysB0yJOj1zL62nuUldbnWPbOoyGRbqXw0XeWg6lvbUHF6ZrqozPo1CZWccm22cmPrnlj9PI8UVsP94rL+v2Oo4uLe/gI7KQuxyKFTZFTdsYN9Svsfm0peSxvY2BzrS+dsW3JpJxxDhkRYdH2/OLqU75Z1FC8XdI6sjQ20VcwHe7n05mlzlablBRenS61PN5A8bHZqaOTTDVsaZs/qerDWL3lJZfv2+WeHT+9dZ7HGLOekaTT6U9CymQRdiQDuBkRh22R1mZLWnp/dDq/9sleKm2xSgLfGq/Zos0nKamI6S2Xc2tus+KsTuHgqA5OuWE9LXvxCs04yEpbbGS/JKzR0DfHvjI2i2wd4bjhhk6b262FtmtEuUv1y1+K2A9dMW1RJLB5AAbHnZCAU2VSW5pyT1OTXEgyhffB8t4zAUAJJcLdwGEZ2BnnKxK1TgLN6J1p1QNCwcFK5fWJJzSHT3Sa+smKvbbzz5f1tl7ytZ47kYv6cEF7jUjVmjssXWu+mLCgCCQyytkTSOkmDa5N8oBI2KErNviYOUoIlb5F4Ws5x012ikZqZu1F1peW1zo1DcVKbW/4xc85DvcR7xWxE/cBxLR9n45Ojd7Za8B6Ecy54ThpUQkbTu5mfAkWIZyt0ru3nykO12sJgzxdWvP5QYx25t29c/pERoqv66Q9nWAgMTwCrMcmB4Pg2gbX3hXitdThdFm9kjZMy4Xv5wLLz3Y/h1F0SyUIUkFxy5O5g0Em9h2QSIC92z3gO5KdDxxYjTaAQ1+YbsIfythzjmen9fS0yzvg8jR6q4Uum4IWc4sRgHK0j+MH/3LxG5vCL5xfS5wpImufOsUNZrYJYXE+i8fXYAxwYjKP7FLBuEM0dStSouJcU2qap7IThX3zgh51KO9wfFEWQMJ8zOAPZ2soPxocaS6MucYMFuDI5D2PmiiEUQYpcz2us+CQqzMR512+DA2ZDNVeSYu/k9ejIPJ2emnpbq9SvgzwHMhaMRXZOnRpUVa5ZdfOcb0UAPhB8LNK/xX+MiYxcXixtaTlwrTs/G//0tJahSpvZ3zfhf5owKcTrxX5cOs4Dz5hXy6T976v2mqQ5aZzypHBjJbx8ed7tXwxoTrQR7Z0XE02oLhw++tfWngisMgixzrzSiu7NEzXCywe3/5n/U/z5c5Kv9P19Ar/k/ksawcQux99wQ0zmAYy5iZ6fS6wxAthMrswUAg78frgYkxjZzYDhX1veUnKBpGrMqiFnfqX4Ili5GINjDx4QKVRXg1uS8f2J4FSU8Uq/Qv7bXx99nQZ8sGLJC+QBlU+Z21mLPrZ7MGX5klwo0UzwB32Cye5MV536FDfLa3cHcmLMhyNR9ziEC2wwngy5QpSb6xdxgWsXuE1CVb77CkFP8VnhccYs9qO9pl4krmN1jIIxpnkmnDGy4yAC0aVjvfUYzb6V3PZ8gXhcwEIyZ9TFm+j1wuLzuPhMsjdWd8zBAMws24GRA+1NwlwRlmvHelz7Q97qn1iH3Rq4RKvtsWDBhse3gElz+/VpJfH5roEocTdyg77ak1S+8GZzOCNh3V89lXeKvVuwTxlRS9JGMWbyZebdXTC+JiGLorMb0ZEe1P/AMa69EZFCwAA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7729131518783290630
.audrte.com/ Name: arcki2_adform
Value: 7729131518783290630!20210804!1660088091780
.audrte.com/ Name: arcki2_azerion
Value: 99145223-a459-451f-87ef-4c4b5888af1f!20210804!1660088092054
.audrte.com/ Name: arcki2
Value: l55PLc0MVceQ2CEPyq9SBN2dg!20210804!1660088092251

18 Console Messages

Source Level URL
Text
network error URL: https://a.whitefieldfarm.org/gadgets/how-to-scan-food-drink-labels-in-myfitnesspal-when-cooking-at-home-for-more-accurate-nutrition-calorie-info
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Message:
Access to XMLHttpRequest at 'https://i.connectad.io/api/v2' from origin 'https://ja.whitefieldfarm.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Message:
Access to XMLHttpRequest at 'https://i.connectad.io/api/v2' from origin 'https://ja.whitefieldfarm.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://useast.quantumdex.io/auction/apacdex
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://useast.quantumdex.io/auction/apacdex
Message:
Failed to load resource: the server responded with a status of 500 ()
javascript error URL: https://ja.whitefieldfarm.org/change-slacks-default-browser-chrome-firefox-safari-0198402-3864
Message:
Access to XMLHttpRequest at 'https://i.connectad.io/api/v2' from origin 'https://ja.whitefieldfarm.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://useast.quantumdex.io/auction/apacdex
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

094c675ffac230ec34f17222a24de644.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.whitefieldfarm.org
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.co.jp
adservice.google.com
adx.adform.net
ap.lijit.com
assets.a-mo.net
b1sync.zemanta.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
c.eu1.dyntrk.com
c.mgid.com
cdn.connectad.io
cdn.doubleverify.com
cdn.flashtalking.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.nex8.net
cs.r-ad.ne.jp
csync.loopme.me
d.turn.com
d3644149111097611587-t8549987446109609232.id.amgdgt.com
d9.flashtalking.com
de.tynt.com
dmp.adform.net
dmp.truoptik.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
geolocation.onetrust.com
get.optad360.io
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
i.connectad.io
i.e-planning.net
i.ytimg.com
ib.adnxs.com
ic.tynt.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
img-1000557.ad-score.com
ipac.ctnsnet.com
ja.whitefieldfarm.org
jnn-pa.googleapis.com
jp-u.openx.net
js.cookieless-data.com
jsc.mgid.com
match.adsrvr.org
match.sharethrough.com
mc.yandex.ru
mug.criteo.com
onetag-sys.com
ow.pubmatic.com
pagead2.googlesyndication.com
partners.tremorhub.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
ps.eyeota.net
px.ads.linkedin.com
r.casalemedia.com
rtb.openx.net
rtb0.doubleverify.com
rtb2-useast.e-volution.ai
rtbc-sgc.doubleverify.com
s-cs.send.microad.jp
s-img.mgid.com
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
servicer.mgid.com
site2text-2021.web.app
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssp.wp.pl
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.doubleclick.net
std.wpcdn.pl
storage.googleapis.com
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-volution.ai
sync.inmobi.com
sync.mathtag.com
sync.quantumdex.io
sync.spotim.market
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-sgc.doubleverify.com
ups.analytics.yahoo.com
us-u.openx.net
us04.biz
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
vid.vidoomy.com
web.hb.ad.cpe.dotomi.com
whitefieldfarm.org
www.bigmp3db.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
y.one.impact-ad.jp
yt3.ggpht.com
adx.adform.net
cs.nex8.net
hbopenbid.pubmatic.com
i.connectad.io
ssp.wp.pl
103.229.205.242
103.231.99.242
103.231.99.243
103.231.99.87
103.43.90.179
104.16.109.154
104.16.199.73
104.18.19.126
104.19.133.78
104.19.136.78
107.151.10.218
107.178.254.65
108.177.125.156
109.206.161.21
122.248.207.73
124.146.215.45
13.113.235.156
13.215.91.142
13.228.49.83
130.211.115.4
135.125.160.77
141.95.98.68
142.250.206.194
142.251.42.162
143.204.126.77
145.40.88.5
151.101.1.195
151.101.65.108
172.104.70.67
172.217.175.98
172.217.26.230
172.217.31.130
174.137.133.49
18.140.0.140
18.176.247.126
18.177.11.95
18.178.22.21
18.65.168.114
18.65.202.114
182.161.74.11
185.177.92.147
185.184.8.90
185.84.60.30
198.206.157.26
20.127.253.7
2001:df2:a300:bbbb::135
2001:df2:a300:bbbb::136
202.131.200.82
202.131.200.84
202.233.84.8
203.195.121.141
204.93.150.152
205.185.216.10
207.198.113.205
209.191.163.210
209.197.3.19
212.129.3.112
212.77.98.32
212.77.99.29
216.46.185.183
23.106.127.39
23.106.127.52
23.194.211.57
23.194.211.88
23.207.172.244
23.207.98.70
23.227.137.178
23.227.139.243
23.45.52.26
23.45.56.56
23.67.161.242
2404:6800:4004:801::2002
2404:6800:4004:808::2001
2404:6800:4004:808::2002
2404:6800:4004:808::200e
2404:6800:4004:80a::200a
2404:6800:4004:80b::2001
2404:6800:4004:80b::2003
2404:6800:4004:822::2002
2404:6800:4004:823::2001
2404:6800:4004:823::2002
2404:6800:4004:823::2003
2404:6800:4004:823::200a
2404:6800:4004:823::2010
2404:6800:4004:823::2016
2404:6800:4004:824::2002
2404:6800:4004:824::2004
2404:6800:4004:825::2006
2404:6800:4004:827::2006
2406:2600:4::b
2600:140b:400:1a9::4469
2600:1f13:800:7782:22a8:1ef8:27f2:ceae
2600:1f18:612b:4200:28b9:a08b:bd3b:4ddc
2600:9000:21c4:7200:8:48e:53c0:93a1
2600:9000:21c5:9400:11:a4de:2580:93a1
2600:9000:221b:b200:1b:5138:8a40:93a1
2606:4700:10::ac43:2ac9
2606:4700:10::ac43:8ae
2606:4700:20::681a:9a9
2606:4700:3033::6815:333f
2606:4700:3037::ac43:9a47
2606:4700:4400::6812:2962
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700::6813:9f13
2606:4700::6813:ac6c
2620:0:890::100
2620:116:800e:21:6c50:dbee:bef5:203d
2620:1ec:21::14
2a02:6b8::1:119
2a02:6ea0:d300::1
2a02:fa8:c411:12::1140
34.117.239.71
34.98.64.218
34.98.67.3
35.186.193.173
35.186.253.211
35.190.60.146
35.213.109.249
35.213.12.39
35.71.178.8
37.157.4.25
37.157.4.28
46.4.104.244
47.252.78.131
50.116.239.150
50.19.106.30
51.79.234.101
51.83.220.94
52.193.82.11
52.223.40.198
52.46.128.147
52.76.75.16
52.77.10.214
52.95.126.138
54.175.220.103
64.120.110.137
64.74.236.63
66.155.71.149
67.202.105.21
67.202.105.31
67.202.105.33
69.174.120.106
74.118.186.44
8.39.36.142
8.43.72.97
013b73ac29007a03e6299424cc59790134ad880e82afcad50608ba4702055c2e
0301d47f4db06077df52ef4c6a97ee427303032de785033fd4bfc636b0b9ef1d
06dd1d88a862373e4f877625def7ca3671c2fc6f4b79ed17e824dc7de35a9f53
07552d8fb81138474030765c88d7c03a48ae92c218888945ecce2ea83082dce1
08160951a67e92fc24a4a60e73c677ecd45384893082a6372a60d6cf5f954051
0886d4322f9b57aec629193b4cd8bb02b119b46eef5511cbd46647aebaba67a0
0a1b8778f2cbb9e753c6b9a0c96a2ee5f7d6b29d4466fcbef62b275a0e72c747
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7fba521251654385f089e43a68263f57f89321da25dbd457e2595e8727e9d1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c57542efbe53ddc6bf50cb98930f5087c7a7c9684a331ad030828844a2e87ab
0caa7b1fcf47eedfbbc4a51ef8fe913caf1d2bf7eaae6d5ede18bbe1db5e7619
0e40c4701ceb65a543f80f0bbbd6bd31b3555bfda94abdde2b63e0bbde68d783
0e54b6da03221b58355de51049877347487845fd71e5d560d175c473f343b38d
0f83a88370d4fe5f8c47a0539f290974eb281e04f276547cb85a9ccd6233ada3
104f690deff154f20da1f807ca76ed2cab178eddf0475095417bfabdf744e21b
11a08c5124b69d9f4a6fba0097e364a793b8b8d15bdfe291a39733ccd4a0bf48
123678bed00b3bea807b35775fb79dea8046b878161eb7bb32acad82f69247eb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13586586072714e236df6d92c31a101451f66f4324c54bb0ddec1707dd901607
13fbef868d59608ed7991d4cfbaaa8fa8b5c23705c9151de7c1a9f95949f53bc
142b7695a35d9b0574195dc1465345baab6f7cf2e2c0cc871f97d7e2986c5da4
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188d840a3594c84d12b8f6a80503df9ac002b21a788c592edb47efc96f4b0ba6
1a5abb3b5038bd2565021218f2b88d8990f2e6285160778582a2300b8aaabcb5
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c9d00cae7266ce50eea2385273d038ad2e29ca50e5ed472dc95f2a196d65963
1d28f7b90acda6645d0bdc4ac0941ef73d48a77bf0b7e2e3dd491ad76820fde4
1d79e9ac2a9c3ab9a954ace7a5a3b94e9306a0563228866b273dcda2ea6c5904
1eaa57f201fa75498264a3132e4911f3bb19d5ef22017628f880549fa1006756
1eee34931cf505455f8eec63ed94483b298da6e0c3f636afe43a837662996b4d
20c6dd37553ea057b90058b7effacee6bb3306f168d74911e6ab6306ebe67e6b
226335a7ce31bdf9e5c6cb95ff3e06eab3c90ea531f2b255903bd5ca2a9d316b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
259d433ec48f71c8b07f569bd85ccc1a9bfdc0c1d2901b99b19f60c2f28ce381
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2816c4b7db98789ff234ce74e26c93f64bcefbb8fe940198ce98ee680fd3bd07
2850233ba3860983b553e2e618ba8d4975f787aca0e2eab9350fb594e7339119
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29f98ea37416e169232cfb0a0ba1ee5d12ef92412c7052184b4b06da6b8749a8
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c
2a68a21ab231a757d22cb335367ea6a285b9394d3dbb2e8d111c550941287e14
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c7e0757a6250d89a527da1bf393cc8b60b15781363ac2a61b76eb46b1120736
2caa6410957655179d0b3e7f1dcaa9ea3dd7ce6830709ac9b665d73f48502f1c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6939db7d00f39c07994b3a5884cfbef0f51cb08280065a8912abcf10011511
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fba181120a67efa8848bf01cfe5098a49a42882f702c0e1a341fdefa3d6af02
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
31bf3b2278eaa2e0b262e65c6ecd7beb98f3c80b21b9950f43686b19d9687388
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
354f855ea5325a5e54ae49175da8c615ec8e1f1998974db7e003acc0dbb05295
36a368ba7810253a11eb30199fb05fe6c11a7ac87dbbcc5a546541807ac43f03
372feb3d5891ce97a07976325c10b06048a65fd566adeb45bd5a393c681e82c2
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3ae7bc88db0b662061872c8664f3897ee41aa272671cf181cbb7176ea226d0cc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d3809c8283414db2495ab27c57e426b68a10d644301c28bf72e8d56ac63246a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fec7fbabd2358ced6754aa094e5bbb9c978903a112f90c90aaf54bbfd06ba05
4075e4e380188626166832e49f139f780a4d7a98a12cd8d83ef1aac70fc57489
41c5aaea878c5ce45b806e64e7298005d6e3733c246409daf4b54094949fcd2e
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
42bd1d17901bbde0ea942d512738e20ad6c140b62c08455d526530bf95959a7f
43c5368250016efff42701a60c29938e5ca1e8518fd38f3e64a3fd5a3f781db3
44c14ecd34f986d1c49072a4d32ed46c88a94df128cb415a66a827c034bd7210
46f359fe3ed15f8fb56bc6806ea1ed8e534325a27aa68725d8f8e356ff315002
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4984f51b52823b9b35860cb29dbc1a7566d0d3d9abd0af165953d8d7910fe8fd
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7173d2da32cdfd1e31e4a14c07f7b19f8f68b401a3fce67ed6dcd86a25b3ee
4e72483b168c7352401a821794ef05acec46d5cd53c0995ac79cb364e3b135c6
4f82334a8ed3f147188fb2d0440fe44d07dbc7b225865e139efed3972264019b
4fe62e0b54762041c8e3a80416e0bb922ce2ae5bb5c1059c31944798abe2f125
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f6aaa20663a8d3b40293f99ff06d53ff9a901d4282becf40bb73824a307b2b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
587176122e108ed332c0859d4cb01ea2e175333084e4d94cd60574eb546a2438
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c5b1b621d142848c268a045165bd453dfbba25bbda05c8406bbc39c2e09b42a
5e45828a27d213880a1d4354e525ec48552dafd2612d9470ea1ed3e56b90edcd
5f7dd14b2cc5f418f1a0c63bd633695258fce0873858d74eba4ff49c238221cc
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63210ee7345c648e3c4ba07138b8b1c1e5c4148fad409d8e03fa3ebc30d9e879
63324a9091ee8fdb9afc8be286379501585c6c769cbcfa34620e001e4cf83375
6368a42091cb825220321f88778298ffbb6d3b400cba1964bedf03c0ec9185e5
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
643942a00b0c0700ad1d39d440c61776f2cb6d3d1267830dc128637e15ecf9fd
6523aa5ea27ec3233bd04f0a56fec204eab73617f4e0428f0c5a60b396daef1d
65408f28aaf4bab5bfd42c821f5dd1275a83f16c60d7201c304ddc941b882ec1
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a973a7aa9531456f7a0c043f5c144e71733aa7a300df1954d23d2a1e00c887
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a2854b751ba10a622ce27921434ccaeffee32a597d309f8f16aca6b0e0d6da1
6a75b6a3153f0ffdb7bc4e230463cddfb47bcbd844ef486458ec09c1a370dfa0
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6af06cd6710b3235cea95d098252bcd3a06d213c75ca13b3dfa345e3e980dc24
6c3a8c380958a639986c888b9da7b88dd75c064e2a0eedd979208cc695663033
6dff4a68f0a11c3ef2f5286a72889a7a8a910fc0d13c5328416f6c0ccc14cae8
6e253cf7acddf63a5c639b4e2678871aa7b51bbf1d63f415c8d7b93b98b57e94
6e95c48d84d75d5c58fec42a82dfadb6367ee9d7a8ccc1a3842698f656b7518a
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b
7265215d77388785b72f2f3ceb96942cfc17625efcdbc6cceba71e29c0678133
73acb571774e5c15d702f41f6b4098f1f2ebee3232e56e860133fbf80c1775cf
76cfcf2c665f5086038fdccbde63b47b72e8dd78dc4ca9e02728f8cb33d178b0
7877bc3fd94d080970c42f06c680971a7ebb04fadd3da1a6a95d37c17167c902
792600e8c19fd464fe8161b23dca30303f9e8e17e1ad836ea13e71ae15ab104c
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7bfccadd27bf1b29a2cf5e173e0b4c31288f3188b3f23f7c75d19cc49cf88ccf
7c4843043d9a96f090948b52a4067782773900e5dba4d25863f9dc382930b074
7dc28da001eec47497c19930b0412d6819ef0edc8234c8530842d38320c9fb5e
7de2578a55c9fe846430dcb85c8447a13a9a83a8bc038cf6d98e2b9b82f76cec
80680a0cc000c57b92cf516ab83073867ba502b699143c1958f0ef3d574ac618
8117214b8d7bbf5a727a6097bef32047201d4f553869f741e2ae21dd4c65b2eb
81861539f51c4904fd2e74230fb9aadf2445f7372b61406101ef0cdc5ef29287
81cff52f24eb90ebd0d726764eaca43cc2435bb027f22c72608d3aed90b21630
828a03e1705c50fc7081016098437e3fb06fef300157377997a4527fd24e0c14
829b2e5f9ad57db3bb1db1e6a42ac0c2794218a07ff86ccbcf619f8b1ef05455
83a0a40126f07091df697ced05289afff8e8a5bdd9ee1cf7cca767ba65f39fe3
84b013cf00dd4007f0d89c21d34795676a73aeb794872fc1e7de9057ed051357
84b1ad47dbcadfc398bdb4e136679f275ea9b2d60f2c9debd0ec50cda3a54597
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
87d4497c37026bb603e65ad64bd9913cdd0197c6a2172aae89271add2267712d
888e60dfbddafb5ba4f84d21cd7e978a42df3fe39ae46ddf80b1b6cd413f5e07
897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be
8bdd7a99ce4d1a9a3898fcf83f7e3427e0af1cb806874c46860cfaea59e6f44c
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
8e8315af11defa31ce48a1417d64612996580a51455e5839dc9002f9eed44984
90e29ba7e805d1917c895a2f432a442dd7eccaafacb55fa65112ee1ba6801fe0
9308eccc38bfbf2759108949db83c324faa3fe950a326d35e8c370ea3526a50a
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
95321277b83ecb5c82334d5a5d56330bf0030a7e841fce527b775d89f7ef7591
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98fc92094eec30ef4531d6e21f178dbe6384da8c4362e776bc15c9b73fbcc338
99185e7f650e6050a018a4e3b33a0eaee5a29a0d82677be51791be31c910a42e
99f510abb98f7a89a8049de01a947b1cf31af3a333c2a33f4e79d09674668d60
9a322891cb1e67a7ad76e437ac86ba96fd0bb80561cbb75866d68845ba71f708
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9d4b7c55366c896b1e9c7f4fa3fd5ff9c72ddaa411f6579654321d0d96f95795
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a154eb01762076ab27f8f38f4afc734ff8bb401a9ae4ab708b413bd259ff3af8
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b38278f29cc95e60e6e6bd0a7ea21dd9bde1edebbca065c4e4a2b997360cff
a969589ff81b3fc225b612adcd1c6fdf1d05d81f9899a7b83027b78f83896eca
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaa6f57fc1512e6edf0f8cbef9b14486ed3bc8f424cf78675f1fbcd989e3cb6e
ad91c17d164dfd6ea06c68bf9058d67634a412f4b2cb8db1b7be4de9a102734e
aeaf59f3a8b2e4208d35b710d8cecaf6445cccf38b8badcec8fe389744fb11b9
b02624bd72d952430302ced79bd9e7991a503024d1c9b054353255ba970ab96e
b0812c789460cf23fcfe260b3e4cc5963609470cb344bb88a59cd6ac5b942f0d
b0e901ace1d77240a604c68770b316a0df3843d1663c9f19db2cba3848a541e9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16f7d5ae841d08de58618a110060f5e2febe0c9f61e2478e084ab5268e21100
b2012672f6ec3b497cb4d30d45f6555e299a16c20a152fb95ccad6bd1bf02dc9
b3511de2ac9048582e02efa4e3e56f9a94fb56a3929ce3eaa1b27d168b471bf0
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b506b2f896f0116922c3b921067e013458f1dfbef1549502a405c11c60080048
b5114ae1a6562fda7a6b289340ecb82f6b4ab9eff14d611da81447eabdcdd71b
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b627af885611afd4c78f288d48373186a444993b8240d44fc4bcc82e559b7caa
b65830137a22cab6f6008c8c614825cbc56738a727ab4e3c3d3ca56b12804372
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
b98fad6fae2a50ee223ecd47362981da5b104b56ffa73d68e1f51c238aa00942
b9d7bdcf763dee0f01d17a60ec587e6a07a0fbaf346ea260750b5f5b53b06950
ba83bdef33ff73f84e3c3e317fb1d88a65628c45e2e60cdc4ba3e9af534650f3
bc35c21e8d304042ac4e9fdb53911115e4e5bacb2b251ad80fb7cf375e785cd7
bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c0ed523cd334723390c5ae344afe1701c26066af1cf53f6330aaf48fa17116fc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c4b89933724022e4fd02f87a5fc36a60587a85d9dac2c0b22477271ceae9e8b8
c86a8687bc1e03e605eb42b4744656fe2e6b8e7fe44383dd66dbfbeb575a1561
c885d09c67f074e17adb6e47d981e655c6e2a1bab2299155babccf73f627276d
c9aadd4cc0fa1091dd6243cda1d71510d9e0f975a9e3884d4a2e1c9e1d167b2a
cb1cc7bf6bf1540d98ab34cfadb0878017d9b13ecab4be1a25df6c039024367a
cc71a1e2c8079327dc1e8eac20270e940747a37c3dee7f94eef50c55da74262a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf3066ae0f310d92ab03e8e82bed2b83c3638ce29164b608ded07ba2ab0e50b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf64075ab8939b87a2c6f5f2adabc455bee251c249328dd3224becd5463f5118
d10f5cda8e6731ffa31d49f9e3719e6938e380174961af19123fd8da8e1a7d80
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d1b0bf30bc503e5fca64e6df81c1cc3800377ad8eaf23572dacaeff26939d912
d245b3901ffeec689926bb1dc288de6d16ae037201bd4e9aacff38fe59d22841
d35c30ae2901505983e0642afe1d502057c532c660192e608c0ffd37cd1b04f5
d3b7a6bf69cf0047df0397d67b434e5635d70917a729873c00363b20afb03840
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
d56a4f80da2e08d0456eee4c711121b01dfb8dc573df3284c8336ac5cee9ea8c
d5a469505c40cb7c2baf734dea5e4b8ff06d743483b824bedf66eff2e647d740
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d732269027f880b499bd5312ebffd7aabac63bd5387a7f8ebaf390e14f186ad2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8d4519b455cb6e93efca091c535c7f31b0a071000e75ab139cb4a7b66390aaa
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
dfcf158df1b618640db4e06a6dedfd8d3571855af7020d2f3e999086882587d7
e181e8622373092543c3101777d860a1844039480812b72116d1abe3be5cd65d
e21f3da4cfe64362b05dcce6a52d8e96da9a52ab19a5ef0e0bd97370deb51b60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fbf34db01d4d192292780a85bb0c4827a276c12873f0b51d9c9262e47ab39c
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e5eb562a62f05ad2458eb2c58985ef9757d98e90ca119a8f5d71ea30473ef77b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
ea0829f0770b5c3a4faae6697cf5bcd049ac75bd24d774c83f306801a5243d19
ea4fffc46b7730f98913fbf2ee479f39383747aec5354a287dac6e4ce304c142
ead4302d128d5d8b01149cc5317bd395901426f15fa72e3625c45a3dcb20776c
eb48532debb7b68b1b82705b7d68ec6dda2eb4177ee9f02099fe55a5e6929836
eb74f5caf9c4ac50eb9986ee2404b3da9211db0c413cbfa6afa8fc2a9fdcac0c
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec5b0f44b50e06bd3aa0a97e2fe26482149abcb11ce8bb487b8c9f6030071cf1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea479d7390ceb4cde665e0596b51665640fa688991b289771812f428ea93aaa
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03c90ac26b39d36ff176e8696f36e8b7f19f5d82180c060bbae7a7f935eb9b9
f114bc4dfd57ad127b1dadf2dab0b78b89d3765838331b4bad496ca3e3b210b4
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f421e29bff2830c8a4e2fea5880e391c6108e893ab62a99c19b56872af3809bb
f470c7c4d2e7cbf4422a2a040d3213698b9dfcc795195cc92c977e011b31d822
f47196a16879644f6201493591480c95a14a724d889eb17b26316d5c4b37645a
f66dd64864abbe7d329dd2f81c05bf0a712b48a079608d48132606a1a83b56d1
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f84c26ffa26fbe5aa31a3d727273d18cbb8e8516c992e422777bb45d87376ae2
f8937d38b059e5810978444b74117d48e11e4b7473be1160e505437358c48a73
f9397b38c72e2c54a33f4e858db39b4b996ece980640c25e9fdc74683f45f1fe
fc39ae678ed5b8bfc8baf5842ab49065bcf1f974a9a679c5dac6aee45fe65b30
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520